2. Google Umleitung auf "secure.bidvertiser"

martinalejan · 16.06.2012, 23:08

Liebe Community,

ich bin weder verwandt noch verschwägert mit dem Autor "Ordensritter" des threads "Google Umleitung auf secure.bidvertiser" - aber ich habe exakt das gleiche Problem :

-------------------------------------------------------
Zitat :
Ich fürchte, mein Computer ist von Viren befallen. Der Grund meiner Anmeldung ist der, dass ich bei einer Google Suche regelmäßig umgeleitet werde, fast immer auf die Seite "secure.bidvertiser...." bzw. dann weiter auf Seiten mit irgendwelcher Werbung
--------------------------------------------------------

Ein halbwegs normales "googeln" ist kaum noch möglich ...
Mein PC läuft mit Windows XP SP3 und ich habe dieses blöde Virus bekommen, obwohl ich "McAfee Total Protection" korrekt installiert und bezahlt habe ...

Jetzt bitte ich einfach hier um Hilfe - die Expertenratschläge sind in diesem Forum echt kompetent - und nach dem Lesen verschiedener threads muss ich auch noch blöd fragen : wie genau kann ich die .log-Dateien hier posten, die ja immer nach jedem Schritt von Euch Experten angefragt werden (ich bräuchte da bitte eine ganz genaue Anweisung).

Liebe Grüsse und schon jetzt vielen Dank

Martín-Alejandro

EDIT : ESET Online Scanner läuft gerade (NUR .log Datei, NICHT Probleme entfernen und mit deaktiviertem McAfee) und ich warte ab diesem Punkt auf Anweisungen und werde nichts mehr eigenhändig machen - versprochen !

... jetzt habe ich Eure Seite gefunden mit den Infos (Defogger, OTL, Gmer), die Ihr braucht. Ich habe ESET Online Scanner abgebrochen und poste dann die Infos der 3 Programme ...

Defogger :
ist normal gelaufen bis "finished"

defogger_disable.log :
---------------------------------------------------------
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:58 on 17/06/2012 (xp)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-
----------------------------------------------------------

OTL :
ist normal gelaufen, ohne Fehlermeldung

OTL extras.txt :
---------------------------------------------------------------OTL EXTRAS Logfile:
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 17/06/2012 2:47:41 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Documents and Settings\xp\Escritorio\VIRUS
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.69% Memory free
4.85 Gb Paging File | 4.17 Gb Available in Paging File | 86.01% Paging File free
Paging file location(s): c:\pagefile.sys 3070 3070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 149.05 Gb Total Space | 30.22 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
 
Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.reg [@ = regfile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP" = 5985:TCP:*:Disabled:Administración remota de Windows 
"80:TCP" = 80:TCP:*:Disabled:Administración remota de Windows - Modo de compatibilidad (HTTP de entrada) 
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Archivos de programa\Yahoo!\Messenger\YServer.exe" = C:\Archivos de programa\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Simulati\PATRIZIER II Gold\Patrizier 2.exe" = C:\Simulati\PATRIZIER II Gold\Patrizier 2.exe:*:Enabled:Patrizier 2 -- ()
"C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe" = C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Archivos de programa\Anno 1701\Anno1701.exe" = C:\Archivos de programa\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)
"C:\Simulati\simcity3000\Apps\Updater\UPDATER.EXE" = C:\Simulati\simcity3000\Apps\Updater\UPDATER.EXE:*:Enabled:SC3UpdaterMFC -- ()
"C:\Archivos de programa\Steam\Steam.exe" = C:\Archivos de programa\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe" = C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs -- (Blue Byte GmbH)
"C:\Archivos de programa\Anno 1701\Anno1701AddOn.exe" = C:\Archivos de programa\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01 -- (Related Designs Software GmbH)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Asistente para transferencia de archivos y configuraciones -- (Microsoft Corporation)
"C:\Archivos de programa\RoteListe\bin\pythonw.exe" = C:\Archivos de programa\RoteListe\bin\pythonw.exe:*:Enabled:pythonw -- ()
"C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Archivos de programa\Google\Google Talk\googletalk.exe" = C:\Archivos de programa\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Archivos de programa\Motorola\Software Update\msu.exe" = C:\Archivos de programa\Motorola\Software Update\msu.exe:*:Enabled:msu -- (Motorola)
"C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe" = C:\Archivos de programa\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs - Reich des Ostens -- (Blue Byte GmbH)
"C:\Archivos de programa\eMule\emule.exe" = C:\Archivos de programa\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Archivos de programa\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Archivos de programa\GameShadow\GameShadow.exe" = C:\Archivos de programa\GameShadow\GameShadow.exe:*:Enabled:GameShadow -- (GameShadow Ltd)
"C:\Archivos de programa\GameShadow\GSDownload.exe" = C:\Archivos de programa\GameShadow\GSDownload.exe:*:Enabled:Downloader -- (GameShadow Ltd)
"C:\Simulati\East India Company\eastindia.exe" = C:\Simulati\East India Company\eastindia.exe:*:Enabled:East India Company Application -- (Nitro Games Ltd.)
"C:\Simulati\East India Company\piratebay.exe" = C:\Simulati\East India Company\piratebay.exe:*:Enabled:East India Company Application -- (Nitro Games Ltd.)
"C:\Simulati\XIII Century Gold Edition\engine.exe" = C:\Simulati\XIII Century Gold Edition\engine.exe:*:Enabled:XIII Century Gold Edition -- (Unicorn Games)
"C:\Archivos de programa\ICQ6\ICQ.exe" = C:\Archivos de programa\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe" = C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{048CDCD6-124C-11D3-825E-00C04F6843FE}" = Diseño de fondo Hojas verdes
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Ayudante para el inicio de sesión de Windows Live ID
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{0FF3A504-4705-11D2-B55D-00609733EA48}" = IS Scan 2
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{126A2BF4-FF8D-431D-9D5F-DB40255DE069}" = Rush For Berlin
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1E187923-04E5-4E1F-9BF2-40E32D93A1C4}" = HP Color LaserJet CP1210 Series Toolbox
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26DDB12A-CB5E-4C0B-89AF-817CA0E59CC9}" = HP LaserJet Toolbox
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28F46DFD-F535-4306-BDEB-C5E7FCA2026E}" = Windows Live Sync
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BCD8416-F432-4642-BF33-582720A0265C}" = Windows Live Writer
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Betaversion)
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{309B6FB2-F132-4DF8-9CDC-33D1169EE47B}" = StarMoney 6.0 
"{30C4DDA6-1247-11D3-825E-00C04F6843FE}" = Diseño de fondo Tela pintada
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{33549D3C-8EA6-4E96-8B8B-550817438FCA}" = LOADSTREET Perfect Startup
"{350C9C0A-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{38A0481D-544D-4C01-BB32-39332391D012}" = Windows Live Call
"{39CE3C17-846D-4D9B-8B3E-C01A4B90FB73}" = Virtual Earth 3D (Beta)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{47CC11F6-124A-11D3-825E-00C04F6843FE}" = Diseño de fondo Río oscuro
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5100250E-124B-11D3-825E-00C04F6843FE}" = Diseño de fondo Estrellas azules
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53480060-85DE-4F43-9AFE-6E9D8FB8F2C1}" = O&O SafeErase
"{53480230-2DE4-44A9-919C-39381946614F}" = O&O UnErase
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{625BD732-ACDF-4552-BF22-98EBB413B6F3}" = McAfee Shredder
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{651CFCEE-1249-11D3-825E-00C04F6843FE}" = Diseño de fondo Rayas finas
"{66D82F7B-CA1E-4368-963A-33A097929645}" = Windows Live Mail
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{722EAE80-82CB-42D4-87CE-38D849D99AED}" = Guía Campsa 2005
"{74299A64-3EB6-4260-AAFB-8DC62A70E85E}" = Football Generation
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7A4C82FE-1248-11D3-825E-00C04F6843FE}" = Diseño del papel tapiz
"{80A29FE1-4390-4996-B213-EB703832D8B3}" = Galería fotográfica de Windows Live
"{821DABD6-26F2-49E5-AE55-40A589ADBE6D}" = DER ERSTE KAISER: Aufstieg des Reichs der Mitte 1.0.1.0
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{853BAA28-5C1E-4678-ADAC-6A37B8A526AB}" = Windows Live Essentials
"{85AC0FFA-643D-3103-9310-7086ECB0C36C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen
"{90BE577A-41DC-4D1F-A91B-6C8D14CCA783}" = VI Vademecum Internacional 2005
"{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten
"{91077588-AC04-4886-B20B-C8CF1A122F27}" = The Guild 2 Venice
"{91110C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92170C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002
"{922D9CCA-4317-425F-9AA5-94829DF8BA6D}" = Motorola Software Update
"{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9850E3EB-69A6-428C-9A23-C64E650809CB}" = Cliente de Windows Rights Management con Service Pack 2
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}" = Victoria 2
"{9D7F1E46-0E63-11D3-8257-00C04F6843FE}" = Diseño de fondo Baxter
"{9DEBE760-F2D0-11DD-6784-0195548618BE}" = GameShadow V3.0
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2172ACA-FFA8-4808-BD20-08565C7390F9}" = OGA Notifier 1.7.0105.35.0
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A6C8DB55-F380-44b6-8EC5-5B65DF25F068}_is1" = XIII Century Gold Edition
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1" = Auslogics Disk Defrag Professional
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B1544704-124C-11D3-825E-00C04F6843FE}" = Diseño de fondo Bumerán
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4B6D789-EF42-39D5-B36B-A1282951E0D5}" = Microsoft .NET Framework 4 Extended ESN Language Pack
"{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV
"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BD1BBE79-BB25-460D-A2BD-D496A5E13786}" = Windows Live Messenger
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDEDB104-4067-3D5E-81F0-DBEBFE856B45}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ESN
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBDF2C61-C3C9-4AC0-9415-B4502A930DCD}_is1" = Titanic: Der Tauchfahrt-Simulator
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D2BD3C8F-9D7F-472B-BDF9-7309A5CB813A}" = Motorola Driver Installation 3.5.0
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte)
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EB4E949B-B9E4-42C7-9D80-44DC71588BC7}_is1" = Vademecum Internacional 2006
"{EB4E949B-B9E4-42C7-9D80-55DC71588BC7}_is1" = Vademecum Internacional 2007
"{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 con compatibilidad hacia atrás con cliente de Windows Rights Management
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BA5720-E189-11D4-9EA1-0050BAE317E1}" = PowerVCR II
"{F286EFDF-417F-482E-828C-9A05BF93FCB8}_is1" = Rise of Prussia
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extensión de HighMAT para el Asistente para grabación de CD de Microsoft Windows XP
"{FDE0D0EB-486C-48B9-A6B5-4BEAA078AF73}" = Medieval Lords
"{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney
"AC3Filter_is1" = AC3Filter 1.62b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Aggression - Reign over Europe_is1" = Aggression - Reign over Europe
"Airport Inc" = Airport Inc
"Airport Tycoon 3_is1" = Airport Tycoon 3
"All ATI Software" = ATI - Utilidad de desinstalación de software
"America" = America
"American Conquest - Edición de oro" = American Conquest - Edición de oro
"Anno 1503 Calculator" = Anno 1503 Calculator
"ArtMoney SE_is1" = ArtMoney SE v7.22
"ATI Display Driver" = ATI Display Driver
"AutoCAD 2008 - English" = AutoCAD 2008 - English
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Bink and Smacker" = Bink and Smacker
"Birth of America_is1" = Birth of America 1.09
"CCleaner" = CCleaner
"Cities XL 2011" = Cities XL 2011
"Citybuilders - S6 Szenario - Siedler 6" = Citybuilders - S6 Szenario - Siedler 6 1.0.0 
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Corel Applications" = Corel Applications
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Crown Of Glory1.2.25" = Crown Of Glory
"Crown of the North" = Crown of the North
"Device Control" = Gerätesteuerung
"Die Gilde Gold Update v. 2.06 " = Die Gilde Gold Update v. 2.06 
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"Digital Camera Enhancer_is1" = Digital Camera Enhancer
"DivX Setup.divx.com" = Instalación de DivX
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.2.0 Beta Ghosthunter release
"EarthsimChannel" = Earthsim
"East India Company + Pirate Bay Addon_is1" = East India Company and Pirate Bay Addon
"EAXSet" = Creative EAX-Einstellungen
"eMule" = eMule
"ESET Online Scanner" = ESET Online Scanner v3
"Europa Universalis II" = Europa Universalis II
"Exterminate It!" = Exterminate It!
"ffdshow_is1" = ffdshow [rev 2322] [2008-11-14]
"For the Glory_is1" = For the Glory
"GamersGate Downloader_is1" = GamersGate Downloader
"GameSpy Arcade" = GameSpy Arcade
"GameWiz32" = GameWiz32
"getPlus(R)_ocx" = getPlus(R)_ocx
"Glory of the Roman Empire" = Glory of the Roman Empire
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"I am an Air Traffic Controller3" = I am an Air Traffic Controller3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"KnightsAndMerchants" = KnightsAndMerchants
"Lament for the Queen_is1" = Lament for the Queen
"LHTTSSPE" = L&H TTS3000 Español
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Virtual Technician" = McAfee Virtual Technician
"MediaShow" = Medi@Show
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Extended ESN
"mIRC" = mIRC
"Mobility" = Mobility
"MS Access 97 SP2" = MS Access 97 SP2
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"myphotobook" = myphotobook 1.0
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = Nero Media Player
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"OpenAL" = OpenAL
"Patrizier II Gold_is1" = Patrizier II Gold
"Police" = Police
"Port Royale 2" = Port Royale 2
"QcDrv" = Controlador de Logitech® Camera
"Queue" = Queue (remove only)
"RegClean Pro_is1" = RegClean Pro
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"ROTE LISTE® CD" = ROTE LISTE® CD
"SimCity 3000 Unlimited" = SimCity 3000 Unlimited
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"SPEAKER" = Creative Lautsprechereinstellungen
"ST6UNST #1" = Bomi's ANNO 1503-Tools
"ST6UNST #2" = AnnoEinstellung
"ST6UNST #3" = ATCsimulator2 by AEROSOFT Corporation
"SysadmV10" = Sysadm
"SystemRequirementsLab" = System Requirements Lab
"TextBridge Classic" = TextBridge Classic
"The Tudors 1.0.9" = The Tudors
"TISV10" = Tis
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Victoria" = Victoria
"VideoLive Mail" = VideoLive Mail 4.0
"VOX 3D Planer_is1" = VOX 3D Planer
"Warzone2100" = Warzone2100
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Webpage Capture" = Webpage Capture
"WebRipper" = WebRipper 1.25
"WIC" = Windows Imaging Component
"Windows Doctor_is1" = Windows Doctor 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Reproductor de Windows Media 11
"Windows Mobile Device Handbook" = Recursos de Windows Mobile
"Wine Tycoon" = Wine Tycoon
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 3.74
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wolfschanze_is1" = Wolfschanze
"World War One Gold_is1" = World War One v1.0.8
"XMedia Recode" = XMedia Recode 2.2.9.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Companion" = Barra Yahoo! con bloqueador de ventanas emergentes
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar
"YInstHelper" = Yahoo! Install Manager
"YRefresher_is1" = Yrefresher 1.00
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"961737271c92f180" = GamersGate Downloader
"ANNO 1503-Szenario - BEC 2005 - Der Neuanfang" = ANNO 1503-Szenario - BEC 2005 - Der Neuanfang
"ANNO 1503-Szenario - BOC 2005 - Eiertanz" = ANNO 1503-Szenario - BOC 2005 - Eiertanz
"ANNO 1503-Szenario - BOC 2006 - Transportmeister" = ANNO 1503-Szenario - BOC 2006 - Transportmeister
"ANNO 1503-Szenario - Prinzessin VI" = ANNO 1503-Szenario - Prinzessin VI
"ANNO 1503-Szenario - Weisse Sonne" = ANNO 1503-Szenario - Weisse Sonne
"Tower Simulator" = Tower Simulator
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16/06/2012 4:16:08 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 4:21:16 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 8:56:22 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 9:01:43 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\mcshield.exe
 took longer than 90000 ms to complete a request.    The process will be terminated.
Thread
 id : 1804 (0x70c)    Thread address : 0x7C91E514    Thread message :      Build VSCORE.14.4.0.387
 / 5400.1158   Object being scanned = \Device\HarddiskVolume1\Simulati\ANNO 1503 Königs-
 Edition\InselEditor\Landscape.exe   by C:\WINDOWS\explorer.exe   4(0)(0)   4(0)(0)   7200(0)(0)

