Hacker sin internet

Buenas, voy a intentar ayudarte, primeramente hay que descartar que realmente te hayan podido hackear ya que lo primero es ver si es causa de algún tipo de Virus, Troyano, Malware… que a veces suelen dar síntomas parecidos.

Te comento, generalmente, todos los software que van controlados por Medio de Control Remoto necesitan la conexión a Internet para poder controlar e interactuar con otro ordenador, excepto algunas excepciones, pero para eso ya se tendrían que aplicar otros métodos más sofisticados.

También quiero saber los síntomas que presenta tu ordenador para descartar el que hayas podido ser hackeada y si pudiera tener saber más información al respecto para poder intentar ayudarte mejor con respecto a tu problema que te está ocurriendo.

Me gustaría saber qué me comentaras que síntomas presenta tu ordenador para afirmar que estas siendo hackeada para poder conocer mejor el problema que te puede estar ocasionando en tu ordenador.

Necesitaría saber que Sistema Operativo tienes instalado en tu ordenador, seguidamente que Sistemas de Seguridad tienes instalados (Antivirus, Limpiadores y optimizadores, Antitroyanos si los tuvieras instalados y todos aquellos Sistemas de Seguridad que tuvieras en tu ordenador. También necesito saber si has instalado algún programa reciente y/o últimamente y si alguna persona te ha cogido tu ordenador o le has prestado tu ordenador a alguien sin que tu te hayas podido percatar de ello.

También necesitaría saber la Marca y Modelo de tu ordenador para poder ver sus características y poder ayudarte mejor.

Una vez me mandes toda esa información te puedo intentar ayudar para ver si te puedo solucionar dicho problema.

Hola, buenas @Odontologia y con permiso de @chicloi

@chicloi le voy a solicitar al user que traiga un reporte de IFS pues el reporte de esta herramienta ya que te facilitará mucha información varía que le has preguntado a la user.

0) Descarga IFS

  • Desactiva tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
  • Cierra todos los programas que tengas abiertos.
  • Ejecuta IFS.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
  • Pulsar en el botón Analizar, y espera a que se realice el proceso. Puede tardar varios minutos.
  • Al terminar se abrirá un informe, lo adjuntas en tu próxima respuesta (puedes encontrarlo en C:\IFS.log).
  • Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

Traes el reporte de IFS en tu próxima respuesta.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2 y sigues tu @chicloi

En cuanto tengas el reporte de IFS lo reflejas por aquí como te ha dicho mi compañero.

Buenas noches a ambos:

   antes que nada gracias por la colaboracion.

Para contestar todas las preguntas iniciales.: La computadora estuvo en conexion remota, se prendió la camara por unos segundos el primer dia que la apagué cerrando la tapa, eso fué el dia que nos dimos cuenta que se estaban ejecutando ventanas mientras estaban abiertas otras, en ese momento se pusieron a leer un archivo en drive. Y como mi hijo queria ver unos dibujos se abrio una pagina con un servicio que no uso habitualmente y que está pago. ( Prime video)Los siguientes dias fué un tanto diferente, y hace una noche mientras intentaba actualizar el wind defender no me lo permitía, al igual que descargar el avg. Tengo instalado el 360 total desde el inicio de esta computadora. Hice una restauracion del sistema con fecha manual dos veces, la última antes del 1/12/2020, asi pude instalar el avg y actualizar el wind defender. el control remoto se podia observar sin internet activa, lo corroboré varias veces, ya que en el medio de ejecutar cdm : Netstat para ver tema puerto y direcciones de Ip se me abrian ventanas inesperadamente con el objetivo de evitar ese trabajo, lo más indignante fué que se intentó una comunicacion subrayando palabras como : archivo, seguridad,busqueda, informe, en ventanas del navegador que habia abierto para buscar informacion con un doble objetivo, ( ver que acciones tomaba) la informacion que ejecutaba la tenia de otro dispositivo con otra conexion. Otra cosa que hice fue restaurar mi router wifi, tambien se cambio la contraseña desde elprimer dia que sucedia todo esto. TANTO el wind defender- 360-y avg no detectaron nada en ningun parametro, son gratuitos. Desde hace unas horas es que no noto nada raro, mi Pad , no uso mousse, funciona con la facilidad de siempre. En los dias anteriores se notaba raro y no respondía como deberia ser, a su vez evitada con controles que apague la computadora o que conecte el wifi. Scanee mi celular con su antivirus pero no encontró nada. Ahora mismo parece que recuperé el control, pero no lo creo … espero haber completado las preguntas asi pueden ampliar su ayuda, adjunto el informe solicitado.

[CODE][B]~~~~~~~~~~~| Inicio: [/B]

*IFS (InfoSpyware First Steps) v 1.3
*www.InfoSpyware.com | www.ForoSpyware.com
*Iniciado: 11/04/2021 a las 21h.07m.43s

[B]~~~~~~~~~~~|  Información del Sistema:[/B]

OS: Microsoft Windows 10 Home Single Language x64 
Idioma: Spanish (Argentina) (Argentina|es-AR)
Permisos de Administrador / ON
Windows se Inició en   Modo Normal
Drive: C:\WINDOWS (Install: \Device\HarddiskVolume3)

[B]~~~~~~~~~~~| Arquitectura Fisica:[/B]

CPU: ASUSTeK COMPUTER INC.
CPU Modelo: X541UAK
Procesador: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz (x64-BasedPC)
Memoria RAM: 8 Gb. En Uso: 45 %
Video: Intel(R) HD Graphics 620
Chip: Intel(R) HD Graphics Family Capacidad video:1024 MB (Internal)

[B]~~~~~~~~~~~| Unidades[/B]

C: [FIXED|NTFS|OS] - [930.5 Gb][863.9 Gb][66.5 Gb]
D: [CDROM]
[COLOR=#FF0000][B]C:\ Fragmentación total 17.77% - Desfragmentar unidad [/B][/COLOR]

[B]~~~~~~~~~~~| Seguridad del SO[/B]

SafeBoot: Inicio en Modo seguro Correcto
Security Center: Correcto (Servicio Activo)
Windows Update: [COLOR=#FF0000][B]El servicio no está activo[/B][/COLOR] 
AV: Windows Defender *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / Actualizado*
AV: AVG Antivirus *Protección Residente [ON] / Actualizado*
AV: AVG Antivirus *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / Actualizado*
AV: 360 Total Security *Protección Residente [ON] / Actualizado*
SP: Windows Defender *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / Actualizado*
SP: AVG Antivirus *Protección Residente [ON] / Actualizado*
FW: Windows Firewall *Habilitado*

[B]~~~~~~~~~~~|  Update Check[/B]

Internet Explorer Versión Instalada 11
Google Chrome Versión Instalada 89.0.4389.114

[B]~~~~~~~~~~~| Process List[/B] 

MsMpEng.exe (Windows Defender)

[B]~~~~~~~~~~~| Install Check[/B] 


AVG AntiVirus FREE [21.2.3170]

[B]~~~~~~~~~~~| Registry Check[/B]

HKLM\Run(x64): [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
HKLM\Run(x64): [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
HKLM\Run(x64): [AVGUI.exe] "C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui
HKLM\Run: [QHSafeTray] "C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe" /start
HKLM\Run: [VPNMaster] C:\Program Files (x86)\VPNMaster\Startup.exe
HKLM\Run: [360DesktopLite] "C:\ProgramData\360TotalSecurity\DesktopPlus\DesktopPlus64.exe" /auto
Winlogon(x64): Shell = explorer.exe
Winlogon: Shell = explorer.exe
Userinit(x64): Userinit = 
Userinit: Userinit = 

[HKCR\.\.open\command] -> Navegador Preferido es Internet Explorer
StarPage:about:blank
StarPage:hxxp://go.microsoft.com/fwlink/?LinkId=54896

[B]~~~~~~~~~~~| PUPs Check[/B]

HKLM64\SOFTWARE\Partner


[B]~~~~~~~~~~~| Listado 7 Días (Predeterminado)[/B]

[10/04/2021 18:42] - C:\WINDOWS\Microsoft Antimalware
[08/04/2021 07:21] - C:\WINDOWS\PFRO.log
[08/04/2021 07:19] - C:\WINDOWS\pss
[10/04/2021 22:47] - C:\WINDOWS\setupact.log
[10/04/2021 22:47] - C:\WINDOWS\setuperr.log
[11/04/2021 02:06] - C:\bksystem
[11/04/2021 21:07] - C:\FSTool
[11/04/2021 21:07] - C:\IFS.log

[B]~~~~~~~~~~~| C:\WINDOWS\Tasks:[/B]

[08/04/2021 07:22] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

[B]~~~~~~~~~~~| End Report[/B]
*Finalizado 21:14:08
*Se limpiaron los archivos temporales
*[1599815] C:\Users\Sofi\Downloads\IFS.exe
*Herramienta de Análisis e investigación [/CODE]
1 me gusta

Estoy recopilando la siguiente información para poder ayudarte, enseguida estoy contigo

Voy a proceder a darte unas instrucciones que quiero que sigas al pie de la letra y sin saltarte ningún paso quiero que sigas el siguiente orden a la hora de poder Instalar los siguientes programas.

IMPORTANTE:

-“SIGUE ESTOS PASOS POR ORDEN DE COMO TE LO PONGO, NO TE SALTES NINGÚN PASO, Y VAS SIGUIENDO EXACTAMENTE LAS INDICACIONES QUE TE PONGO AQUI”:

DESCARGATE LOS SIGUIENTES PROGRAMAS DE AQUI DONDE PONE “MANUAL” Y SIGUE LOS PASOS AL PIE DE LA LETRA SIN SALTARTE NINGUNO Y EN EL ORDEN EN ESTABLECIDO:

PASO 1: Desinfectar Internet con: MANUAL ADWCLEANER

PASO 2: Desinfectar Infecciones con: MANUAL TDSSKILLER

PASO 3: Desinfectar Virus con: MANUAL KASPERSKY REMOVAL TOOL

PASO 4: Desinfectar Archivos Maliciosos con MANUAL: MALWAREBYTES-ANTIMALWARE

PASO 5: Analizar el Sistema con MANUAL: ESET NOD32 ONLINE EN BUSCA DE OTRAS AMENAZAS

PASO 6: Desinfectar Infecciónes y limpiar con MANUAL: Dr-WEB-CUREIT

PASO 7: Desinfectar y Limpiar los Navegadores con MANUAL: ZHPCLEANER

PASO 8: Desinfectar Infecciónes con: MANUAL: HITMAN

PASO 9: Desinfectar Infección con: MANUAL: USBFIX

PASO 10: LIMPIAR Y REPARAR CON: DESCARGAR AQUI: GLARY-UTILITIES

                           PASOS A SEGUIR:

Instalar con “DERECHOS DE ADMINISTRADOR

Una vez instalado, lo ejecuta con “DERECHOS DE ADMINISTRADOR” y Click donde pone:

-. Mantenimiento en 1-Clic

-. Seguidamente “Pulsar” en la pestaña que pone: “Buscar Problemas”.

-. Empezará el proceso de análisis, esperar a que termine.

-. Click donde pone: “Resolver” Problemas o algo parecido, esperas a que te resuelva todos los problemas.

Realiza el mismo procedimiento hasta que te indique que se han resulto todos los problemas.

PASO 11: ELIMINAR TODOS LOS PROGRAMAS QUE SE HA USADO PARA LA DESINFECCION: MANUAL: DELFIL

Todos estos software de desinfección pueden tardar bastante en Analizar, por favor, tenga paciencia y siga las el MANUAL AL PIE DE LA LETRA Y SIN SALTARSE NINGÚN PASO.

Mándame todos los reportes cuando termine todos los pasos a seguir para que pueda verlos y mándamelos en el orden establecido.

ME HA FALTADO ESTE ÚLTIMO PASO:

PASO 12: Limpiar el Sistema y Reparar el registro con: MANUAL CCLEANER

Cuando realices este último paso me mandas todos los reportes, “EN EL ORDEN ESTABLECIDO EN LOS PASOS A SEGIR”, para que pueda verlos.

"DURANTE EL PROCESO DE DESINFECCIÓN QUE NO SE APAGUE LA PANTALLA NI SE PONGA EL EQUIPO EN ESTADO DE SUSPENSION YA QUE ALGUNOS PROGRAMAS PODRÍAN DEJAR DE DEJAR A MEDIAS EL PROCESO DE DESINFECCION SIN QUE SE PUEDA LLEVAR A CABO LA DESINFECCION CORRECTAMENTE" (CONFIGURELO EN OPCIONES DE ENERGÍA PARA QUE EL EQUIPO NO SE PONGA EN ESTADO DE SUSPENSION Y NO SE APAGUE LA PANTALLA EN NINGUN MOMENTO"

Tenga paciencia ya que estos pasos pueden demorar bastante tiempo en analizar

Buen día por acá.

Leí todo perfecto Una pregunta antes de ejecutar todo, En el reporte que envíe que análisis pudo lograr? Ejecutar todo los pasos va a interferir con programas de uso exclusivo laboral que tengo instalado? Son programas para equipos Digitales que no requieren Internet para su uso, solo que si se desinstalan pierdo la licencia y debería volver a pagarla. Agradezco tu aclaración.

Gracias nuevamente

Buenas, te comento, los software de seguridad que te he puesto para poder desinfectar tu ordenador no interfieren con tus programas para los Equipos Digitales y ni tampoco con los programas exclusivos laboral no tiene que interferir para nada ya que la mayoría de los pasos a seguir para poder desinfectar tu ordenador son versiones portables, eso significa que no requieren de instalación en tu ordenador, ya que lo ejecutas y listo, excepto el software de seguridad llamado: “MalwareByte AntimalwareByte” que ese si que requiere de instalación en tu ordenador ya que no es un software portable y tampoco vas a tener ningún inconveniente con tus programas de seguridad que tienes instalados en tu equipo ya que es compatible.