 7595(0)(0)   7005(0)(0)   7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 16/06/2012 9:19:24 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 16:10:24 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\mcshield.exe
 took longer than 90000 ms to complete a request.    The process will be terminated.
Thread
 id : 3916 (0xf4c)    Thread address : 0x7C91E514    Thread message :      Build VSCORE.14.4.0.387
 / 5400.1158   Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\snmpapi.dll

 by C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe   4(0)(0)   4(0)(0)

 7200(0)(0)   7595(0)(0)   7005(0)(0)   7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 16/06/2012 19:55:28 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 20:11:20 | Computer Name = MARTINAKILB2 | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed.  Engine returned error : 8
 
Error - 16/06/2012 20:13:06 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
Error - 16/06/2012 20:36:31 | Computer Name = MARTINAKILB2 | Source = Application Error | ID = 1000
Description = Aplicación con errores: mchost.exe, versión: 5.0.185.0, módulo con
 error: McMscShm.dll, versión 11.0.669.0, dirección de error 0x0005f682.
 
[ System Events ]
Error - 08/06/2012 6:23:49 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio Realtek EAPPkt Protocol no pudo iniciarse debido al siguiente
 error:   %%2
 
Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7002
Description = El servicio A4SII300 depende del grupo  7Parallel arbitrat y ningún
 miembro de este grupo se inició.
 
Error - 08/06/2012 6:43:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio Kodak Camera Connection Software no pudo iniciarse debido
 al siguiente error:   %%3
 
Error - 08/06/2012 6:45:26 | Computer Name = EE96E591A11547D | Source = DCOM | ID = 10010
Description = El servidor {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} no se registró 
con DCOM dentro del tiempo de espera requerido.
 
Error - 08/06/2012 7:37:45 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 7:41:32 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 7:46:48 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 7:51:06 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
Error - 08/06/2012 8:38:16 | Computer Name = EE96E591A11547D | Source = Service Control Manager | ID = 7000
Description = El servicio SASDIFSV no pudo iniciarse debido al siguiente error: 
  %%183
 
 
< End of report >

--- --- ---

--- --- ---
---------------------------------------------------------------

OTL otl.txt :
---------------------------------------------------------------OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 17/06/2012 2:47:40 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Documents and Settings\xp\Escritorio\VIRUS
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.69% Memory free
4.85 Gb Paging File | 4.17 Gb Available in Paging File | 86.01% Paging File free
Paging file location(s): c:\pagefile.sys 3070 3070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 149.05 Gb Total Space | 30.22 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
 
Computer Name: MARTINAKILB2 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/06/17 02:37:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Escritorio\VIRUS\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/21 21:17:10 | 000,795,600 | ---- | M] (McAfee, Inc.) -- c:\Archivos de programa\McAfee.com\Agent\mcupdate.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\mcshield.exe
PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/08 13:59:50 | 000,419,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee\MAT\McPvTray.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/14 04:18:57 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/29 17:06:10 | 001,077,248 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/01/12 03:09:28 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe
PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Archivos de programa\Logitech\Video\FxSvr2.exe
PRC - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe
PRC - [2004/04/13 06:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe
PRC - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010/04/13 20:11:16 | 000,077,624 | ---- | M] () -- C:\Archivos de programa\McAfee Online Backup\librs2.dll
MOD - [2009/07/20 13:27:14 | 000,017,936 | ---- | M] () -- C:\Archivos de programa\Logitech\SetPoint\khalwrapper.dll
MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Archivos de programa\WinRAR\RarExt.dll
MOD - [2004/08/14 04:42:20 | 000,036,864 | ---- | M] () -- C:\Archivos de programa\mobile PhoneTools\WatchDog.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/23 14:36:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/19 08:21:16 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/05/07 20:52:47 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/03/23 18:06:38 | 000,880,128 | ---- | M] (Nero AG) [Auto | Running] -- C:\Archivos de programa\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\extit.sys -- (ExterminateIt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/11 14:29:16 | 000,064,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/06/17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/03/30 23:46:20 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008/02/29 03:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007/10/23 11:45:00 | 000,269,824 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
DRV - [2007/09/29 05:05:59 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/09/05 13:35:46 | 000,377,920 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A5AGU.sys -- (A5AGU)
DRV - [2007/07/05 19:04:58 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/06/20 15:57:46 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/15 11:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/03/17 16:02:22 | 000,053,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV76.sys -- (SSHDRV76)
DRV - [2006/08/27 15:58:06 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2006/07/25 11:27:16 | 000,357,568 | R--- | M] (THOMSON Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BT4501G.sys -- (BT4501G)
DRV - [2006/03/26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 18:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/23 18:15:58 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/03/23 18:15:56 | 000,033,536 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006/03/23 18:15:56 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2006/03/23 18:00:28 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2006/03/20 18:34:56 | 001,452,032 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\p17filt.sys -- (p17filt)
DRV - [2006/03/13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/09/01 12:03:04 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (Imagedrv)
DRV - [2005/05/27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/04/07 10:53:36 | 000,028,164 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2005/01/10 19:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 19:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/11/05 17:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/10/08 12:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2004/08/03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/05/13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/08/19 17:27:20 | 000,333,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2003/07/16 22:28:02 | 000,017,142 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CBTNDIS5.sys -- (CBTNDIS5)
DRV - [2003/05/22 18:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2003/05/14 16:01:42 | 000,062,673 | R--- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2002/09/26 14:41:58 | 000,029,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp)
DRV - [2002/07/29 14:15:26 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2002/07/29 14:14:00 | 000,424,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) MEDION (7134)
DRV - [2002/04/19 02:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/04/16 14:56:20 | 000,004,608 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2001/08/17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1999/09/27 10:47:34 | 000,014,656 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BjsPort.sys -- (BjsPort)
DRV - [1998/02/26 15:10:28 | 000,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\a4sii300.sys -- (A4SII300)
DRV - [1996/02/26 19:44:18 | 000,006,144 | ---- | M] (Corel Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\crlscsi.sys -- (crlscsi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, = 
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {21975B79-4ED1-4A5E-BA7A-948F9C16025A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{21975B79-4ED1-4A5E-BA7A-948F9C16025A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLD_de
IE - HKCU\..\SearchScopes\{42DE7406-9A42-409A-A612-CC489BD23278}: "URL" = hxxp://www.rtl.de/websuche.php?kw={searchTerms}
IE - HKCU\..\SearchScopes\{58AA2032-3F73-444B-9BEA-F32512868136}: "URL" = hxxp://es.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{63F700A0-5B73-435A-AFC7-887C52E4B460}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://localhost:4664/search&s=ROOVnf0gwQxsiPZjAraOBpCh8do?q={searchTerms}
IE - HKCU\..\SearchScopes\{8E0E7E7C-1B3A-4772-B7BD-AFAFC4BAAF35}: "URL" = hxxp://suche.web.de/search/web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{E820C180-59B0-451C-9183-258058854C4A}: "URL" = hxxp://suche.lycos.de/cgi-bin/pursuit?query={searchTerms}
IE - HKCU\..\SearchScopes\{EF80DC8C-4595-4845-8E4D-D2BD44E3DACF}: "URL" = hxxp://suche.freenet.de/suche?query={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Archivos de programa\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\archiv~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Archivos de programa\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Archivos de programa\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: c:\Archivos de programa\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Archivos de programa\Virtual Earth 3D\ [2009/06/02 17:54:52 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Archivos de programa\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Datos de programa\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Archivos de programa\Archivos comunes\McAfee\SystemCore [2012/06/17 02:34:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Archivos de programa\McAfee\SiteAdvisor [2012/06/15 13:41:51 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/06/15 23:20:03 | 000,000,834 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	license.superantispyware.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Archivos de programa\Archivos comunes\Mcafee\SystemCore\ScriptSn.20120608160844.dll (McAfee, Inc.)
O2 - BHO: (Aplicación auxiliar de inicio de sesión de Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Archivos de programa\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Archivos de programa\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Archivos de programa\YRefresher\YRefresher.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [McPvTray_exe] C:\Archivos de programa\McAfee\MAT\McPvTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Archivos de programa\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PrnStatusMX] C:\Archivos de programa\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [WatchDog] C:\Archivos de programa\mobile PhoneTools\WatchDog.exe ()
O4 - HKCU..\Run: [NBJ] C:\Archivos de programa\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &eBay Search - Reg Error: Value error. File not found
O8 - Extra context menu item: &MSN Suche - Reg Error: Value error. File not found
O8 - Extra context menu item: &Silently send to default data store - C:\Archivos de programa\Queue\addToStore.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Add link to &queue - C:\Archivos de programa\Queue\addPage.html ()
O8 - Extra context menu item: Add to &data store... - C:\Archivos de programa\Queue\addToStore.html ()
O8 - Extra context menu item: Add to &queue - C:\Archivos de programa\Queue\addPage.html ()
O8 - Extra context menu item: Go to Queue &Web site - C:\Archivos de programa\Queue\website.html ()
O8 - Extra context menu item: Pop page from &queue - C:\Archivos de programa\Queue\removePage.html ()
O8 - Extra context menu item: Sea&rch stores - C:\Archivos de programa\Queue\searchStores.html ()
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Archivos de programa\Yahoo!\Common [2007/08/31 22:05:22 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Archivos de programa\Webpage Capture\Webpage Capture.exe (Endicosoft.com)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Archivos de programa\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {2685A3D0-1459-45EE-8426-5B8CF98899A8} hxxp://www.metacrawler1.de/metabar/metabar.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259167718062 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Archivos de programa\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Archivos de programa\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\ARCHIV~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Archivos de programa\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Archivos de programa\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/06 19:56:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/17 01:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Escritorio\VIRUS
[2012/06/16 23:22:45 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2012/06/16 22:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2012/06/16 22:08:35 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2012/06/16 22:08:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\RegClean Pro
[2012/06/16 15:37:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xp\Recent
[2012/06/15 21:24:42 | 000,039,936 | ---- | C] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2012/06/15 20:55:40 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Exterminate It!
[2012/06/15 20:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2012/06/15 17:30:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/08 19:24:29 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/08 17:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\McAfee
[2012/06/08 17:16:03 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee eliminieren
[2012/06/08 16:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee Anti-Theft
[2012/06/08 16:10:35 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\WINDOWS\System32\drivers\MOBK.sys
[2012/06/08 16:10:21 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee Online Backup
[2012/06/08 16:09:42 | 000,064,048 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\McPvDrv.sys
[2012/06/08 16:09:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee
[2012/06/08 16:08:44 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2012/06/08 16:08:39 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2012/06/08 16:08:39 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2012/06/08 16:08:39 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2012/06/08 16:08:38 | 000,340,920 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2012/06/08 16:08:38 | 000,180,848 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2012/06/08 16:08:38 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2012/06/08 16:08:38 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2012/06/08 16:08:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Mcafee
[2012/06/08 16:08:33 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee.com
[2012/06/08 16:08:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\McAfee
[2012/06/08 15:57:51 | 000,151,880 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2012/06/08 15:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\McAfee
[2012/06/08 13:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\SUPERAntiSpyware.com
[2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com
[2012/06/08 13:37:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware
[2012/06/08 10:08:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Citrix
[2012/06/08 10:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Configuración local\Datos de programa\Citrix
[2012/06/06 01:39:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
[2012/06/06 01:38:59 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2012/06/06 01:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2012/06/06 01:03:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Auslogics
[2012/06/06 01:03:36 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Auslogics
[2012/06/06 01:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Datos de programa\Malwarebytes
[2012/06/06 00:53:12 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
[2012/06/05 23:21:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xp\Escritorio\Festplatte aufräumen
[2012/06/05 17:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2012/06/05 05:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
[2010/12/29 20:38:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xp\Datos de programa\pcouffin.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/17 02:45:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/17 02:31:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/17 02:30:16 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/17 02:29:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/17 02:29:44 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/06/17 01:56:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\xp\defogger_reenable
[2012/06/17 01:30:03 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/17 00:45:26 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job
[2012/06/16 22:11:16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012/06/16 21:37:05 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/16 14:39:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/06/15 23:20:03 | 000,000,834 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/15 21:36:16 | 000,017,182 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg
[2012/06/15 21:24:42 | 000,039,936 | ---- | M] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2012/06/15 14:35:14 | 001,430,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/08 20:18:48 | 000,010,244 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg
[2012/06/08 19:22:52 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk
[2012/06/08 17:39:56 | 000,029,388 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg
[2012/06/08 16:50:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk
[2012/06/08 16:48:14 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk
[2012/06/08 16:25:43 | 000,000,426 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk
[2012/06/08 16:23:14 | 000,002,930 | ---- | M] () -- C:\WINDOWS\MOBK.blk
[2012/06/08 16:23:13 | 000,000,614 | ---- | M] () -- C:\WINDOWS\MOBK.flt
[2012/06/08 13:41:02 | 000,000,921 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\virushosts
[2012/06/08 10:07:49 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe
[2012/06/07 14:40:25 | 000,017,408 | ---- | M] () -- C:\conf.dat
[2012/06/06 22:42:11 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/06/06 15:16:18 | 000,654,660 | ---- | M] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg
[2012/06/06 00:28:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/04 20:59:12 | 000,465,456 | ---- | M] () -- C:\PoliFix.exe
[2012/06/04 16:34:33 | 000,163,840 | RHS- | M] () -- C:\WINDOWS\System32\MFC71KORR.dll
[2012/06/04 15:45:35 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\xp\Escritorio\Microsoft Word.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/17 01:56:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xp\defogger_reenable
[2012/06/16 22:11:16 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012/06/16 22:08:33 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\RegClean Pro.lnk
[2012/06/16 12:11:53 | 000,465,456 | ---- | C] () -- C:\PoliFix.exe
[2012/06/15 21:36:13 | 000,017,182 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120615_213607.reg
[2012/06/15 20:55:44 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Exterminate It!.lnk
[2012/06/15 14:12:33 | 000,000,532 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/08 20:18:46 | 000,010,244 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_201842.reg
[2012/06/08 19:22:52 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\McAfee Virtual Technician.lnk
[2012/06/08 19:22:09 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\McAfee Virtual Technician.lnk
[2012/06/08 17:39:54 | 000,029,388 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120608_173943.reg
[2012/06/08 16:50:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Total Protection.lnk
[2012/06/08 16:25:43 | 000,000,426 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\Cajas fuertes de McAfee.lnk
[2012/06/08 16:25:28 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\xp\Escritorio\McAfee Online Backup.lnk
[2012/06/08 10:07:47 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\xp\GoToAssistDownloadHelper.exe
[2012/06/07 00:26:45 | 000,017,408 | ---- | C] () -- C:\conf.dat
[2012/06/06 15:15:49 | 000,654,660 | ---- | C] () -- C:\Documents and Settings\xp\Mis documentos\cc_20120606_151535.reg
[2012/06/06 01:18:02 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/04 20:28:13 | 000,001,599 | ---- | C] () -- C:\Asistencia remota.lnk
[2012/06/04 16:34:33 | 000,163,840 | RHS- | C] () -- C:\WINDOWS\System32\MFC71KORR.dll
[2012/04/27 11:18:41 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2012/04/27 11:18:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2012/02/18 17:54:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/12/29 20:38:02 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\inst.exe
[2010/12/29 20:38:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.cat
[2010/12/29 20:38:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xp\Datos de programa\pcouffin.inf
[2010/10/15 20:14:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/31 22:47:12 | 000,000,345 | ---- | C] () -- C:\WINDOWS\hgw.ini
[2010/07/30 19:50:07 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
 
========== LOP Check ==========
 
[2008/05/07 20:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Autodesk
[2005/12/10 18:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Avanquest Software
[2006/02/16 01:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BVRP Software
[2007/10/20 15:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Earthsim
[2010/10/16 00:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ICQ
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Merscom
[2006/02/26 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MSN Search Toolbar
[2005/09/03 02:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PACE Anti-Piracy
[2007/10/25 19:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PC Drivers Headquarters
[2007/10/23 00:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SecTaskMan
[2008/05/30 15:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Tages
[2012/06/15 13:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
[2006/12/03 19:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zabersoft
[2010/03/12 19:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Zylom
[2010/08/16 19:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2007/02/15 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Ascaron Entertainment
[2012/06/06 02:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Auslogics
[2008/05/10 02:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Autodesk
[2012/06/15 20:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Curiolab
[2010/07/31 01:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Desktop Sidebar
[2010/04/28 16:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Glory of the Roman Empire
[2010/08/16 15:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Got Game Entertainment
[2010/10/16 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQ
[2005/04/14 23:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\ICQLite
[2009/03/06 19:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Imperium Romanum
[2005/04/09 12:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Leadertech
[2009/12/09 19:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Marvell
[2010/08/16 14:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Merscom
[2006/02/26 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\MSN Search Toolbar
[2007/03/18 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\OfficeUpdate12
[2008/12/10 23:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Skinux
[2007/10/28 14:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Smart Recorder
[2012/06/16 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Systweak
[2010/12/29 21:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Vso
[2006/11/15 23:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\WholeSecurity
[2008/12/06 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Desktop Search
[2008/04/16 18:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Live Writer
[2009/03/09 20:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\Windows Search
[2010/12/29 23:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Datos de programa\XMedia Recode
[2012/06/06 22:42:11 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/06/17 02:19:00 | 000,000,344 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/06/16 22:11:16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2012/06/16 22:11:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2012/06/16 21:37:05 | 000,000,532 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 524cf83f-97d3-44a5-af2d-51760775b490.job
[2012/06/17 00:45:26 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{625482C6-11A8-43E9-BC0A-A608AD8BEA0E}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\xvid.ax:SummaryInformation
@Alternate Data Stream - 866 bytes -> C:\Archivos de programa\Outlook Express:keadL8gUyqkM3X0b9tYi
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:07BF512B

< End of report >

--- --- ---
---------------------------------------------------------------

martinalejan · 17.06.2012, 02:11

sorry ... kein Text

... das heisst mein EDIT kam zu spät ...
... und GMER kommt dann auch morgen ...

... jetzt habe ich GMER schon 3 mal laufen lassen und immer stürzt der Computer ab (2 Mal mit blauem Bildschirm und 1 Mal ist er einfach "eingefroren" - immer nach unterschiedlicher Zeitdauer). Ich habe alles nach Vorschrift gemacht : McAfee deaktiviert, Verbindung WLan geschlossen, kein anderes Programm läuft, ich habe nicht mit dem PC irgendetwas anderes gearbeitet. Was soll ich tun ? Weiter probieren ?

... ok, ich probier's mochmal ...

... PC leider wieder "eingefroren" (nach ca. 9 Stunden Suche und nach meinen Beobachtungen kurz vor Schluss des Scans) ...

(es war irgendwo bei der Suche im WINDOWS Verzeichnis, system32 hatte er aber schon komplett durch)

martinalejan · 18.06.2012, 12:10

... so, jetzt ist der Gmer-Scan doch gelungen ...

Gmer gmer.log :
---------------------------------------------------------------------
GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-18 12:50:26
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3160815A rev.3.AAD
Running: n5p78c5b.exe; Driver: C:\DOCUME~1\xp\CONFIG~1\Temp\pgloiuow.sys


---- System - GMER 1.0.15 ----

Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwCreateKey [0xF73645D0]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwDeleteKey [0xF73645E4]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwDeleteValueKey [0xF7364610]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwOpenKey [0xF73645BC]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwOpenProcess [0xF7364594]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwOpenThread [0xF73645A8]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwRenameKey [0xF73645FA]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwSetSecurityObject [0xF736463C]
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  ZwSetValueKey [0xF7364626]
Code                                                                      513F6A8F                                                                                                                                                                                       KeFindConfigurationEntry
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  NtOpenProcess
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  NtOpenThread
Code                                                                      mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                                                                                  NtSetSecurityObject

---- Kernel code sections - GMER 1.0.15 ----

.sfrelocÿÿÿÿsfsync04unknown last section [0xF7425000, 0xBC6, 0x40000040]  C:\WINDOWS\system32\drivers\sfsync04.sys                                                                                                                                                       unknown last section [0xF7425000, 0xBC6, 0x40000040]
.text                                                                     C:\WINDOWS\system32\drivers\SSHDRV76.sys                                                                                                                                                       section is writeable [0xAA374000, 0x16204, 0xE8000020]
.pklstb                                                                   C:\WINDOWS\system32\drivers\SSHDRV76.sys                                                                                                                                                       entry point in ".pklstb" section [0xAA392000]
.relo2                                                                    C:\WINDOWS\system32\drivers\SSHDRV76.sys                                                                                                                                                       unknown last section [0xAA3A2000, 0x86, 0x42000040]
.text                                                                     C:\WINDOWS\system32\DRIVERS\atksgt.sys                                                                                                                                                         section is writeable [0xA5DFB300, 0x3AE88, 0xE8000020]
.text                                                                     C:\WINDOWS\system32\DRIVERS\lirsgt.sys                                                                                                                                                         section is writeable [0xA6569300, 0x1B7E, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text                                                                     C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe[1956] kernel32.dll!LoadLibraryA                                                                                         7C801D7B 5 Bytes  JMP 624199A1 C:\Archivos de programa\Archivos comunes\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text                                                                     C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe[1956] kernel32.dll!LoadLibraryW                                                                                         7C80AEEB 5 Bytes  JMP 62419A63 C:\Archivos de programa\Archivos comunes\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text                                                                     C:\WINDOWS\system32\SearchIndexer.exe[3252] kernel32.dll!WriteFile                                                                                                                             7C810E27 7 Bytes  JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice                                                            \FileSystem\Ntfs \Ntfs                                                                                                                                                                         mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice                                                            \FileSystem\Ntfs \Ntfs                                                                                                                                                                         MOBK.sys (Mozy Change Monitor Filter Driver/Mozy, Inc.)
AttachedDevice                                                            \Driver\Tcpip \Device\Ip                                                                                                                                                                       mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice                                                            \Driver\Tcpip \Device\Tcp                                                                                                                                                                      mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

Device                                                                    \Driver\prodrv06 \Device\ProDrv06                                                                                                                                                              E1ECE828
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17                                                                                                                                                   prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                                                                                                    prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdePort0                                                                                                                                                             prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdePort1                                                                                                                                                             prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f                                                                                                                                                    prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\prohlp02 \Device\ProHlp02                                                                                                                                                              E1D5D2D8

AttachedDevice                                                            \Driver\Tcpip \Device\Udp                                                                                                                                                                      mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice                                                            \Driver\Tcpip \Device\RawIp                                                                                                                                                                    mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

---- Registry - GMER 1.0.15 ----

Reg                                                                       HKLM\SYSTEM\ControlSet005\Control\Video\{DEB039CC-B704-4F53-B43E-9DD4432FA2E9}\0000@Vga\0ompatible                                                                                             0
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Control\Video\{DEB039CC-B704-4F53-B43E-9DD4432FA2E9}\0000@Vga\0ompatible                                                                                         0
Reg                                                                       HKLM\SYSTEM\ControlSet007\Control\Video\{DEB039CC-B704-4F53-B43E-9DD4432FA2E9}\0000@Vga\0ompatible                                                                                             0
Reg                                                                       HKLM\SOFTWARE\Classes\CLSID\{C8530F8C-C19C-11D2-99D6-9419F37DBB29}\VER                                                                                                                         
Reg                                                                       HKLM\SOFTWARE\Classes\CLSID\{C8530F8C-C19C-11D2-99D6-9419F37DBB29}\VER@                                                                                                                        1.1
Reg                                                                       HKLM\SOFTWARE\Classes\CLSID\{F35E0EE9-9106-4302-BB56-C01DB25EFC                                                                                                                                