El único inconveniente que veo con respecto a tu pregunta es que si algún Virus, Troyano, Malware, u objeto malicioso esta infectado con alguno de los programas que tienes instalado en tu ordenador de los llamados “PROGRAMAS EXCLUSIVI LABORAL Y/O Digitales” ,como me comentas por aquí, entonces el propio Software de Desinfección te eliminaría el archivo y al eliminarte el archivo te eliminaría dicho programa “LABORAL Y/O DIGITAL”, eso en el caso de que ese “Software Digital y/o software Digital” que tu tengas en tu ordenador estuviera infectado con algún Virus, Troyano, Spyware, Malware u otro cualquier objeto malicioso que pudiera encontrar en dichos programas Digitales.

En cuanto a la pregunta que me comentas si esos Software Digitales y/o Software Digitales son comprados por ti con la licencia original y/o descargado de la página oficial no tendría que haber ningún problema con respecto a que te eliminara dicho Software Digital.

Otra cosa es que esos Software Digitales y/o Software Laboral que me comentas lo hayas adquirido con una licencia pirata, que no sean comprados y/o descargados de su página oficial entonces ahí puede ser que al proceder a seguir los pasos a seguir para poder desinfectar tu ordenador esos programas de seguridad cuando estuvieran analizando pudiera ser que alguno de ellos te los elimine al no considerarse un Software Original y/o Software Pirata sin su licencia original y/o manipulado por la persona que realizó dicho programa digital y/o Laboral que pueda estar infectado con algún objeto infeccioso Malware, Troyano, Spyware entonces puede que dichos softwares te los pueda eliminar dichos programas de seguridad a la hora de proceder a seguir los pasos de desinfección.

No se si te he podido aclarar la respuesta.

Otra cosa, cuando ejecutes todos los pasos descritos para realizar el proceso de desinfección de tu ordenador lo tendrias que instalas con PERSMISOS DE ADMINISTRADOR Y EJECUTARLOS TAMBIEN CON PERMISOS DE ADMINISTRADOR

Espero haberte podido resolver tu pregunta planteada

@Odontologia de nada :+1:

Seguís vosotros: @Odontologia y @chicloi

Salu2.

En cuanto tengas los informes de los programas que te he solicitado me los pasas y seguimos con el proceso de desinfección.

Me tienes que enviar el informe de los pasos a seguir para que te pueda seguir ayudando. Mandamelos en cuanto puedas.

Gracias.

Buen día, Aun no he podido hacerlo. Como me dijiste q lleva tiempo no quería hacerlo sin disponer de ese tiempo. Mañana es el día q puedo. Los mantengo al tanto y envió el informe. Gracias

No te preocupes, yo también he tenido una mañana complicada, cuando tu puedas y tengas tiempo y mejor así ya que puede demorar bastante en realizarse el proceso.

Gracias.

hola, como estas? paso el primer reporte

[CODE]

-------------------------------

Malwarebytes AdwCleaner 8.2.0.0

-------------------------------

Build: 03-22-2021

Database: 2021-04-08.1 (Cloud)

Support: https://www.malwarebytes.com/support

-------------------------------

Mode: Clean

-------------------------------

Start: 04-15-2021

Duration: 00:00:04

OS: Windows 10 Home Single Language

Cleaned: 8

Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppHelper Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes{993F5746-4C15-42BC-99C1-064A1764271B} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted SaveFrom.net helper - [email protected]

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


[+] Delete Tracing Keys [+] Reset Winsock


AdwCleaner[S00].txt - [4029 octets] - [15/04/2021 00:39:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[CODE]

[CODE]

-------------------------------

Malwarebytes AdwCleaner 8.2.0.0

-------------------------------

Build: 03-22-2021

Database: 2021-04-08.1 (Cloud)

Support: https://www.malwarebytes.com/support

-------------------------------

Mode: Scan

-------------------------------

Start: 04-15-2021

Duration: 00:00:24

OS: Windows 10 Home Single Language

Scanned: 31979

Detected: 25

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DefaultSearch.ShrtCln HKCU\Software\Microsoft\Internet Explorer\SearchScopes{993F5746-4C15-42BC-99C1-064A1764271B} PUP.Optional.Legacy HKCU\Software\AppHelper PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.BrowseToSave SaveFrom.net helper - [email protected]

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSDeviceActivation Folder C:\Program Files (x86)\ASUS\ASUS DEVICE ACTIVATION Preinstalled.ASUSDeviceActivation Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{9C4B0706-9F9A-47BF-B417-0A111FC52B04} Preinstalled.ASUSGiftBox Folder C:\Program Files (x86)\ASUS\GIFTBOX Preinstalled.ASUSGiftBox Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASUS GIFTBOX Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{F577BCF7-8B6D-4A12-9596-BA989E77A705}
Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{8D6B05E0-F457-408C-9D13-549334D8FAE1} Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{63E12F50-10B7-456E-A399-822CDB776F6A}
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{0969AF05-4FF6-4C00-9406-43599238DE0D} Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[CODE]