---- Files - GMER 1.0.15 ----

File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\branches.inf                                                                                                                                               926 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\eula.txt                                                                                                                                                   884 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\KB975025.CAT                                                                                                                                               9383 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\spcustom.dll                                                                                                                                               26488 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\update.exe                                                                                                                                                 764280 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\update.ver                                                                                                                                                 390 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\updatebr.inf                                                                                                                                               678 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\update_SP2QFE.inf                                                                                                                                          25286 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\update_SP3GDR.inf                                                                                                                                          27493 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\update_SP3QFE.inf                                                                                                                                          27493 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB975025\update\updspapi.dll                                                                                                                                               401272 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\branches.inf                                                                                                                                               926 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\eula.txt                                                                                                                                                   884 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\KB982802.CAT                                                                                                                                               8156 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\spcustom.dll                                                                                                                                               26488 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\update.exe                                                                                                                                                 764280 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\update.ver                                                                                                                                                 374 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\updatebr.inf                                                                                                                                               496 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\update_SP3QFE.inf                                                                                                                                          28334 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB982802\update\updspapi.dll                                                                                                                                               401272 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\branches.inf                                                                                                                                               668 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\KB891781.CAT                                                                                                                                               11068 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll                                                                                                                                               21504 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\update.exe                                                                                                                                                 663040 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\update.ver                                                                                                                                                 297 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\updatebr.inf                                                                                                                                               569 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB891781\update\update_SP2QFE.inf                                                                                                                                          10099 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\KB893066.CAT                                                                                                                                               10786 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\update.ver                                                                                                                                                 291 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\updatebr.inf                                                                                                                                               592 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\update_SP2QFE.inf                                                                                                                                          10859 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893066\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe                                                                                                                                               30720 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\eula.txt                                                                                                                                                   555 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\KB893756.CAT                                                                                                                                               12143 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\update.ver                                                                                                                                                 576 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\updatebr.inf                                                                                                                                               613 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\update_SP2QFE.inf                                                                                                                                          11196 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\KB894391.CAT                                                                                                                                               14316 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\update.ver                                                                                                                                                 1217 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\updatebr.inf                                                                                                                                               592 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\update_SP2QFE.inf                                                                                                                                          11455 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\KB896358.CAT                                                                                                                                               15022 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\update.ver                                                                                                                                                 1377 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\updatebr.inf                                                                                                                                               592 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\update_SP2QFE.inf                                                                                                                                          14145 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\KB896422.CAT                                                                                                                                               10786 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\update.ver                                                                                                                                                 285 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\updatebr.inf                                                                                                                                               592 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\update_SP2QFE.inf                                                                                                                                          10849 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896422\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe                                                                                                                                               30720 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\eula.txt                                                                                                                                                   555 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\KB896423.CAT                                                                                                                                               11437 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\update.ver                                                                                                                                                 388 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\updatebr.inf                                                                                                                                               613 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\update_SP2QFE.inf                                                                                                                                          11093 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe                                                                                                                                               30720 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\eula.txt                                                                                                                                                   555 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\KB896424.CAT                                                                                                                                               12849 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\update.ver                                                                                                                                                 753 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\updatebr.inf                                                                                                                                               613 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\update_SP2QFE.inf                                                                                                                                          11578 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896424\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\KB896428.CAT                                                                                                                                               10786 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\update.ver                                                                                                                                                 291 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\updatebr.inf                                                                                                                                               592 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\update_SP2QFE.inf                                                                                                                                          10809 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\browseui.dll                                                                                                                                               1020416 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\cdfview.dll                                                                                                                                                151552 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\danim.dll                                                                                                                                                  1055744 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\dxtrans.dll                                                                                                                                                205312 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\extmgr.dll                                                                                                                                                 55808 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\iedw.exe                                                                                                                                                   18432 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\iepeers.dll                                                                                                                                                251904 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\inseng.dll                                                                                                                                                 96768 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\mshtml.dll                                                                                                                                                 3015680 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\mshtmled.dll                                                                                                                                               448512 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\msrating.dll                                                                                                                                               146432 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\mstime.dll                                                                                                                                                 530432 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\pngfilt.dll                                                                                                                                                39424 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\shdocvw.dll                                                                                                                                                1486336 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\shlwapi.dll                                                                                                                                                474624 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\urlmon.dll                                                                                                                                                 605184 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\wininet.dll                                                                                                                                                663040 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\arpidfix.exe                                                                                                                                               30720 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\eula.txt                                                                                                                                                   555 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\KB896688.CAT                                                                                                                                               21737 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\update.ver                                                                                                                                                 3166 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\updatebr.inf                                                                                                                                               517 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\update_SP2QFE.inf                                                                                                                                          37485 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896688\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\browseui.dll                                                                                                                                               1020416 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\cdfview.dll                                                                                                                                                151552 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\iedw.exe                                                                                                                                                   18432 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\iepeers.dll                                                                                                                                                251904 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\inseng.dll                                                                                                                                                 96768 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtml.dll                                                                                                                                                 3014144 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtmled.dll                                                                                                                                               448512 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\msrating.dll                                                                                                                                               146432 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\pngfilt.dll                                                                                                                                                39424 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\shdocvw.dll                                                                                                                                                1485824 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\shlwapi.dll                                                                                                                                                474112 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\urlmon.dll                                                                                                                                                 605184 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll                                                                                                                                                662016 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\arpidfix.exe                                                                                                                                               30720 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\eula.txt                                                                                                                                                   555 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\KB896727.CAT                                                                                                                                               18913 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\update.ver                                                                                                                                                 2430 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\updatebr.inf                                                                                                                                               517 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\update_SP2QFE.inf                                                                                                                                          28252 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB896727\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\branches.inf                                                                                                                                               705 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\eula.txt                                                                                                                                                   3978 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\KB898461.CAT                                                                                                                                               9735 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll                                                                                                                                               22240 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\update.exe                                                                                                                                                 726752 bytes executable
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\update.ver                                                                                                                                                 517 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\updatebr.inf                                                                                                                                               496 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\update_SP2QFE.inf                                                                                                                                          11113 bytes
File                                                                      C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll                                                                                                                                               390368 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                        0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll                                                                                      17240 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\AddInUtil.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                                                                0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\AddInUtil.resources\v4.0_4.0.0.0_es_b77a5c561934e089\AddInUtil.resources.dll                                                                        11112 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                         0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll                                                                                        498520 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\aspnet_compiler.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                          0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\aspnet_compiler.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\aspnet_compiler.resources.dll                                                            14704 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\aspnet_regbrowsers.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\aspnet_regbrowsers.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\aspnet_regbrowsers.resources.dll                                                      11640 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\aspnet_regsql.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                            0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\aspnet_regsql.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\aspnet_regsql.resources.dll                                                                34672 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089                                                                                                        0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll                                                                                      51032 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Device.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                                                            0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Device.resources\v4.0_4.0.0.0_es_b77a5c561934e089\System.Device.resources.dll                                                                10608 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                             0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll                                                                395120 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089                                                                           0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll                            285072 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                               0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\v4.0_4.0.0.0_es_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll      31144 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                   0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll                                            182144 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll                      23448 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                 0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll                                          36736 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll                                                                                    607064 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll                                                                      86888 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                    0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll                                                12160 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                           0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.Drawing.resources.dll                                                              20848 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll                                                                                    120152 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\system.dynamic.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                           0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\system.dynamic.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.Dynamic.resources.dll                                                              11632 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.EnterpriseServices.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.EnterpriseServices.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll                                        28552 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089                                                                                                 0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll                                                                        392552 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                                                     0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.resources\v4.0_4.0.0.0_es_b77a5c561934e089\System.IdentityModel.resources.dll                                                  51576 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089                                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll                                                    125816 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                                           0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\v4.0_4.0.0.0_es_b77a5c561934e089\System.IdentityModel.Selectors.resources.dll                              49040 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                        0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll                                                                                      123736 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                             0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll                                                                                                112976 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\sysglobl.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                                 0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\sysglobl.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\sysglobl.resources.dll                                                                          16736 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089                                                                                                               0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll                                                                                                    3510600 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35                                                                                                    0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll                                                                              1199968 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35                                                                                  0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll                                          525704 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation.resources\v4.0_4.0.0.0_es_31bf3856ad364e35                                                                      0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation.resources\v4.0_4.0.0.0_es_31bf3856ad364e35\System.Activities.Core.Presentation.resources.dll                    239000 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35                                                                                  0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll                                          122248 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089                                                                                         0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll                                                        1026936 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                         0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll                        122264 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                             0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll  17840 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                                             0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_es_b77a5c561934e089\System.RunTime.Serialization.resources.dll                                  104328 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a                                                                                                      0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll                                                                                  261472 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Security.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a                                                                                          0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Security.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.Security.resources.dll                                                            24944 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089                                                                                                  0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll                                                                          6097256 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35                                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll                                                    175992 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation.resources\v4.0_4.0.0.0_es_31bf3856ad364e35                                                                           0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation.resources\v4.0_4.0.0.0_es_31bf3856ad364e35\System.ServiceModel.Activation.resources.dll                              32656 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35                                                                                       0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll                                                    505208 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities.resources\v4.0_4.0.0.0_es_31bf3856ad364e35                                                                           0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities.resources\v4.0_4.0.0.0_es_31bf3856ad364e35\System.ServiceModel.Activities.resources.dll                              40848 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35                                                                                         0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll                                                        37240 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels.resources\v4.0_4.0.0.0_es_31bf3856ad364e35                                                                             0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels.resources\v4.0_4.0.0.0_es_31bf3856ad364e35\System.ServiceModel.Channels.resources.dll                                  12168 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35                                                                                        0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll                                                      390008 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery.resources\v4.0_4.0.0.0_es_31bf3856ad364e35                                                                            0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery.resources\v4.0_4.0.0.0_es_31bf3856ad364e35\System.ServiceModel.Discovery.resources.dll                                46480 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.resources\v4.0_4.0.0.0_es_b77a5c561934e089                                                                                      0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.resources\v4.0_4.0.0.0_es_b77a5c561934e089\System.ServiceModel.resources.dll                                                    500600 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35                                                                                          0 bytes
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll                                                          129912 bytes executable
File                                                                      C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089                                                                                 0 bytes

---- EOF - GMER 1.0.15 ----

--- --- ---
---------------------------------------------------------------------

Wie geht's jetzt weiter ?

cosinus · 20.06.2012, 14:31

Wo sind die Logs von Malwarebytes und ESET Online? Du hast beides bereits am Laufen gehabt aber keine Logs gepostet!

BTW: Wenn du hier auf deinen eigenen Strang antwortest, musst du dich nicht wundern, dass wir deine Anfrage übersehen, weil wir uns fast nur auf unbeantwortete Themen konzentrieren!

martinalejan · 20.06.2012, 15:03

Hallo,
und sorry für mein Durcheinander ... aber ich bin zum ersten Mal in diesem Forum. Danke, dass Ihr Euch jetzt so schnell gemeldet habt.
Ich habe Malwarebytes und ESET abgebrochen, als ich Eure Seite gefunden habe über die drei Programme Defogger, OTL und Gmer ...
Was soll ichj jetzt als nächstes tun ?? (Malwarebytes voll oder kurz ? ESET ?)
DANKE !!!

cosinus · 20.06.2012, 15:46

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

martinalejan · 21.06.2012, 06:08

Hallo,

hier nun also die log-files ...

Malwarebytes (es gibt keine älteren files !) :

ich habe den Scan genau verfolgt und das Programm hat 0 infizierte files gefunden !!! Leider ist mir dann beim Speichern der log-Datei irgendein Fehler unterlaufen und ich habe sie nicht gespeichert (schöner Mist, nach 6 Stunden scannen !). Ich lasse den Scan jetzt aber zur Sicherheit nochmals laufen ...

ESET :

Code:

ATTFilter

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=15424e6d036cc44dbdcaa979b9939433
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-16 11:39:57
# local_time=2012-06-17 01:39:57 (+0100, Hora de verano romance)
# country="Spain"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5121 16777189 100 75 717788 5107957 0 0
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 660 660 0 0
# scanned=247330
# found=0
# cleaned=0
# scan_time=7578
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=15424e6d036cc44dbdcaa979b9939433
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-20 09:44:36
# local_time=2012-06-20 11:44:36 (+0100, Hora de verano romance)
# country="Spain"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5121 16777189 100 75 1037953 5428122 0 0
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 320825 320825 0 0
# scanned=404757
# found=0
# cleaned=0
# scan_time=26089

Wieder vielen Dank für weitere Hilfe !!!

cosinus · 21.06.2012, 12:03

Malwarebytes speichert alle Logs im Reiter Logdatein
Ist das denn so unscheinbar und leicht zu übersehen? Sollte doch irgendwie auf der Hand liegen, dass ein Anti-Malwaretool seine eigenen Logs auch selbst verwalten kann

martinalejan · 21.06.2012, 12:15

tut mir leid, aber das Feld unter dem Reiter ist leer !!!!!!!!!!!!!!!!!!!!!!!!!!!!
Aber es läuft ja im Moment der 2. Durchgang ...

cosinus · 21.06.2012, 14:33

Ja ist ja schon gut ...

...bitte aber lass das Posten von zig Ausrufezeichen oder bring deine Tastatur zum Reparaturservice wenn die Tasten klemmen

martinalejan · 21.06.2012, 16:45

Hallo,

hier nun also das Malwarebytes-log vom 2. Scan :

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.20.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
xp :: MARTINAKILB2 [Administrator]

Schutz: Deaktiviert

21/06/2012 7:18:41
mbam-log-2012-06-21 (07-18-41).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 647974
Laufzeit: 10 Stunde(n), 20 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Wie geht es nun weiter ?

cosinus · 21.06.2012, 19:18

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

martinalejan · 21.06.2012, 19:24

gerne :
1.) ja, der geht (ging immer)
2.) nein, ich vermisse nichts und es gibt auch keine leeren Ordner
warum die Fragen ?
(ich lasse gerade SUPERAntiSpyware laufen, um wirkloich alles "abzusuchen")

cosinus · 21.06.2012, 19:50

Ich frage nach weil bei vielen Infektionen in Vergangenheit die Icons vom Desktop und Startmenp gelöscht, verschoben oder versteckt wurden. Wären bei dir leere Ordner im Startmenü oder auf dem Desktop keine Icons mehr, hätte man zuerst mit einem anderen Tool weitermachen müssen.

Da du jetzt mit SUPERAntiSpyware scannst warte ich erstmal auf das Log davon, dann gehts weiter

martinalejan · 21.06.2012, 21:47

hier das log von SuperAntiSpyware :

Code:

ATTFilter

SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 06/21/2012 bei 10:26 PM

Version der Applikation : 5.1.1002

Version der Kern-Datenbank : 8768
Version der Spur-Datenbank : 6579

Scan Art       : kompletter Scann
Totale Scann-Zeit : 04:31:53

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Gescannte Speicherelemente  : 653
Erfasste Speicher-Bedrohungen  : 0
Gescannte Register-Elemente  : 39692
Erfasste Register-Bedrohungen  : 0
Gescannte Datei-Elemente     : 68407
Erfasste Datei-Elemente   : 0

Was soll ich als nächstes machen ?