[CODE]00:57:53.0459 0x3ae4 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46 00:57:53.0459 0x3ae4 UEFI system 00:57:59.0083 0x3ae4 ============================================================ 00:57:59.0083 0x3ae4 Current date / time: 2021/04/15 00:57:59.0083 00:57:59.0083 0x3ae4 SystemInfo: 00:57:59.0083 0x3ae4
00:57:59.0083 0x3ae4 OS Version: 10.0.19041 ServicePack: 0.0 00:57:59.0083 0x3ae4 Product type: Workstation 00:57:59.0083 0x3ae4 ComputerName: ODONTOLOGIA-SR 00:57:59.0084 0x3ae4 UserName: Sofi 00:57:59.0084 0x3ae4 Windows directory: C:\WINDOWS 00:57:59.0084 0x3ae4 System windows directory: C:\WINDOWS 00:57:59.0084 0x3ae4 Running under WOW64 00:57:59.0084 0x3ae4 Processor architecture: Intel x64 00:57:59.0084 0x3ae4 Number of processors: 4 00:57:59.0084 0x3ae4 Page size: 0x1000 00:57:59.0084 0x3ae4 Boot type: Normal boot 00:57:59.0084 0x3ae4 CodeIntegrityOptions = 0x00000201 00:57:59.0084 0x3ae4 ============================================================ 00:57:59.0876 0x3ae4 KLMD registered as C:\WINDOWS\system32\drivers\79073861.sys 00:57:59.0876 0x3ae4 KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19041.1, osProperties = 0x1D 00:57:59.0995 0x3ae4 System UUID: {04861017-7826-05CD-8660-E8405591E4CC} 00:58:00.0216 0x3ae4 !crdlk 00:58:00.0287 0x3ae4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘A’ 00:58:00.0305 0x3ae4 ============================================================ 00:58:00.0305 0x3ae4 \Device\Harddisk0\DR0: 00:58:00.0307 0x3ae4 GPT partitions: 00:58:00.0311 0x3ae4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {652BD44E-D423-4AA7-AAC2-E6FE93F1EE00}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000 00:58:00.0311 0x3ae4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6D6CA848-7842-4AD3-885F-136FBC88CC06}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000 00:58:00.0312 0x3ae4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {223978EB-FF0D-463B-BDDE-FE45F51EDC75}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x744EC000 00:58:00.0312 0x3ae4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FED9EF09-320F-4ED9-9642-3D41A542865E}, Name: Basic data partition, StartLBA 0x74576800, BlocksNum 0x190000 00:58:00.0312 0x3ae4 MBR partitions: 00:58:00.0312 0x3ae4 ============================================================ 00:58:00.0331 0x3ae4 C: <-> \Device\Harddisk0\DR0\Partition3 00:58:00.0331 0x3ae4 ============================================================ 00:58:00.0331 0x3ae4 Initialize success 00:58:00.0331 0x3ae4 ============================================================ 00:59:58.0342 0x3958 ============================================================ 00:59:58.0342 0x3958 Scan started 00:59:58.0342 0x3958 Mode: Manual; 00:59:58.0342 0x3958 ============================================================ 00:59:58.0342 0x3958 KSN ping started 00:59:58.0651 0x3958 KSN ping finished: true 01:00:15.0066 0x3958 ================ Scan BIOS ================================= 01:00:15.0069 0x3958 BIOS info: vendor = American Megatrends Inc., version = X541UAK.306, releaseDate = 07/05/2017 01:00:15.0069 0x3958 Base board info: manufacturer = ASUSTeK COMPUTER INC., product = X541UAK, version = 1.0
01:00:17.0662 0x3958 [ CD71338F09C5BA75BEC57829FF9C6090, 7F48686F88D7A374EE44FC8F4331F352F2AAC6B296C3E20C2D01590C8B5282A2 ] BIOS 01:00:17.0662 0x3958 BIOS - ok 01:00:17.0663 0x3958 ================ Scan system memory ======================== 01:00:17.0665 0x3958 System memory - ok 01:00:17.0666 0x3958 ================ Scan services ============================= 01:00:18.0538 0x3958 1394ohci - ok 01:00:18.0586 0x3958 [ 4B1A3AC59967ADEC3625D4B91734D90F, 8B0F50C356A91BD751D8A8FE05836C9A2F53C66B8EA3C9775959CF1D673E6224 ] 360AntiHacker C:\WINDOWS\system32\Drivers\360AntiHacker64.sys 01:00:18.0601 0x3958 360AntiHacker - ok 01:00:18.0637 0x3958 [ A97716E2D5238E451128908952FFD27E, 078CEBCE0BFFD98AB5E9EA833D55C0D00BC541B4D6358C2E53C2EF27324A1C53 ] 360AvFlt C:\WINDOWS\system32\DRIVERS\360AvFlt.sys 01:00:18.0652 0x3958 360AvFlt - ok 01:00:18.0681 0x3958 [ BA45C1D5DABBAF3D48ED80BD7C61B550, 92E899A0943881174D1D6BB2464D29FAE462DDDB2E01CB3B4F9DFD967582D06B ] 360Box64 C:\WINDOWS\system32\DRIVERS\360Box64.sys 01:00:18.0695 0x3958 360Box64 - ok 01:00:18.0705 0x3958 [ 9C0515172F5DDC7313604E40822B21E1, C60FBBF05E63A72D9DF67A633B8AB831DEB2F125549921BED8E662A4BB0BA428 ] 360Camera C:\WINDOWS\system32\Drivers\360Camera64.sys 01:00:18.0707 0x3958 360Camera - ok 01:00:19.0200 0x3958 [ 884AA010087EA914680312672F915B8D, 7405C45B870F3F77FD64A0D46B6D67527820DE4EF3AC7A6445DFFDF22016CD8A ] 360DocProtect C:\Program Files (x86)\360\360DocProtect\Utils\360DocProtect.exe 01:00:19.0236 0x3958 360DocProtect - ok 01:00:19.0266 0x3958 [ 8C048CB46EE03BA72EF4A355C4B631E1, B4FC508087B467F60E966DE9A632C03254B0747AE0C5926BCD072B32CFA15547 ] 360elam64 C:\WINDOWS\system32\DRIVERS\360elam64.sys 01:00:19.0286 0x3958 360elam64 - ok 01:00:19.0337 0x3958 [ D809B74CAAB2CF9DE744D7666D083B77, 63858B594DA7932C37294D02A7BD6CF8EE1A0861D98F5941A06CD3F5E8151F11 ] 360FsFlt C:\WINDOWS\system32\DRIVERS\360FsFlt.sys 01:00:19.0359 0x3958 360FsFlt - ok 01:00:19.0388 0x3958 [ C47729C57A0D2AAB2472332682BF3FE8, 74968E3EE919E5FB13770620C6CF55644E856AEEDAADC1801E91963B81FAB98D ] 360Hvm C:\WINDOWS\system32\Drivers\360Hvm64.sys 01:00:19.0402 0x3958 360Hvm - ok 01:00:19.0417 0x3958 [ 8A4AFAE6680B973ED303B67F7A82A6C1, 70E08AF709B8575C5560A6D68E90E445685CF9A6DFD3E02077E9202A8897617C ] 360netmon C:\WINDOWS\system32\DRIVERS\360netmon.sys 01:00:19.0435 0x3958 360netmon - ok 01:00:19.0441 0x3958 3ware - ok 01:00:19.0455 0x3958 AarSvc - ok 01:00:19.0555 0x3958 ACPI - ok 01:00:19.0583 0x3958 AcpiDev - ok 01:00:19.0599 0x3958 acpiex - ok 01:00:19.0612 0x3958 acpipagr - ok 01:00:19.0632 0x3958 [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 01:00:19.0655 0x3958 AcpiPmi - ok 01:00:19.0670 0x3958 acpitime - ok 01:00:19.0680 0x3958 Acx01000 - ok 01:00:19.0792 0x3958 [ 431B9F2E0D4145164D572671395B4B31, 5D336098251ED4E50D3EAB55A37CD9486F0479893A2D9B5FB849D1486FA63FAD ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 01:00:19.0799 0x3958 AdobeARMservice - ok 01:00:19.0836 0x3958 ADP80XX - ok 01:00:19.0858 0x3958 AFD - ok 01:00:19.0871 0x3958 afunix - ok 01:00:20.0023 0x3958 [ B962838258223F9EF7B648AC2950CD52, 7E9C31EC2647A23BB6115DE7C7374047BA3B147BB414F9A692116F9CEB62F90D ] AGMService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe 01:00:20.0124 0x3958 AGMService - ok 01:00:20.0231 0x3958 [ 25B4D7FA7572F6CF494F8576A982915A, DDBCB718150A085E96D2B73D4E5F5AAA04CF701E1D05007CD4875756A462B0DC ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 01:00:20.0362 0x3958 AGSService - ok 01:00:20.0391 0x3958 [ 852B17846D11304E043E4C8A71323D5E, BC3A37CEB86D2B1970A9F4ABA31F958A1FE07C246F4F127334BB19719893ED91 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 01:00:20.0404 0x3958 ahcache - ok 01:00:20.0420 0x3958 [ EF91AC93FD14599002CC21D10F9F0D58, FF0621E2D8C2FCA676182F3B0B7BFB35A50836435BD520D4C7E0FC1FE6A7B0C2 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys 01:00:20.0427 0x3958 AiCharger - ok 01:00:20.0449 0x3958 [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter C:\WINDOWS\System32\AJRouter.dll 01:00:20.0464 0x3958 AJRouter - ok 01:00:20.0497 0x3958 ALG - ok 01:00:20.0530 0x3958 amdgpio2 - ok 01:00:20.0552 0x3958 amdi2c - ok 01:00:20.0572 0x3958 AmdK8 - ok 01:00:20.0586 0x3958 AmdPPM - ok 01:00:20.0599 0x3958 amdsata - ok 01:00:20.0616 0x3958 amdsbs - ok 01:00:20.0625 0x3958 amdxata - ok 01:00:20.0643 0x3958 AppID - ok 01:00:20.0673 0x3958 AppIDSvc - ok 01:00:20.0702 0x3958 Appinfo - ok 01:00:20.0744 0x3958 applockerfltr - ok 01:00:20.0774 0x3958 AppReadiness - ok 01:00:20.0813 0x3958 AppXSvc - ok 01:00:20.0830 0x3958 arcsas - ok 01:00:20.0889 0x3958 [ B035AFB34EB863BF090060A96B76A205, 3A794A9A4E7C486CC58157E9723D7DA6C9C50F9E493F46AFB8359C9FFACD1965 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe 01:00:20.0904 0x3958 ASLDRService - ok 01:00:20.0932 0x3958 [ CAA69B5EF70E88C1E8A8A2C341151063, CE3C178C6EBDA538411FC8677D84735AF6991D047106522F0E1CC08BB1FEF412 ] AsusPTPDrv C:\WINDOWS\System32\drivers\AsusPTPFilter.sys 01:00:20.0948 0x3958 AsusPTPDrv - ok 01:00:21.0012 0x3958 AsyncMac - ok 01:00:21.0066 0x3958 atapi - ok 01:00:21.0116 0x3958 [ 0E717D7FED23731863EC44B4031DC268, A6F98FE201320FE3FF041768E426008C86B15BA7593EA04B1AC71B6FAE837A1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 01:00:21.0120 0x3958 ATKWMIACPIIO - ok 01:00:21.0157 0x3958 AudioEndpointBuilder - ok 01:00:21.0186 0x3958 Audiosrv - ok 01:00:21.0214 0x3958 autotimesvc - ok 01:00:21.0349 0x3958 [ 8617BE975C7BB0B00B4DB4CE89CEEB56, CC8041022961C7CD43449F6D8D8860C6EF4F041663BAD55612E92DDD6F1C34DB ] AVG Antivirus C:\Program Files\AVG\Antivirus\AVGSvc.exe 01:00:21.0372 0x3958 AVG Antivirus - ok 01:00:21.0397 0x3958 [ 56945F765A13E6A298698AC972615126, 9766ACE1C64D3E51A14BB58AE2B521FBE6FAB4B228A575472E6769450C4D633D ] AVG Tools C:\Program Files\AVG\Antivirus\avgToolsSvc.exe 01:00:21.0408 0x3958 AVG Tools - ok 01:00:21.0437 0x3958 [ 5DFA5673219DAC88984BC417AF99D31C, 9501A0158F196B1EE5370C42607B2D07EF450785A68A00DD760AFC29AF7051C2 ] avgArDisk C:\WINDOWS\system32\drivers\avgArDisk.sys 01:00:21.0438 0x3958 avgArDisk - ok 01:00:21.0466 0x3958 [ F52D112BB219689982530F12953F2A18, 7740B6C6043B3A37D688FA5CC221938B34810BE389E7994CB5E5C9A9DCEE7698 ] avgArPot C:\WINDOWS\system32\drivers\avgArPot.sys 01:00:21.0474 0x3958 avgArPot - ok 01:00:21.0704 0x3958 [ 1ECC71734B13F1C9A188DEBDF94AF2F8, A25E0696B1BC7D6A69D0E899E28CEB2CD224677B8B82B08F3F014400DD25128E ] avgbIDSAgent C:\Program Files\AVG\Antivirus\aswidsagent.exe 01:00:21.0921 0x3958 avgbIDSAgent - ok 01:00:21.0957 0x3958 [ 91B8C0E1F445F5BDAB096396D9975208, ADD7E9C0F066BAEAB066BF28DFA6308716151BB42ABCAAAC1EFE5A6C9F003A5D ] avgbidsdriver C:\WINDOWS\system32\drivers\avgbidsdriver.sys 01:00:21.0965 0x3958 avgbidsdriver - ok 01:00:21.0993 0x3958 [ F134239C290AA1FE4F52EA76603B5435, B8D7BCFEC3FDED05C2CCAFDDF23F3BFAED1D83BA4C7116CAAA7AA9C819BB318C ] avgbidsh C:\WINDOWS\system32\drivers\avgbidsh.sys 01:00:22.0000 0x3958 avgbidsh - ok 01:00:22.0014 0x3958 [ 5A484C6B6897256A02F9BB3A7A8FA4C4, 