P.S. jetzt habe ich nochmals den Internetexplorer mit Google ausprobiert : wenn ich ein Thema suche und dann mit Rechtsklick "Öffne in neuem Fenster" oder "Öffne in neuem Reiter" (ist bei mir in Spanisch) aufrufe, dann kommen jeweils mehrere Töne BING (wie bei Fehlern), es öffnet sich auch ein neuer Reiter, auf dem "verbinde" steht. Die Seite bleibt aber weiss und es kommt auch kein Signal "umleiten" und schon garnicht der secure.bidvertiser. "Öffne in neuem Fenster" klappt manchmal ja, manchmal nein. Beim Linksklick auf ein Thema kommt die korrekte Seite. Vielleicht hilft Dir das, den Fehler weiter einzukreisen ...

hier das log von TDSSKiller (mit ausgeschaltetem Internet und deaktiviertem McAfee und aktiviertem Häkchen an allen 4 Optionen in TDSSKiller) :

Code:

ATTFilter

23:30:42.0156 4540	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
23:30:42.0187 4540	============================================================
23:30:42.0187 4540	Current date / time: 2012/06/21 23:30:42.0187
23:30:42.0187 4540	SystemInfo:
23:30:42.0187 4540	
23:30:42.0187 4540	OS Version: 5.1.2600 ServicePack: 3.0
23:30:42.0187 4540	Product type: Workstation
23:30:42.0187 4540	ComputerName: MARTINAKILB2
23:30:42.0187 4540	UserName: xp
23:30:42.0187 4540	Windows directory: C:\WINDOWS
23:30:42.0187 4540	System windows directory: C:\WINDOWS
23:30:42.0187 4540	Processor architecture: Intel x86
23:30:42.0187 4540	Number of processors: 1
23:30:42.0187 4540	Page size: 0x1000
23:30:42.0187 4540	Boot type: Normal boot
23:30:42.0187 4540	============================================================
23:30:44.0312 4540	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:30:44.0328 4540	Drive \Device\Harddisk1\DR4 - Size: 0x771FFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:30:44.0328 4540	============================================================
23:30:44.0328 4540	\Device\Harddisk0\DR0:
23:30:44.0328 4540	MBR partitions:
23:30:44.0328 4540	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
23:30:44.0328 4540	\Device\Harddisk1\DR4:
23:30:44.0328 4540	MBR partitions:
23:30:44.0328 4540	\Device\Harddisk1\DR4\Partition0: MBR, Type 0xE, StartLBA 0x10, BlocksNum 0x3B8FEF
23:30:44.0328 4540	============================================================
23:30:44.0546 4540	C: <-> \Device\Harddisk0\DR0\Partition0
23:30:44.0546 4540	============================================================
23:30:44.0546 4540	Initialize success
23:30:44.0546 4540	============================================================
23:30:55.0171 4164	============================================================
23:30:55.0171 4164	Scan started
23:30:55.0171 4164	Mode: Manual; SigCheck; TDLFS; 
23:30:55.0171 4164	============================================================
23:30:55.0484 4164	!SASCORE        (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE
23:30:55.0718 4164	!SASCORE - ok
23:30:56.0250 4164	A4SII300        (8e617f0af5fdd0a76566d042ea8cd4b7) C:\WINDOWS\System32\drivers\A4SII300.SYS
23:30:56.0656 4164	A4SII300 ( UnsignedFile.Multi.Generic ) - warning
23:30:56.0656 4164	A4SII300 - detected UnsignedFile.Multi.Generic (1)
23:30:57.0500 4164	A5AGU           (f2e8282f2d462daca1ed8f1d8f94c21c) C:\WINDOWS\system32\DRIVERS\A5AGU.sys
23:30:57.0859 4164	A5AGU - ok
23:30:57.0875 4164	Abiosdsk - ok
23:30:57.0875 4164	abp480n5 - ok
23:30:58.0515 4164	ACPI            (cf2a07e1751a2d612d7e13aa431ab057) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:30:59.0406 4164	ACPI - ok
23:30:59.0484 4164	ACPIEC          (1c905333c0b9f3d7c68ddf25e54b00f9) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:30:59.0812 4164	ACPIEC - ok
23:31:00.0718 4164	AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:31:00.0734 4164	AdobeFlashPlayerUpdateSvc - ok
23:31:00.0750 4164	adpu160m - ok
23:31:01.0187 4164	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:31:01.0421 4164	aec - ok
23:31:01.0578 4164	AegisP          (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
23:31:01.0609 4164	AegisP ( UnsignedFile.Multi.Generic ) - warning
23:31:01.0609 4164	AegisP - detected UnsignedFile.Multi.Generic (1)
23:31:01.0921 4164	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:31:02.0078 4164	AFD - ok
23:31:02.0109 4164	Aha154x - ok
23:31:02.0125 4164	aic78u2 - ok
23:31:02.0140 4164	aic78xx - ok
23:31:02.0156 4164	ALCXWDM - ok
23:31:02.0203 4164	Alerter         (fedca791a089d4e15084da10f38bce45) C:\WINDOWS\system32\alrsvc.dll
23:31:02.0531 4164	Alerter - ok
23:31:02.0593 4164	ALG             (764b7a1e6ae2d70416a7932f3b97ac99) C:\WINDOWS\System32\alg.exe
23:31:02.0796 4164	ALG - ok
23:31:02.0796 4164	AliIde - ok
23:31:02.0812 4164	amsint - ok
23:31:03.0312 4164	Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:31:03.0343 4164	Apple Mobile Device - ok
23:31:03.0343 4164	AppMgmt - ok
23:31:03.0406 4164	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:31:03.0656 4164	Arp1394 - ok
23:31:03.0656 4164	asc - ok
23:31:03.0671 4164	asc3350p - ok
23:31:03.0687 4164	asc3550 - ok
23:31:04.0390 4164	aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:31:04.0437 4164	aspnet_state - ok
23:31:04.0468 4164	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:31:04.0656 4164	AsyncMac - ok
23:31:04.0859 4164	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:31:05.0203 4164	atapi - ok
23:31:05.0218 4164	Atdisk - ok
23:31:05.0546 4164	Ati HotKey Poller (666e4e583a7cf1233c6425da16ecdc89) C:\WINDOWS\system32\Ati2evxx.exe
23:31:05.0703 4164	Ati HotKey Poller - ok
23:31:06.0015 4164	ATI Smart       (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\system32\ati2sgag.exe
23:31:06.0234 4164	ATI Smart ( UnsignedFile.Multi.Generic ) - warning
23:31:06.0234 4164	ATI Smart - detected UnsignedFile.Multi.Generic (1)
23:31:07.0187 4164	ati2mtag        (0c2ca1c294938139829b1983a0c38b31) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:31:08.0437 4164	ati2mtag - ok
23:31:08.0890 4164	atksgt          (3c4b9850a2631c2263507400d029057b) C:\WINDOWS\system32\DRIVERS\atksgt.sys
23:31:08.0937 4164	atksgt - ok
23:31:08.0984 4164	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:31:09.0171 4164	Atmarpc - ok
23:31:09.0218 4164	AudioSrv        (a37f6480b06c37db69bbff045cf9f55b) C:\WINDOWS\System32\audiosrv.dll
23:31:09.0406 4164	AudioSrv - ok
23:31:09.0437 4164	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:31:09.0656 4164	audstub - ok
23:31:09.0781 4164	Autodesk Licensing Service (ea2d28bbe98256654397cd1f6eaebdd8) C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
23:31:09.0812 4164	Autodesk Licensing Service - ok
23:31:09.0953 4164	BBSvc           (825f81a6f7dd073509db101f0ba6dc59) C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE
23:31:10.0015 4164	BBSvc - ok
23:31:10.0046 4164	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:31:10.0312 4164	Beep - ok
23:31:10.0484 4164	BITS            (8ee9639c01b92490e09638caa1b16c3c) C:\WINDOWS\system32\qmgr.dll
23:31:10.0765 4164	BITS - ok
23:31:10.0796 4164	BjsPort         (7b5bee91c1c5e1ae3eb93ed167e2ddcf) C:\WINDOWS\system32\drivers\BjsPort.SYS
23:31:10.0812 4164	BjsPort ( UnsignedFile.Multi.Generic ) - warning
23:31:10.0812 4164	BjsPort - detected UnsignedFile.Multi.Generic (1)
23:31:11.0015 4164	Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Archivos de programa\Bonjour\mDNSResponder.exe
23:31:11.0156 4164	Bonjour Service - ok
23:31:11.0234 4164	Browser         (e28818bd591f8af8fbe9897472b9665e) C:\WINDOWS\System32\browser.dll
23:31:11.0421 4164	Browser - ok
23:31:11.0578 4164	BT4501G         (1ebd702bb1924343aa24d065b758ce38) C:\WINDOWS\system32\DRIVERS\BT4501G.sys
23:31:11.0734 4164	BT4501G - ok
23:31:11.0953 4164	CamDrL          (cba8bce5bf67a3c619d5ce540bed9cf7) C:\WINDOWS\system32\DRIVERS\Camdrl.sys
23:31:12.0000 4164	CamDrL - ok
23:31:12.0234 4164	Cap7134         (729bf1fe5a9e72b19476d0d2d0c46530) C:\WINDOWS\system32\DRIVERS\Cap7134.sys
23:31:12.0406 4164	Cap7134 - ok
23:31:13.0000 4164	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:31:13.0250 4164	cbidf2k - ok
23:31:13.0281 4164	CBTNDIS5        (181b4a19965024a2afa01fa2102b2a2d) C:\WINDOWS\system32\CBTNDIS5.SYS
23:31:13.0296 4164	CBTNDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:31:13.0296 4164	CBTNDIS5 - detected UnsignedFile.Multi.Generic (1)
23:31:13.0343 4164	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:31:13.0546 4164	CCDECODE - ok
23:31:13.0562 4164	cd20xrnt - ok
23:31:13.0593 4164	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:31:13.0859 4164	Cdaudio - ok
23:31:13.0906 4164	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:31:14.0093 4164	Cdfs - ok
23:31:14.0140 4164	Cdrom           (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:31:14.0171 4164	Cdrom - ok
23:31:14.0234 4164	cfwids          (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
23:31:14.0250 4164	cfwids - ok
23:31:14.0265 4164	Changer - ok
23:31:14.0296 4164	CiSvc           (b0e3fec4ee7b935a7387fd6ef31ea780) C:\WINDOWS\system32\cisvc.exe
23:31:14.0468 4164	CiSvc - ok
23:31:14.0500 4164	ClipSrv         (0c3bf68ab94cefd64b333b326f84510e) C:\WINDOWS\system32\clipsrv.exe
23:31:14.0703 4164	ClipSrv - ok
23:31:14.0843 4164	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:31:14.0875 4164	clr_optimization_v2.0.50727_32 - ok
23:31:15.0640 4164	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:31:15.0734 4164	clr_optimization_v4.0.30319_32 - ok
23:31:15.0765 4164	CmdIde - ok
23:31:15.0812 4164	COMSysApp - ok
23:31:15.0906 4164	Cpqarray - ok
23:31:16.0218 4164	Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.exe
23:31:16.0765 4164	Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
23:31:16.0765 4164	Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
23:31:16.0796 4164	crlscsi         (e08ac114b931dacafbdd9d5e0b93815c) C:\WINDOWS\system32\drivers\crlscsi.sys
23:31:16.0828 4164	crlscsi ( UnsignedFile.Multi.Generic ) - warning
23:31:16.0828 4164	crlscsi - detected UnsignedFile.Multi.Generic (1)
23:31:16.0890 4164	CryptSvc        (e423c9c1946c656e0e4840210a0a8681) C:\WINDOWS\System32\cryptsvc.dll
23:31:17.0062 4164	CryptSvc - ok
23:31:17.0140 4164	ctsfm2k         (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
23:31:17.0187 4164	ctsfm2k - ok
23:31:17.0187 4164	dac2w2k - ok
23:31:17.0203 4164	dac960nt - ok
23:31:17.0406 4164	DcomLaunch      (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll
23:31:17.0578 4164	DcomLaunch - ok
23:31:17.0656 4164	Dhcp            (2ddfb3a5679fa02366686ecb1af622f0) C:\WINDOWS\System32\dhcpcsvc.dll
23:31:17.0828 4164	Dhcp - ok
23:31:17.0875 4164	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:31:18.0031 4164	Disk - ok
23:31:18.0031 4164	dmadmin - ok
23:31:18.0328 4164	dmboot          (c252a99c0a78b39faa2e2d1d048b1050) C:\WINDOWS\system32\drivers\dmboot.sys
23:31:18.0703 4164	dmboot - ok
23:31:18.0828 4164	dmio            (33b4d4039cd2cb25351a7bf13b2988d9) C:\WINDOWS\system32\drivers\dmio.sys
23:31:19.0000 4164	dmio - ok
23:31:19.0046 4164	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:31:19.0328 4164	dmload - ok
23:31:19.0390 4164	dmserver        (40d0520ddaa9312c5dddd8c7c99d8325) C:\WINDOWS\System32\dmserver.dll
23:31:19.0640 4164	dmserver - ok
23:31:19.0687 4164	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:31:19.0890 4164	DMusic - ok
23:31:19.0953 4164	Dnscache        (2e6d76cab5a402af257a963916fe05e7) C:\WINDOWS\System32\dnsrslvr.dll
23:31:20.0046 4164	Dnscache - ok
23:31:20.0187 4164	Dot3svc         (412134c50e2063d882ef1634676e2b25) C:\WINDOWS\System32\dot3svc.dll
23:31:20.0390 4164	Dot3svc - ok
23:31:20.0390 4164	dpti2o - ok
23:31:20.0421 4164	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:31:20.0593 4164	drmkaud - ok
23:31:20.0671 4164	EapHost         (fc3fe3654588e597fff395c305062c46) C:\WINDOWS\System32\eapsvc.dll
23:31:20.0843 4164	EapHost - ok
23:31:20.0859 4164	EAPPkt - ok
23:31:20.0906 4164	ERSvc           (d96623dd7ce1ea9e4de7285d740e14f6) C:\WINDOWS\System32\ersvc.dll
23:31:21.0078 4164	ERSvc - ok
23:31:21.0203 4164	Eventlog        (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe
23:31:21.0281 4164	Eventlog - ok
23:31:21.0453 4164	EventSystem     (a225dd0d0489bd580781d19524a10b19) C:\WINDOWS\system32\es.dll
23:31:21.0484 4164	EventSystem - ok
23:31:21.0546 4164	ExterminateIt   (0f3992d94142d6936f5319d6f5027910) C:\WINDOWS\system32\drivers\extit.sys
23:31:21.0578 4164	ExterminateIt ( UnsignedFile.Multi.Generic ) - warning
23:31:21.0578 4164	ExterminateIt - detected UnsignedFile.Multi.Generic (1)
23:31:21.0718 4164	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:31:21.0906 4164	Fastfat - ok
23:31:21.0984 4164	FastUserSwitchingCompatibility (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
23:31:22.0031 4164	FastUserSwitchingCompatibility - ok
23:31:22.0078 4164	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:31:22.0234 4164	Fdc - ok
23:31:22.0281 4164	Fips            (e5e61f2c07344e91dbfb7eafde549ab4) C:\WINDOWS\system32\drivers\Fips.sys
23:31:22.0484 4164	Fips - ok
23:31:22.0546 4164	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:31:22.0718 4164	Flpydisk - ok
23:31:22.0796 4164	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:31:22.0953 4164	FltMgr - ok
23:31:23.0093 4164	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:31:23.0109 4164	FontCache3.0.0.0 - ok
23:31:23.0140 4164	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:31:23.0343 4164	Fs_Rec - ok