7A00C484ACF45792D9AD046DC0685217DE4062DC767C9409351CDA075D69AE40 ] avgbuniv C:\WINDOWS\system32\drivers\avgbuniv.sys 01:00:22.0022 0x3958 avgbuniv - ok 01:00:22.0032 0x3958 [ AE132F4651A0ADCC3FAE45D869BF9C89, 1C33FA0F7DB9B0B6273744DC9372DA332D48B235CA7D2586306629403461F359 ] avgElam C:\WINDOWS\system32\drivers\avgElam.sys 01:00:22.0034 0x3958 avgElam - ok 01:00:22.0049 0x3958 [ A64EF0B14B7C8D225AC0498F868C2EA1, CB7D4C1FC31D348373C613FFEB779194C59681ABC8EA113E6031A077177A4AC8 ] avgKbd C:\WINDOWS\system32\drivers\avgKbd.sys 01:00:22.0049 0x3958 avgKbd - ok 01:00:22.0066 0x3958 [ 8420F25C8AC51C8AFCE6C031710613A4, 858E4765922D45BD35E54A4D9A51B1BADEB63F17F45D61D4AE1E023D7CB5B8D2 ] avgMonFlt C:\WINDOWS\system32\drivers\avgMonFlt.sys 01:00:22.0066 0x3958 avgMonFlt - ok 01:00:22.0097 0x3958 [ FD3D51AA22B69F4BE3B3E5ACA83A21EB, 4BB6D92BC483E86DB5BEE618329EE10DF9A54FEB00B40AC0CCB9473AE45F3D97 ] avgNetHub C:\WINDOWS\system32\drivers\avgNetHub.sys 01:00:22.0108 0x3958 avgNetHub - ok 01:00:22.0124 0x3958 [ 24957565ECE3D14546D46DE03CB3A803, BC2A710A5A3E9791BDFA014B1B31844C8D29518C8E39A7835C13EC76F80FC884 ] avgRdr C:\WINDOWS\system32\drivers\avgRdr2.sys 01:00:22.0129 0x3958 avgRdr - ok 01:00:22.0137 0x3958 [ 231A395E8AB059A786DF17F5E6ED69E0, 84F53CB7C6DBF2969221CED0DE8E5EC3E26E2A829840AC0A8E02C413DB098E41 ] avgRvrt C:\WINDOWS\system32\drivers\avgRvrt.sys 01:00:22.0145 0x3958 avgRvrt - ok 01:00:22.0194 0x3958 [ B92DD5182509FC0D838CBC803076FDA5, 1728B25C18836A30993E7E7F01DC55090FC80A734F15B0D5DC05BD87027634DF ] avgSnx C:\WINDOWS\system32\drivers\avgSnx.sys 01:00:22.0209 0x3958 avgSnx - ok 01:00:22.0239 0x3958 [ 84115EB15DFF3146E91F8074C1DAA52F, FFB2AFF4EE36F1AECE1D27B89AED1CCACC3A639AF32E9A11A17B8C8AF0498A1F ] avgSP C:\WINDOWS\system32\drivers\avgSP.sys 01:00:22.0253 0x3958 avgSP - ok 01:00:22.0264 0x3958 [ 0E82A16E8021F0E40D3AFBB701FAB295, 5E2E74F5273D8DA656C97623AAA494EC5F8CC99323B817E31C07DD0ED871555E ] avgStm C:\WINDOWS\system32\drivers\avgStm.sys 01:00:22.0266 0x3958 avgStm - ok 01:00:22.0289 0x3958 [ 650C36F4235F39AA39C4AA1BF57CE482, 1F311F1D5AF47523E42E5F491195160828DCF6CE4D94251D8C6BA975711236EA ] avgVmm C:\WINDOWS\system32\drivers\avgVmm.sys 01:00:22.0302 0x3958 avgVmm - ok 01:00:22.0363 0x3958 [ D002213BF78F2B988B57B2E7188853E9, B7B3EDA47A5A45E74F5BADA855A0A9F8DB025970EB29B90AB6948233D4110DF6 ] AvgWscReporter C:\Program Files\AVG\Antivirus\wsc_proxy.exe 01:00:22.0369 0x3958 AvgWscReporter - ok 01:00:22.0398 0x3958 AxInstSV - ok 01:00:22.0419 0x3958 b06bdrv - ok 01:00:22.0448 0x3958 [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam C:\WINDOWS\system32\drivers\bam.sys 01:00:22.0464 0x3958 bam - ok 01:00:22.0484 0x3958 [ 083B12AA80B8B6F65A68330A84CA423A, 15C46CC877EFA8387917F91BF7477DE6C8F0C313C03AD72724BA658CBBB565A4 ] BAPIDRV C:\WINDOWS\system32\DRIVERS\BAPIDRV64.sys 01:00:22.0498 0x3958 BAPIDRV - ok 01:00:22.0563 0x3958 BasicDisplay - ok 01:00:22.0598 0x3958 BasicRender - ok 01:00:22.0621 0x3958 BcastDVRUserService - ok 01:00:22.0681 0x3958 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 01:00:22.0685 0x3958 bcmfn2 - ok 01:00:22.0700 0x3958 BDESVC - ok 01:00:22.0724 0x3958 [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys 01:00:22.0744 0x3958 Beep - ok 01:00:22.0780 0x3958 BFE - ok 01:00:22.0797 0x3958 bindflt - ok 01:00:22.0831 0x3958 BITS - ok 01:00:22.0902 0x3958 [ 254638EA744F61D7FD82F8C470B80D6C, 7A62BA3EFF3A560F7EBC1F34BB2B4A8027ED6048A1162295CFF0857816D8679A ] BlueStacksDrv C:\Program Files\BlueStacks\BstkDrv_bgp.sys 01:00:22.0909 0x3958 BlueStacksDrv - ok 01:00:22.0945 0x3958 BluetoothUserService - ok 01:00:22.0988 0x3958 bowser - ok 01:00:23.0011 0x3958 BrokerInfrastructure - ok 01:00:23.0019 0x3958 BTAGService - ok 01:00:23.0040 0x3958 BthA2dp - ok 01:00:23.0051 0x3958 BthAvctpSvc - ok 01:00:23.0068 0x3958 BthEnum - ok 01:00:23.0082 0x3958 [ 54A6088904238C4C023A3A3B73BD0F6D, E1139629752B748A0B0A7C22F4E1DB18D93439B239AF258D3148377B275A3B51 ] BthHFAud C:\WINDOWS\System32\drivers\BthHfAud.sys 01:00:23.0082 0x3958 BthHFAud - ok 01:00:23.0120 0x3958 [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 01:00:23.0126 0x3958 BthHFEnum - ok 01:00:23.0166 0x3958 BthLEEnum - ok 01:00:23.0171 0x3958 BthMini - ok 01:00:23.0199 0x3958 [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 01:00:23.0220 0x3958 BTHMODEM - ok 01:00:23.0263 0x3958 [ 3AB6DD0A13F9AA1BC6A71E942CC45770, C39E471BD757CA12635F283FFC4407989447739D36830E81E8DD3E63E363B3D7 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 01:00:23.0271 0x3958 BthPan - ok 01:00:23.0285 0x3958 BTHPORT - ok 01:00:23.0322 0x3958 [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv C:\WINDOWS\system32\bthserv.dll 01:00:23.0335 0x3958 bthserv - ok 01:00:23.0356 0x3958 BTHUSB - ok 01:00:23.0372 0x3958 bttflt - ok 01:00:23.0393 0x3958 buttonconverter - ok 01:00:23.0423 0x3958 [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD C:\WINDOWS\System32\drivers\CAD.sys 01:00:23.0428 0x3958 CAD - ok 01:00:23.0458 0x3958 camsvc - ok 01:00:23.0481 0x3958 CaptureService - ok 01:00:23.0516 0x3958 cbdhsvc - ok 01:00:23.0552 0x3958 cdfs - ok 01:00:23.0581 0x3958 