23:31:23.0421 4164	Ftdisk          (cc5f3af5711a1c7c8fa1d43bb16b401a) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:31:23.0671 4164	Ftdisk - ok
23:31:23.0703 4164	gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
23:31:23.0859 4164	gameenum - ok
23:31:23.0921 4164	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:31:23.0937 4164	GEARAspiWDM - ok
23:31:24.0078 4164	GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
23:31:24.0093 4164	GoogleDesktopManager-051210-111108 - ok
23:31:24.0140 4164	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:31:24.0515 4164	Gpc - ok
23:31:24.0640 4164	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Archivos de programa\Google\Update\GoogleUpdate.exe
23:31:24.0656 4164	gupdate - ok
23:31:24.0671 4164	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Archivos de programa\Google\Update\GoogleUpdate.exe
23:31:24.0703 4164	gupdatem - ok
23:31:24.0843 4164	gusvc           (408ddd80eede47175f6844817b90213e) C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
23:31:24.0859 4164	gusvc - ok
23:31:24.0937 4164	helpsvc         (6b5e1788abf15177a20c6c76c11382bb) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:31:25.0109 4164	helpsvc - ok
23:31:25.0156 4164	hidgame         (923ee4eef2582909a056904ca8026015) C:\WINDOWS\system32\DRIVERS\hidgame.sys
23:31:25.0359 4164	hidgame - ok
23:31:25.0406 4164	HidServ         (158aedf024cd58fea03be2d7d62abc9c) C:\WINDOWS\System32\hidserv.dll
23:31:25.0593 4164	HidServ - ok
23:31:25.0640 4164	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:31:25.0781 4164	HidUsb - ok
23:31:25.0843 4164	hkmsvc          (8f80b5fb68e1e767d872cb9a8cad5b5d) C:\WINDOWS\System32\kmsvc.dll
23:31:25.0984 4164	hkmsvc - ok
23:31:26.0000 4164	hpn - ok
23:31:26.0140 4164	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:31:26.0171 4164	HTTP - ok
23:31:26.0234 4164	HTTPFilter      (0406b351908a8c143b6b6bb8834d4920) C:\WINDOWS\System32\w3ssl.dll
23:31:26.0390 4164	HTTPFilter - ok
23:31:26.0406 4164	i2omgmt - ok
23:31:26.0421 4164	i2omp - ok
23:31:26.0468 4164	i8042prt        (4a2490a66e8271901e89dd5fb79748ae) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:31:26.0656 4164	i8042prt - ok
23:31:27.0093 4164	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:31:27.0359 4164	idsvc - ok
23:31:27.0406 4164	Imagedrv        (25edd75e23c5ef6b33d0fbcce125a601) C:\WINDOWS\system32\DRIVERS\imagedrv.sys
23:31:27.0421 4164	Imagedrv ( UnsignedFile.Multi.Generic ) - warning
23:31:27.0421 4164	Imagedrv - detected UnsignedFile.Multi.Generic (1)
23:31:27.0500 4164	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:31:27.0671 4164	Imapi - ok
23:31:27.0750 4164	ImapiService    (e50abd04ca0c015017722014d1d9251e) C:\WINDOWS\system32\imapi.exe
23:31:27.0921 4164	ImapiService - ok
23:31:28.0000 4164	InCDfs          (d8a77fc386f9297ce4b692fc83b4ba02) C:\WINDOWS\system32\drivers\InCDfs.sys
23:31:28.0000 4164	InCDfs ( UnsignedFile.Multi.Generic ) - warning
23:31:28.0000 4164	InCDfs - detected UnsignedFile.Multi.Generic (1)
23:31:28.0046 4164	InCDPass        (433bb499bcea1c88b55aa67d1b3ef1dc) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
23:31:28.0062 4164	InCDPass ( UnsignedFile.Multi.Generic ) - warning
23:31:28.0062 4164	InCDPass - detected UnsignedFile.Multi.Generic (1)
23:31:28.0093 4164	InCDrec         (12dbb035cd2ed0313fab864470f31c23) C:\WINDOWS\system32\drivers\InCDrec.sys
23:31:28.0109 4164	InCDrec ( UnsignedFile.Multi.Generic ) - warning
23:31:28.0109 4164	InCDrec - detected UnsignedFile.Multi.Generic (1)
23:31:28.0140 4164	incdrm          (9d1adfe6ce5c2e2a42f3b8aa57821d87) C:\WINDOWS\system32\drivers\incdrm.sys
23:31:28.0171 4164	incdrm ( UnsignedFile.Multi.Generic ) - warning
23:31:28.0171 4164	incdrm - detected UnsignedFile.Multi.Generic (1)
23:31:28.0578 4164	InCDsrv         (394bf2329ac168f253c74e1eead15fac) C:\Archivos de programa\Ahead\InCD\InCDsrv.exe
23:31:28.0859 4164	InCDsrv ( UnsignedFile.Multi.Generic ) - warning
23:31:28.0859 4164	InCDsrv - detected UnsignedFile.Multi.Generic (1)
23:31:28.0875 4164	ini910u - ok
23:31:28.0906 4164	IntelIde - ok
23:31:28.0953 4164	intelppm        (49a060498c09db18c3ea9939789005ab) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:31:29.0093 4164	intelppm - ok
23:31:29.0359 4164	Intels51        (cb5c2935491f0f998f1b62bffa258464) C:\WINDOWS\system32\DRIVERS\ctxs51.sys
23:31:29.0546 4164	Intels51 - ok
23:31:29.0593 4164	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:31:29.0750 4164	Ip6Fw - ok
23:31:29.0781 4164	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:31:30.0015 4164	IpFilterDriver - ok
23:31:30.0062 4164	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:31:30.0218 4164	IpInIp - ok
23:31:30.0312 4164	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:31:30.0468 4164	IpNat - ok
23:31:30.0828 4164	iPod Service    (0ca8c2e721617aa2f923a8151c96fb33) C:\Archivos de programa\iPod\bin\iPodService.exe
23:31:31.0031 4164	iPod Service - ok
23:31:31.0093 4164	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:31:31.0250 4164	IPSec - ok
23:31:31.0281 4164	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:31:31.0437 4164	IRENUM - ok
23:31:31.0484 4164	isapnp          (0f3d281b0410fe5d482aada37d20524b) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:31:31.0703 4164	isapnp - ok
23:31:31.0843 4164	JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Archivos de programa\Java\jre6\bin\jqs.exe
23:31:31.0875 4164	JavaQuickStarterService - ok
23:31:31.0906 4164	Kbdclass        (188ddd286bc0daea6984858c6a4d7bbf) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:31:32.0078 4164	Kbdclass - ok
23:31:32.0125 4164	kbdhid          (72efebecf76eb1dccc5ba9ea746d90e8) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:31:32.0296 4164	kbdhid - ok
23:31:32.0375 4164	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:31:32.0609 4164	kmixer - ok
23:31:32.0703 4164	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:31:32.0734 4164	KSecDD - ok
23:31:32.0781 4164	L8042Kbd        (0c6e346cde730cf1356dd69ad6e9bc42) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
23:31:32.0796 4164	L8042Kbd - ok
23:31:32.0859 4164	L8042mou        (8a5993705add14352c9a279fa8338334) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
23:31:32.0875 4164	L8042mou - ok
23:31:32.0968 4164	lanmanserver    (ccfc469efd7ecddc8fc887bae7b8563f) C:\WINDOWS\System32\srvsvc.dll
23:31:33.0015 4164	lanmanserver - ok
23:31:33.0093 4164	lanmanworkstation (3db7b764f5066587dae58a71ae51292e) C:\WINDOWS\System32\wkssvc.dll
23:31:33.0140 4164	lanmanworkstation - ok
23:31:33.0156 4164	lbrtfdc - ok
23:31:33.0296 4164	LBTServ         (3af6b73a3ad1fc37c5933441f66ceb91) C:\Archivos de programa\Archivos comunes\Logitech\Bluetooth\LBTServ.exe
23:31:33.0328 4164	LBTServ - ok
23:31:33.0375 4164	LHidFilt        (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:31:33.0390 4164	LHidFilt - ok
23:31:33.0453 4164	lirsgt          (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
23:31:33.0468 4164	lirsgt ( UnsignedFile.Multi.Generic ) - warning
23:31:33.0468 4164	lirsgt - detected UnsignedFile.Multi.Generic (1)
23:31:33.0578 4164	LmHosts         (01af2112ff79aa613b6621a75c4e9277) C:\WINDOWS\System32\lmhsvc.dll
23:31:33.0750 4164	LmHosts - ok
23:31:33.0812 4164	LMouFilt        (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:31:33.0828 4164	LMouFilt - ok
23:31:33.0890 4164	LMouKE          (9837e55673818ecd8febb47f7f77521a) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
23:31:33.0906 4164	LMouKE - ok
23:31:33.0953 4164	LUsbFilt        (77030525cd86a93f1af34fa9b96d33ce) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
23:31:33.0984 4164	LUsbFilt - ok
23:31:34.0031 4164	LVUSBSta        (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
23:31:34.0062 4164	LVUSBSta - ok
23:31:34.0109 4164	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
23:31:34.0140 4164	MBAMProtector - ok
23:31:34.0421 4164	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
23:31:34.0625 4164	MBAMService - ok
23:31:35.0406 4164	McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:35.0437 4164	McAfee SiteAdvisor Service - ok
23:31:35.0453 4164	McMPFSvc        (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:35.0468 4164	McMPFSvc - ok
23:31:35.0484 4164	mcmscsvc        (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:35.0562 4164	mcmscsvc - ok
23:31:35.0562 4164	McNaiAnn        (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:35.0593 4164	McNaiAnn - ok
23:31:35.0609 4164	McNASvc         (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:35.0640 4164	McNASvc - ok
23:31:37.0437 4164	McODS           (135aa9e9e7047b7dc1f753205d421a26) C:\Archivos de programa\McAfee\VirusScan\mcods.exe
23:31:37.0578 4164	McODS - ok
23:31:37.0578 4164	McProxy         (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:37.0609 4164	McProxy - ok
23:31:40.0703 4164	McPvDrv         (000751813ecef491689176e72b3a8bee) C:\WINDOWS\system32\drivers\McPvDrv.sys
23:31:40.0734 4164	McPvDrv - ok
23:31:40.0859 4164	McShield        (593fa4c378818ece76ba64a11ad56cf2) C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mcshield.exe
23:31:40.0890 4164	McShield - ok
23:31:41.0109 4164	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
23:31:41.0140 4164	MDM - ok
23:31:41.0187 4164	Messenger       (047e70b04b288439245ddc8dd1a31982) C:\WINDOWS\System32\msgsvc.dll
23:31:41.0359 4164	Messenger - ok
23:31:41.0437 4164	mfeapfk         (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
23:31:41.0453 4164	mfeapfk - ok
23:31:41.0562 4164	mfeavfk         (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
23:31:41.0593 4164	mfeavfk - ok
23:31:41.0609 4164	mfeavfk01 - ok
23:31:41.0656 4164	mfebopk         (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
23:31:41.0671 4164	mfebopk - ok
23:31:41.0750 4164	mfefire         (7e1f8b1bdc8240f08bd358b3a466c005) C:\Archivos de programa\Archivos comunes\McAfee\SystemCore\\mfefire.exe
23:31:41.0781 4164	mfefire - ok
23:31:41.0953 4164	mfefirek        (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
23:31:42.0046 4164	mfefirek - ok
23:31:42.0265 4164	mfehidk         (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
23:31:42.0390 4164	mfehidk - ok
23:31:42.0468 4164	mfendisk        (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:31:42.0546 4164	mfendisk - ok
23:31:42.0562 4164	mfendiskmp      (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:31:42.0593 4164	mfendiskmp - ok
23:31:42.0671 4164	mferkdet        (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
23:31:42.0687 4164	mferkdet - ok
23:31:42.0750 4164	mfetdi2k        (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
23:31:42.0781 4164	mfetdi2k - ok
23:31:42.0859 4164	mfevtp          (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
23:31:42.0875 4164	mfevtp - ok
23:31:42.0921 4164	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:31:43.0140 4164	mnmdd - ok
23:31:43.0203 4164	mnmsrvc         (85ada209695a677c9d60962cde10696b) C:\WINDOWS\system32\mnmsrvc.exe
23:31:43.0375 4164	mnmsrvc - ok
23:31:43.0593 4164	MOBKbackup      (35176fa09a0fc58db630991a81a0ba39) C:\Archivos de programa\McAfee Online Backup\MOBKbackup.exe
23:31:43.0609 4164	MOBKbackup - ok
23:31:43.0687 4164	MOBKFilter      (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys
23:31:43.0703 4164	MOBKFilter - ok
23:31:43.0765 4164	Modem           (9024556e739b8469d2b8f5f0e4c9bc9f) C:\WINDOWS\system32\drivers\Modem.sys
23:31:43.0921 4164	Modem - ok
23:31:43.0953 4164	motmodem        (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
23:31:44.0015 4164	motmodem - ok
23:31:44.0046 4164	Mouclass        (6fd36b4994a2363659a65c9f970cfdb7) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:31:44.0203 4164	Mouclass - ok
23:31:44.0250 4164	mouhid          (8ee532e516b2d23d686cfc1cc0a15c25) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:31:44.0468 4164	mouhid - ok
23:31:44.0500 4164	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:31:44.0687 4164	MountMgr - ok
23:31:44.0703 4164	mraid35x - ok
23:31:44.0812 4164	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:31:44.0984 4164	MRxDAV - ok
23:31:45.0156 4164	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:31:45.0296 4164	MRxSmb - ok
23:31:45.0328 4164	MSDTC           (975bd2762bf355a572597cc54d97ba93) C:\WINDOWS\system32\msdtc.exe
23:31:45.0468 4164	MSDTC - ok
23:31:45.0531 4164	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:31:45.0687 4164	Msfs - ok
23:31:45.0703 4164	MSIServer - ok
23:31:45.0875 4164	MSK80Service    (7e6932eeda54c8eaf7dc6c2225261b85) C:\Archivos de programa\Archivos comunes\Mcafee\McSvcHost\McSvHost.exe
23:31:45.0906 4164	MSK80Service - ok
23:31:45.0953 4164	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:31:46.0109 4164	MSKSSRV - ok
23:31:46.0140 4164	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:31:46.0296 4164	MSPCLOCK - ok
23:31:46.0328 4164	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:31:46.0468 4164	MSPQM - ok
23:31:46.0531 4164	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:31:46.0671 4164	mssmbios - ok
23:31:46.0687 4164	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
23:31:46.0859 4164	MSTEE - ok
23:31:46.0890 4164	ms_mpu401       (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
23:31:47.0109 4164	ms_mpu401 - ok