CDPSvc - ok 01:00:23.0598 0x3958 CDPUserSvc - ok 01:00:23.0615 0x3958 cdrom - ok 01:00:23.0631 0x3958 CertPropSvc - ok 01:00:23.0651 0x3958 cht4iscsi - ok 01:00:23.0662 0x3958 cht4vbd - ok 01:00:23.0675 0x3958 CimFS - ok 01:00:23.0704 0x3958 [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass C:\WINDOWS\System32\drivers\circlass.sys 01:00:23.0719 0x3958 circlass - ok 01:00:23.0725 0x3958 CldFlt - ok 01:00:23.0747 0x3958 CLFS - ok 01:00:24.0266 0x3958 [ C6FA1E537FC591505B7D39941DABE2AF, 51E280E34F6638D1A02C41F5B26EC161F41C42EAE12302A0278E1081A464AF72 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 01:00:24.0367 0x3958 ClickToRunSvc - ok 01:00:24.0839 0x3958 ClipSVC - ok 01:00:24.0881 0x3958 CmBatt - ok 01:00:24.0910 0x3958 CNG - ok 01:00:24.0997 0x3958 [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 01:00:25.0017 0x3958 cnghwassist - ok 01:00:25.0054 0x3958 [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys 01:00:25.0060 0x3958 CompositeBus - ok 01:00:25.0074 0x3958 COMSysApp - ok 01:00:25.0090 0x3958 condrv - ok 01:00:25.0112 0x3958 ConsentUxUserSvc - ok 01:00:25.0148 0x3958 CoreMessagingRegistrar - ok 01:00:25.0211 0x3958 [ 3C2C6121D2E8D9069995BA2D3318A91A, A06CA18C3972FAD2B6FA63C7BF6DA156A974F141F87C2E74C495237F62B1D804 ] cphs C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe 01:00:25.0229 0x3958 cphs - ok 01:00:25.0264 0x3958 [ D14FC1262D996D3BC1125619BEAEBF0C, 797AF0B479231B4C5DA534557612701910585B78AC9809FD0C785398DBCF4261 ] cplspcon C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe 01:00:25.0283 0x3958 cplspcon - ok 01:00:25.0327 0x3958 CredentialEnrollmentManagerUserSvc - ok 01:00:25.0335 0x3958 CredentialEnrollmentManagerUserSvc_27e9b4c - ok 01:00:25.0358 0x3958 CryptSvc - ok 01:00:25.0399 0x3958 [ 612AB1277F4E89410BF1C8BE10EA1BDB, FD2CB85CDA0212C2015B1AAFEB880A4CDD4372FA843CF70C47D42984E33688B1 ] dam C:\WINDOWS\system32\drivers\dam.sys 01:00:25.0415 0x3958 dam - ok 01:00:25.0450 0x3958 DcomLaunch - ok 01:00:25.0473 0x3958 defragsvc - ok 01:00:25.0552 0x3958 [ 1CB00B5CBA251B45075C478E212312AE, 4370EFBBAA5E8F97E4450BC2CEB708C9ABFB828B4FF73B3127F271C1B275775B ] DevActSvc C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe 01:00:25.0565 0x3958 DevActSvc - ok 01:00:25.0578 0x3958 DeviceAssociationBrokerSvc - ok 01:00:25.0596 0x3958 DeviceAssociationService - ok 01:00:25.0624 0x3958 DeviceInstall - ok 01:00:25.0682 0x3958 DevicePickerUserSvc - ok 01:00:25.0716 0x3958 DevicesFlowUserSvc - ok 01:00:25.0762 0x3958 [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 01:00:25.0780 0x3958 DevQueryBroker - ok 01:00:25.0798 0x3958 Dfsc - ok 01:00:25.0840 0x3958 Dhcp - ok 01:00:25.0898 0x3958 diagnosticshub.standardcollector.service - ok 01:00:25.0921 0x3958 diagsvc - ok 01:00:25.0933 0x3958 DiagTrack - ok 01:00:25.0957 0x3958 disk - ok 01:00:25.0981 0x3958 DispBrokerDesktopSvc - ok 01:00:25.0997 0x3958 DisplayEnhancementService - ok 01:00:26.0022 0x3958 DmEnrollmentSvc - ok 01:00:26.0046 0x3958 dmvsc - ok 01:00:26.0072 0x3958 [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 01:00:26.0088 0x3958 dmwappushservice - ok 01:00:26.0096 0x3958 Dnscache - ok 01:00:26.0123 0x3958 dot3svc - ok 01:00:26.0163 0x3958 [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS C:\WINDOWS\system32\dps.dll 01:00:26.0173 0x3958 DPS - ok 01:00:26.0200 0x3958 [ CF1232E0F6AECAE0241BFF06EE8F065E, DE6D706C5D2CBE4B4B174DEB72851717BD4E47827026C89AE1635CC3E460DFD5 ] dptf_cpu C:\WINDOWS\System32\drivers\dptf_cpu.sys 01:00:26.0215 0x3958 dptf_cpu - ok 01:00:26.0232 0x3958 drmkaud - ok 01:00:26.0267 0x3958 DsmSvc - ok 01:00:26.0289 0x3958 DsSvc - ok 01:00:26.0331 0x3958 [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll 01:00:26.0346 0x3958 DusmSvc - ok 01:00:26.0368 0x3958 DXGKrnl - ok 01:00:26.0378 0x3958 Eaphost - ok 01:00:26.0389 0x3958 ebdrv - ok 01:00:26.0462 0x3958 [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdate C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 01:00:26.0476 0x3958 edgeupdate - ok 01:00:26.0491 0x3958 [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdatem C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 01:00:26.0498 0x3958 edgeupdatem - ok 01:00:26.0519 0x3958 EFS - ok 01:00:26.0533 0x3958 EhStorClass - ok 01:00:26.0541 0x3958 EhStorTcgDrv - ok 01:00:26.0554 0x3958 embeddedmode - ok 01:00:26.0584 0x3958 EntAppSvc - ok 01:00:26.0598 0x3958 ErrDev - ok 01:00:26.0728 0x3958 [ 54CD5C621BD88E707B56EC8493A87D93, 499094A508FE871F5978692AD152AA3522EB203E6BC5F751906FFEBB07F05D22 ] esifsvc C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe 01:00:26.0808 0x3958 esifsvc - ok 01:00:26.0859 0x3958 [ EE106C2FE507A9D0A8F581ED757059AF, D82FA75BFFBA2624B993F4CE815833D45DDABE01BFFB48D7AF1E25AA70566348 ] esif_lf C:\WINDOWS\system32\DRIVERS\esif_lf.sys 01:00:26.0866 0x3958 esif_lf - ok 01:00:26.0916 0x3958 EventLog - ok 01:00:26.0937 0x3958 EventSystem - ok 01:00:26.0962 0x3958 exfat - ok 01:00:26.0975 0x3958 fastfat - ok 01:00:26.0989 0x3958 Fax - ok 01:00:27.0016 0x3958 fdc - ok 01:00:27.0054 0x3958 [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 