23:31:47.0171 4164	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:31:47.0203 4164	Mup - ok
23:31:47.0234 4164	MxlW2k          (19dd5c581eef70134ccef87d626f4417) C:\WINDOWS\system32\drivers\MxlW2k.sys
23:31:47.0265 4164	MxlW2k ( UnsignedFile.Multi.Generic ) - warning
23:31:47.0265 4164	MxlW2k - detected UnsignedFile.Multi.Generic (1)
23:31:47.0328 4164	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:31:47.0468 4164	NABTSFEC - ok
23:31:47.0656 4164	napagent        (fd578fcc03bbd76af1e62202e6670d29) C:\WINDOWS\System32\qagentrt.dll
23:31:47.0828 4164	napagent - ok
23:31:47.0906 4164	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:31:48.0078 4164	NDIS - ok
23:31:48.0109 4164	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:31:48.0250 4164	NdisIP - ok
23:31:48.0312 4164	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:31:48.0343 4164	NdisTapi - ok
23:31:48.0390 4164	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:31:48.0562 4164	Ndisuio - ok
23:31:48.0625 4164	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:31:48.0796 4164	NdisWan - ok
23:31:48.0859 4164	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:31:48.0875 4164	NDProxy - ok
23:31:48.0921 4164	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:31:49.0093 4164	NetBIOS - ok
23:31:49.0171 4164	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:31:49.0343 4164	NetBT - ok
23:31:49.0406 4164	NetDDE          (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe
23:31:49.0609 4164	NetDDE - ok
23:31:49.0625 4164	NetDDEdsdm      (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe
23:31:49.0765 4164	NetDDEdsdm - ok
23:31:49.0812 4164	Netlogon        (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
23:31:49.0968 4164	Netlogon - ok
23:31:50.0078 4164	Netman          (a48884c9359ee9f1fc8f3f0d93fb1d95) C:\WINDOWS\System32\netman.dll
23:31:50.0218 4164	Netman - ok
23:31:50.0390 4164	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:31:50.0406 4164	NetTcpPortSharing - ok
23:31:50.0453 4164	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:31:50.0656 4164	NIC1394 - ok
23:31:50.0781 4164	Nla             (5e11d375c92a0dda7ac4d487fc4e1978) C:\WINDOWS\System32\mswsock.dll
23:31:50.0843 4164	Nla - ok
23:31:50.0906 4164	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:31:51.0046 4164	Npfs - ok
23:31:51.0265 4164	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:31:51.0562 4164	Ntfs - ok
23:31:51.0625 4164	NtLmSsp         (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
23:31:51.0781 4164	NtLmSsp - ok
23:31:51.0968 4164	NtmsSvc         (d60c40d71a4d874c903255e4827afa0c) C:\WINDOWS\system32\ntmssvc.dll
23:31:52.0234 4164	NtmsSvc - ok
23:31:52.0281 4164	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:31:52.0500 4164	Null - ok
23:31:53.0062 4164	nv              (1685a86ce8dc5a70d307dca625fb50e7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:31:53.0453 4164	nv - ok
23:31:53.0843 4164	NVSvc           (697a09635e30d3722e1124ec33face15) C:\WINDOWS\system32\nvsvc32.exe
23:31:53.0906 4164	NVSvc - ok
23:31:53.0984 4164	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:31:54.0156 4164	NwlnkFlt - ok
23:31:54.0187 4164	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:31:54.0375 4164	NwlnkFwd - ok
23:31:54.0437 4164	odysseyIM3      (dd03bdd1459d1966ee640f63221c175a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
23:31:54.0453 4164	odysseyIM3 - ok
23:31:54.0546 4164	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:31:54.0703 4164	ohci1394 - ok
23:31:54.0781 4164	ossrv           (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
23:31:54.0828 4164	ossrv - ok
23:31:55.0250 4164	P17             (df886ffed69aead0cf608b89b18c3f6f) C:\WINDOWS\system32\drivers\P17.sys
23:31:55.0640 4164	P17 - ok
23:31:56.0203 4164	p17filt         (71ddb3a663ddce1651cfe35993fb1c31) C:\WINDOWS\system32\drivers\p17filt.sys
23:31:56.0640 4164	p17filt ( UnsignedFile.Multi.Generic ) - warning
23:31:56.0640 4164	p17filt - detected UnsignedFile.Multi.Generic (1)
23:31:57.0031 4164	Parport         (e7855cbd8bd1fda085a3f92cff7906e2) C:\WINDOWS\system32\DRIVERS\parport.sys
23:31:57.0203 4164	Parport - ok
23:31:57.0234 4164	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:31:57.0390 4164	PartMgr - ok
23:31:57.0437 4164	ParVdm          (fad44d704ecd7d39ad01415b8bb34204) C:\WINDOWS\system32\drivers\ParVdm.sys
23:31:57.0671 4164	ParVdm - ok
23:31:57.0734 4164	PCI             (f11bc84ae6c7b003b5e0c8eeb4a1f444) C:\WINDOWS\system32\DRIVERS\pci.sys
23:31:57.0890 4164	PCI - ok
23:31:57.0906 4164	PCIDump - ok
23:31:57.0921 4164	PCIIde          (33d63f0a9021acb4d75d83b646b93a30) C:\WINDOWS\system32\drivers\PCIIde.sys
23:31:58.0140 4164	PCIIde - ok
23:31:58.0218 4164	Pcmcia          (f50c27cca56dc97b3a45e7f0059bd2ba) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:31:58.0359 4164	Pcmcia - ok
23:31:58.0421 4164	pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
23:31:58.0421 4164	pcouffin ( UnsignedFile.Multi.Generic ) - warning
23:31:58.0421 4164	pcouffin - detected UnsignedFile.Multi.Generic (1)
23:31:58.0437 4164	PDCOMP - ok
23:31:58.0453 4164	PDFRAME - ok
23:31:58.0468 4164	PDRELI - ok
23:31:58.0484 4164	PDRFRAME - ok
23:31:58.0500 4164	perc2 - ok
23:31:58.0515 4164	perc2hib - ok
23:31:58.0593 4164	pfc             (c4aa89518e8a2934eaf503c9587ff157) C:\WINDOWS\system32\drivers\pfc.sys
23:31:58.0609 4164	pfc ( UnsignedFile.Multi.Generic ) - warning
23:31:58.0609 4164	pfc - detected UnsignedFile.Multi.Generic (1)
23:31:58.0750 4164	PhilCam8116     (1d42251b1d310dba58837a63deef860d) C:\WINDOWS\system32\DRIVERS\CamDrL21.sys
23:31:58.0843 4164	PhilCam8116 ( UnsignedFile.Multi.Generic ) - warning
23:31:58.0843 4164	PhilCam8116 - detected UnsignedFile.Multi.Generic (1)
23:31:58.0875 4164	PhTVTune        (db44c88e83fe085ebb30bf466d67a46c) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
23:31:58.0906 4164	PhTVTune - ok
23:31:58.0984 4164	PlugPlay        (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe
23:31:59.0046 4164	PlugPlay - ok
23:31:59.0093 4164	PolicyAgent     (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
23:31:59.0234 4164	PolicyAgent - ok
23:31:59.0281 4164	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:31:59.0453 4164	PptpMiniport - ok
23:31:59.0515 4164	prodrv06        (f2e3c8f1eb6ba0733e0a1f6373df7957) C:\WINDOWS\System32\drivers\prodrv06.sys
23:31:59.0578 4164	prodrv06 ( UnsignedFile.Multi.Generic ) - warning
23:31:59.0578 4164	prodrv06 - detected UnsignedFile.Multi.Generic (1)
23:31:59.0656 4164	prohlp02        (150307b52807d0c493c605ab913038ad) C:\WINDOWS\system32\drivers\prohlp02.sys
23:31:59.0656 4164	prohlp02 ( UnsignedFile.Multi.Generic ) - warning
23:31:59.0656 4164	prohlp02 - detected UnsignedFile.Multi.Generic (1)
23:31:59.0687 4164	prosync1        (f3471e7971ee62420451d958da635064) C:\WINDOWS\system32\drivers\prosync1.sys
23:31:59.0703 4164	prosync1 ( UnsignedFile.Multi.Generic ) - warning
23:31:59.0703 4164	prosync1 - detected UnsignedFile.Multi.Generic (1)
23:31:59.0718 4164	ProtectedStorage (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
23:31:59.0859 4164	ProtectedStorage - ok
23:31:59.0906 4164	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:32:00.0078 4164	PSched - ok
23:32:00.0109 4164	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:32:00.0296 4164	Ptilink - ok
23:32:00.0312 4164	PxHelp20 - ok
23:32:00.0328 4164	ql1080 - ok
23:32:00.0343 4164	Ql10wnt - ok
23:32:00.0359 4164	ql12160 - ok
23:32:00.0375 4164	ql1240 - ok
23:32:00.0390 4164	ql1280 - ok
23:32:00.0421 4164	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:32:00.0640 4164	RasAcd - ok
23:32:00.0718 4164	RasAuto         (8345c6f52f38a95b950b9b3d064ae3ee) C:\WINDOWS\System32\rasauto.dll
23:32:00.0859 4164	RasAuto - ok
23:32:00.0906 4164	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:32:01.0062 4164	Rasl2tp - ok
23:32:01.0156 4164	RasMan          (b279f6a9ea3acb5844c103ed2db65b44) C:\WINDOWS\System32\rasmans.dll
23:32:01.0312 4164	RasMan - ok
23:32:01.0359 4164	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:32:01.0515 4164	RasPppoe - ok
23:32:01.0578 4164	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:32:01.0781 4164	Raspti - ok
23:32:01.0875 4164	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:32:02.0062 4164	Rdbss - ok
23:32:02.0078 4164	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:32:02.0296 4164	RDPCDD - ok
23:32:02.0375 4164	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
23:32:02.0421 4164	RDPWD - ok
23:32:02.0500 4164	RDSessMgr       (6193e6b05336c277ea4db39afa46bc23) C:\WINDOWS\system32\sessmgr.exe
23:32:02.0718 4164	RDSessMgr - ok
23:32:02.0781 4164	redbook         (20950948970a0ea329b4254052bcf093) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:32:02.0953 4164	redbook - ok
23:32:03.0000 4164	RemoteAccess    (1b7481d377bd7997452352f82f4cffed) C:\WINDOWS\System32\mprdim.dll
23:32:03.0156 4164	RemoteAccess - ok
23:32:03.0187 4164	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
23:32:03.0390 4164	ROOTMODEM - ok
23:32:03.0453 4164	RpcLocator      (9fccbdbaa0cf915aac0132de1c9566b3) C:\WINDOWS\system32\locator.exe
23:32:03.0671 4164	RpcLocator - ok
23:32:03.0875 4164	RpcSs           (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll
23:32:04.0015 4164	RpcSs - ok
23:32:04.0093 4164	RSVP            (5e38212c2c00dc342e2281d2f6bfb746) C:\WINDOWS\system32\rsvp.exe
23:32:04.0296 4164	RSVP - ok
23:32:04.0421 4164	RTLWUSB         (edcd7c87beee635db2dda09d46359daa) C:\WINDOWS\system32\DRIVERS\RTL8187.sys
23:32:04.0453 4164	RTLWUSB - ok
23:32:04.0500 4164	SamSs           (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
23:32:04.0750 4164	SamSs - ok
23:32:04.0890 4164	SASDIFSV        (39763504067962108505bff25f024345) C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS
23:32:04.0906 4164	SASDIFSV - ok
23:32:04.0953 4164	SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS
23:32:04.0984 4164	SASKUTIL - ok
23:32:05.0062 4164	SCardSvr        (a50e4dd0e2a9df762807c84153b4953a) C:\WINDOWS\System32\SCardSvr.exe
23:32:05.0218 4164	SCardSvr - ok
23:32:05.0328 4164	Schedule        (51be25c404d3dd344c6079de715e4977) C:\WINDOWS\system32\schedsvc.dll
23:32:05.0468 4164	Schedule - ok
23:32:05.0640 4164	SeaPort         (cc781378e7eda615d2cdca3b17829fa4) C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE
23:32:05.0671 4164	SeaPort - ok
23:32:05.0718 4164	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:32:05.0875 4164	Secdrv - ok
23:32:05.0921 4164	seclogon        (b62c489373a1e1b949fc0faa90f3b47a) C:\WINDOWS\System32\seclogon.dll
23:32:06.0078 4164	seclogon - ok
23:32:06.0125 4164	SENS            (a95a27c874b0931a6f8f656924f4a14a) C:\WINDOWS\system32\sens.dll
23:32:06.0281 4164	SENS - ok
23:32:06.0328 4164	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:32:06.0484 4164	serenum - ok
23:32:06.0546 4164	Serial          (f41b42b92ae9c1191858c3f80cc24a9c) C:\WINDOWS\system32\DRIVERS\serial.sys
23:32:06.0703 4164	Serial - ok
23:32:06.0796 4164	sfdrv01         (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys
23:32:06.0828 4164	sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
23:32:06.0828 4164	sfdrv01 - detected UnsignedFile.Multi.Generic (1)
23:32:06.0859 4164	sfhlp01         (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
23:32:06.0875 4164	sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
23:32:06.0875 4164	sfhlp01 - detected UnsignedFile.Multi.Generic (1)
23:32:06.0890 4164	sfhlp02         (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys
23:32:06.0921 4164	sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
23:32:06.0921 4164	sfhlp02 - detected UnsignedFile.Multi.Generic (1)
23:32:06.0953 4164	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:32:07.0109 4164	Sfloppy - ok
23:32:07.0156 4164	sfsync04        (05e3038180cd846b0bca0e915163606a) C:\WINDOWS\system32\drivers\sfsync04.sys
23:32:07.0171 4164	sfsync04 ( UnsignedFile.Multi.Generic ) - warning
23:32:07.0171 4164	sfsync04 - detected UnsignedFile.Multi.Generic (1)
23:32:07.0328 4164	SharedAccess    (4a4ef3ee166fad4a04b1d767ad986329) C:\WINDOWS\System32\ipnathlp.dll
23:32:07.0609 4164	SharedAccess - ok
23:32:07.0734 4164	ShellHWDetection (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
23:32:07.0765 4164	ShellHWDetection - ok
23:32:07.0765 4164	Simbad - ok
23:32:07.0828 4164	sisagp          (941f2dd2cf7f5558d52c62c5fa2cdc06) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
23:32:07.0859 4164	sisagp - ok
23:32:07.0890 4164	SiSide          (8677416e17da730d1bda1c5263d6b1bd) C:\WINDOWS\system32\DRIVERS\siside.sys
23:32:07.0921 4164	SiSide - ok
23:32:07.0953 4164	SISNIC          (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
23:32:08.0093 4164	SISNIC - ok
23:32:08.0125 4164	SISNICXP        (47f39481bc8941e0d51601a85691448d) C:\WINDOWS\system32\DRIVERS\sisnicxp.sys
23:32:08.0156 4164	SISNICXP - ok
23:32:08.0171 4164	SjyPkt - ok
23:32:08.0218 4164	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:32:08.0375 4164	SLIP - ok
23:32:08.0406 4164	Sparrow - ok
23:32:08.0453 4164	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:32:08.0609 4164	splitter - ok
23:32:08.0671 4164	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:32:08.0718 4164	Spooler - ok
23:32:08.0781 4164	sr              (ccb3065c3ee63a4515fe84af9e78d1dd) C:\WINDOWS\system32\DRIVERS\sr.sys
23:32:08.0921 4164	sr - ok
23:32:09.0031 4164	srservice       (0f30eec6013fcf76693405ec4a7df899) C:\WINDOWS\system32\srsvc.dll
23:32:09.0171 4164	srservice - ok
23:32:09.0343 4164	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:32:09.0453 4164	Srv - ok
23:32:09.0515 4164	SSDPSRV         (b622a432ef02895de4aa38ac8b85fa4c) C:\WINDOWS\System32\ssdpsrv.dll
23:32:09.0703 4164	SSDPSRV - ok
23:32:09.0765 4164	SSHDRV76        (ef3504dd32e2ea222be0cbc9a0895f89) C:\WINDOWS\system32\drivers\SSHDRV76.sys
23:32:09.0765 4164	SSHDRV76 ( UnsignedFile.Multi.Generic ) - warning
23:32:09.0765 4164	SSHDRV76 - detected UnsignedFile.Multi.Generic (1)
23:32:09.0984 4164	StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:32:10.0015 4164	StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
23:32:10.0015 4164	StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
23:32:10.0156 4164	stisvc          (7226422c95fdf8aa6092ee964912b0df) C:\WINDOWS\system32\wiaservc.dll
23:32:10.0406 4164	stisvc - ok
23:32:10.0453 4164	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:32:10.0640 4164	streamip - ok
23:32:10.0671 4164	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:32:10.0843 4164	swenum - ok
23:32:10.0890 4164	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:32:11.0031 4164	swmidi - ok
23:32:11.0046 4164	SwPrv - ok
23:32:11.0078 4164	symc810 - ok
23:32:11.0093 4164	symc8xx - ok
23:32:11.0109 4164	sym_hi - ok
23:32:11.0125 4164	sym_u3 - ok
23:32:11.0265 4164	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:32:11.0515 4164	sysaudio - ok
23:32:11.0609 4164	SysmonLog       (f1f6ee807f0112aae2259b253b6ddf89) C:\WINDOWS\system32\smlogsvc.exe
23:32:11.0750 4164	SysmonLog - ok
23:32:12.0203 4164	TapiSrv         (04a5b8ea326951db27df60a14f2999ff) C:\WINDOWS\System32\tapisrv.dll
23:32:12.0390 4164	TapiSrv - ok
23:32:12.0859 4164	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:32:13.0109 4164	Tcpip - ok
23:32:13.0343 4164	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:32:13.0609 4164	TDPIPE - ok
23:32:13.0656 4164	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:32:13.0890 4164	TDTCP - ok
23:32:13.0984 4164	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:32:14.0234 4164	TermDD - ok
23:32:15.0046 4164	TermService     (288b20d56d5f0ec4bcc77fbfa5a81740) C:\WINDOWS\System32\termsrv.dll
23:32:15.0250 4164	TermService - ok
23:32:15.0750 4164	Themes          (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
23:32:15.0781 4164	Themes - ok
23:32:15.0796 4164	TosIde - ok
23:32:16.0187 4164	TrkWks          (321761d0d12ee5285ce79ac175cba672) C:\WINDOWS\system32\trkwks.dll
23:32:16.0359 4164	TrkWks - ok
23:32:16.0421 4164	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:32:16.0609 4164	Udfs - ok
23:32:16.0625 4164	ultra - ok
23:32:16.0812 4164	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:32:17.0046 4164	Update - ok
23:32:17.0125 4164	upnphost        (7594203f459abdb5fe53c08d6b1bd53b) C:\WINDOWS\System32\upnphost.dll
23:32:17.0312 4164	upnphost - ok
23:32:17.0328 4164	UPS             (575bafeb33af057b13a10579d0dc884a) C:\WINDOWS\System32\ups.exe
23:32:17.0500 4164	UPS - ok
23:32:17.0609 4164	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
23:32:17.0765 4164	usbaudio - ok
23:32:17.0796 4164	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:32:17.0968 4164	usbccgp - ok
23:32:18.0000 4164	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:32:18.0171 4164	usbehci - ok
23:32:18.0203 4164	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:32:18.0375 4164	usbhub - ok
23:32:18.0406 4164	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:32:18.0593 4164	usbohci - ok
23:32:18.0640 4164	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:32:18.0781 4164	usbprint - ok
23:32:18.0828 4164	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:32:18.0984 4164	usbscan - ok
23:32:19.0031 4164	usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
23:32:19.0203 4164	usbser - ok
23:32:19.0234 4164	usbsermpt       (caad3467fbfae8a380f67e9c7150a85e) C:\WINDOWS\system32\DRIVERS\usbsermpt.sys
23:32:19.0250 4164	usbsermpt ( UnsignedFile.Multi.Generic ) - warning
23:32:19.0250 4164	usbsermpt - detected UnsignedFile.Multi.Generic (1)
23:32:19.0281 4164	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:32:19.0437 4164	USBSTOR - ok
23:32:19.0453 4164	usb_rndisx      (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
23:32:19.0640 4164	usb_rndisx - ok
23:32:19.0671 4164	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:32:19.0843 4164	VgaSave - ok
23:32:19.0843 4164	ViaIde - ok
23:32:19.0906 4164	VolSnap         (c41ffdc191e6c832e2e53c967eae0a16) C:\WINDOWS\system32\drivers\VolSnap.sys
23:32:20.0062 4164	VolSnap - ok
23:32:20.0203 4164	VSS             (60f28de3fae525d026e4d66405b80db8) C:\WINDOWS\System32\vssvc.exe
23:32:20.0359 4164	VSS - ok
23:32:20.0468 4164	W32Time         (c71cfacdbfadd819736f61f5738bddc1) C:\WINDOWS\system32\w32time.dll
23:32:20.0687 4164	W32Time - ok
23:32:20.0734 4164	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:32:20.0875 4164	Wanarp - ok
23:32:21.0203 4164	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:32:21.0312 4164	Wdf01000 - ok
23:32:21.0328 4164	WDICA - ok
23:32:21.0390 4164	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:32:21.0562 4164	wdmaud - ok
23:32:21.0640 4164	WebClient       (340a4fd9017d1ebd1f6dc435282a39dc) C:\WINDOWS\System32\webclnt.dll
23:32:21.0796 4164	WebClient - ok
23:32:21.0921 4164	WinDefend       (f45dd1e1365d857dd08bc23563370d0e) C:\Archivos de programa\Windows Defender\MsMpEng.exe
23:32:21.0937 4164	WinDefend - ok
23:32:22.0093 4164	winmgmt         (a5fc75cab140cf6a78e16c3681001872) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:32:22.0265 4164	winmgmt - ok
23:32:22.0687 4164	WinRM           (644d9e863192cd94a448bbc0930bc91f) C:\WINDOWS\system32\WsmSvc.dll
23:32:23.0046 4164	WinRM - ok
23:32:23.0718 4164	wlidsvc         (5144ae67d60ec653f97ddf3feed29e77) c:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:32:24.0171 4164	wlidsvc - ok
23:32:24.0343 4164	WLSetupSvc      (94a85e956a065e23e0010a6a7826243b) C:\Archivos de programa\Windows Live\installer\WLSetupSvc.exe
23:32:24.0375 4164	WLSetupSvc ( UnsignedFile.Multi.Generic ) - warning
23:32:24.0375 4164	WLSetupSvc - detected UnsignedFile.Multi.Generic (1)
23:32:24.0718 4164	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:32:24.0734 4164	WmdmPmSN - ok
23:32:24.0875 4164	WmiApSrv        (ca1a5270acc0062b13f62ca5a0cd8da8) C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:32:25.0046 4164	WmiApSrv - ok
23:32:25.0437 4164	WMPNetworkSvc   (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Archivos de programa\Windows Media Player\WMPNetwk.exe
23:32:25.0796 4164	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
23:32:25.0796 4164	WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
23:32:26.0218 4164	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:32:26.0421 4164	WPFFontCache_v0400 - ok
23:32:26.0750 4164	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:32:26.0968 4164	WS2IFSL - ok
23:32:27.0046 4164	wscsvc          (8cd684fd248dfe208c2f8f5052838a81) C:\WINDOWS\system32\wscsvc.dll
23:32:27.0203 4164	wscsvc - ok
23:32:27.0218 4164	WSearch - ok
23:32:27.0265 4164	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:32:27.0406 4164	WSTCODEC - ok
23:32:27.0453 4164	wuauserv        (0b8fc4d0f9d6964713e81ad558b50a71) C:\WINDOWS\system32\wuauserv.dll
23:32:27.0640 4164	wuauserv - ok
23:32:27.0703 4164	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:32:27.0734 4164	WudfPf - ok
23:32:27.0812 4164	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:32:27.0859 4164	WudfRd - ok
23:32:27.0906 4164	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
23:32:27.0937 4164	WudfSvc - ok
23:32:28.0140 4164	WZCSVC          (d2caf9ff9da12f0cc6398c6e331015e4) C:\WINDOWS\System32\wzcsvc.dll
23:32:28.0421 4164	WZCSVC - ok
23:32:28.0484 4164	xmlprov         (14fdadcf05a37582399daf1da1de1c7b) C:\WINDOWS\System32\xmlprov.dll
23:32:28.0687 4164	xmlprov - ok
23:32:28.0781 4164	MBR (0x1B8)     (3cc9cb9c659aaf8f62ba7b8310dbe906) \Device\Harddisk0\DR0
23:32:29.0546 4164	\Device\Harddisk0\DR0 - ok
23:32:29.0562 4164	MBR (0x1B8)     (23b571400a29918f5392f6e85eeb756e) \Device\Harddisk1\DR4
23:32:29.0734 4164	\Device\Harddisk1\DR4 - ok
23:32:29.0750 4164	Boot (0x1200)   (341ee9772c3d786e242d7aca64a16ef8) \Device\Harddisk0\DR0\Partition0
23:32:29.0750 4164	\Device\Harddisk0\DR0\Partition0 - ok
23:32:29.0765 4164	Boot (0x1200)   (23dbb52168093a79144fac6e0d79b5a8) \Device\Harddisk1\DR4\Partition0
23:32:29.0765 4164	\Device\Harddisk1\DR4\Partition0 - ok
23:32:29.0765 4164	============================================================
23:32:29.0765 4164	Scan finished
23:32:29.0765 4164	============================================================
23:32:29.0890 4608	Detected object count: 32
23:32:29.0890 4608	Actual detected object count: 32
23:32:31.0859 4608	A4SII300 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0859 4608	A4SII300 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0859 4608	AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0859 4608	AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0875 4608	ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0875 4608	ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0875 4608	BjsPort ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0875 4608	BjsPort ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0875 4608	CBTNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0875 4608	CBTNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0875 4608	Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0875 4608	Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0875 4608	crlscsi ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0875 4608	crlscsi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0875 4608	ExterminateIt ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0875 4608	ExterminateIt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0890 4608	Imagedrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0890 4608	Imagedrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0890 4608	InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0890 4608	InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0890 4608	InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0890 4608	InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0890 4608	InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0890 4608	InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0890 4608	incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0890 4608	incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0890 4608	InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0890 4608	InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0906 4608	lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0906 4608	lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0906 4608	MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0906 4608	MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0906 4608	p17filt ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0906 4608	p17filt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0906 4608	pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0906 4608	pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0906 4608	pfc ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0906 4608	pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0906 4608	PhilCam8116 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0906 4608	PhilCam8116 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	sfsync04 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	sfsync04 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	SSHDRV76 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	SSHDRV76 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	usbsermpt ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0921 4608	usbsermpt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0921 4608	WLSetupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0937 4608	WLSetupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:31.0937 4608	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:31.0937 4608	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:34.0203 4964	Deinitialize success

Was soll ich als nächstes machen ?

21.06.2012, 12:03	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	2. Google Umleitung auf "secure.bidvertiser" Malwarebytes speichert alle Logs im Reiter Logdatein Ist das denn so unscheinbar und leicht zu übersehen? Sollte doch irgendwie auf der Hand liegen, dass ein Anti-Malwaretool seine eigenen Logs auch selbst verwalten kann __________________ Logfiles bitte immer in CODE-Tags posten

21.06.2012, 14:33	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	2. Google Umleitung auf "secure.bidvertiser" Ja ist ja schon gut ......bitte aber lass das Posten von zig Ausrufezeichen oder bring deine Tastatur zum Reparaturservice wenn die Tasten klemmen __________________ Logfiles bitte immer in CODE-Tags posten

21.06.2012, 19:18	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	2. Google Umleitung auf "secure.bidvertiser" Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

2. Google Umleitung auf "secure.bidvertiser"

Log-Analyse und Auswertung: 2. Google Umleitung auf "secure.bidvertiser"