01:00:27.0074 0x3958 fdPHost - ok 01:00:27.0105 0x3958 [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub C:\WINDOWS\system32\fdrespub.dll 01:00:27.0119 0x3958 FDResPub - ok 01:00:27.0141 0x3958 fhsvc - ok 01:00:27.0169 0x3958 [ A9DA29A3275DFFABD6E8FF6340387380, BC4DF3F66C533EE8488A12153156A526225A4982E2AA4DE38AECE4FCDFA2BE00 ] FileAbap C:\WINDOWS\system32\drivers\FileAbap64.sys 01:00:27.0176 0x3958 FileAbap - ok 01:00:27.0220 0x3958 [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 01:00:27.0235 0x3958 FileCrypt - ok 01:00:27.0256 0x3958 FileInfo - ok 01:00:27.0280 0x3958 Filetrace - ok 01:00:27.0291 0x3958 flpydisk - ok 01:00:27.0303 0x3958 FltMgr - ok 01:00:27.0321 0x3958 FontCache - ok 01:00:27.0395 0x3958 FontCache3.0.0.0 - ok 01:00:27.0415 0x3958 FrameServer - ok 01:00:27.0435 0x3958 FsDepends - ok 01:00:27.0445 0x3958 Fs_Rec - ok 01:00:27.0462 0x3958 fvevol - ok 01:00:27.0502 0x3958 [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 01:00:27.0508 0x3958 gencounter - ok 01:00:27.0537 0x3958 genericusbfn - ok 01:00:27.0674 0x3958 [ 71201E3A761B753F4399DCC5CCB29742, 06E2FFA65CF3A3C4027282E81D3AF9DF572F8638D860322B27AC0E273D32C0E0 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\elevation_service.exe 01:00:27.0761 0x3958 GoogleChromeElevationService - ok 01:00:27.0796 0x3958 GPIOClx0101 - ok 01:00:27.0813 0x3958 gpsvc - ok 01:00:27.0841 0x3958 [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 01:00:27.0846 0x3958 GpuEnergyDrv - ok 01:00:27.0876 0x3958 GraphicsPerfSvc - ok 01:00:27.0904 0x3958 [ 92EE791A630830452485E8E375F8DB35, 542294724926B0E156224B9EBD33E6354D79DA4C828FB52F7F4233DF45E3F624 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:00:27.0907 0x3958 gupdate - ok 01:00:27.0914 0x3958 [ 92EE791A630830452485E8E375F8DB35, 542294724926B0E156224B9EBD33E6354D79DA4C828FB52F7F4233DF45E3F624 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:00:27.0914 0x3958 gupdatem - ok 01:00:27.0934 0x3958 HdAudAddService - ok 01:00:27.0955 0x3958 HDAudBus - ok 01:00:27.0976 0x3958 HidBatt - ok 01:00:27.0999 0x3958 HidBth - ok 01:00:28.0021 0x3958 hidi2c - ok 01:00:28.0050 0x3958 hidinterrupt - ok 01:00:28.0087 0x3958 [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 01:00:28.0092 0x3958 HidIr - ok 01:00:28.0106 0x3958 hidserv - ok 01:00:28.0135 0x3958 hidspi - ok 01:00:28.0172 0x3958 [ 2866EE966A0D19307E247A22BE110522, F11B8F5A3344AF5B48C411F5547E1589987C6A63CF2DFCAC80044B98AF4BDD63 ] HIDSwitch C:\WINDOWS\System32\drivers\AsRadioControl.sys 01:00:28.0178 0x3958 HIDSwitch - ok 01:00:28.0201 0x3958 HidUsb - ok 01:00:28.0244 0x3958 HpSAMD - ok 01:00:28.0264 0x3958 HTTP - ok 01:00:28.0298 0x3958 [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys 01:00:28.0319 0x3958 hvcrash - ok 01:00:28.0365 0x3958 [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll 01:00:28.0383 0x3958 HvHost - ok 01:00:28.0424 0x3958 hvservice - ok 01:00:28.0453 0x3958 [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys 01:00:28.0456 0x3958 HwNClx0101 - ok 01:00:28.0469 0x3958 hwpolicy - ok 01:00:28.0519 0x3958 hyperkbd - ok 01:00:28.0531 0x3958 HyperVideo - ok 01:00:28.0564 0x3958 i8042prt - ok 01:00:28.0578 0x3958 iagpio - ok 01:00:28.0606 0x3958 iai2c - ok 01:00:28.0626 0x3958 iaLPSS2i_GPIO2 - ok 01:00:28.0663 0x3958 iaLPSS2i_GPIO2_BXT_P - ok 01:00:28.0697 0x3958 iaLPSS2i_GPIO2_CNL - ok 01:00:28.0714 0x3958 iaLPSS2i_GPIO2_GLK - ok 01:00:28.0743 0x3958 iaLPSS2i_I2C - ok 01:00:28.0765 0x3958 iaLPSS2i_I2C_BXT_P - ok 01:00:28.0778 0x3958 iaLPSS2i_I2C_CNL - ok 01:00:28.0792 0x3958 iaLPSS2i_I2C_GLK - ok 01:00:28.0810 0x3958 iaLPSSi_GPIO - ok 01:00:28.0831 0x3958 iaLPSSi_I2C - ok 01:00:28.0916 0x3958 [ DB0599BBD0EE8436BC942C882A3013B2, EC218370DBD3F68B363E9E6CD5D66E57FF06EFF9125AAB793754332359ACB685 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 01:00:28.0958 0x3958 iaStorA - ok 01:00:28.0968 0x3958 iaStorAVC - ok 01:00:28.0981 0x3958 iaStorV - ok 01:00:28.0990 0x3958 ibbus - ok 01:00:29.0001 0x3958 icssvc - ok 01:00:29.0032 0x3958 igfx - ok 01:00:29.0063 0x3958 [ 4C9B5205851C626A34F7AD3B2487C66A, ADA2F01A3764F3203174DB1B652D0549C764FFD979FB6B2AF5BD75C51C58DFB9 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe 01:00:29.0074 0x3958 igfxCUIService2.0.0.0 - ok 01:00:29.0104 0x3958 IKEEXT - ok 01:00:29.0133 0x3958 IndirectKmd - ok 01:00:29.0163 0x3958 InstallService - ok 01:00:29.0334 0x3958 [ 6FA30DBDD992096C8307A1E17006F6F5, CAF737B029D39CD7BA9969D06B55FB1A84CC13333F4AC852BDB3DD1A35E8BD95 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 01:00:29.0486 0x3958 IntcAzAudAddService - ok 01:00:29.0545 0x3958 [ D802C54CB11E1B1A701846F5F7B5BC32, A95CFE28549E31CD58269A47530320A9F61415691F915C1DB6121DA4E9191F2E ] IntcDAud C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys 01:00:29.0558 0x3958 IntcDAud - ok 01:00:29.0695 0x3958 [ AEA02F1F43503A5E10C92246A0B70DBD, 9717788B0D3E69071042A6D3EFB431F7466F76805F762BF22A32314FF3C21D84 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 01:00:29.0716 0x3958 Intel(R) Capability Licensing Service TCP IP Interface - ok 01:00:29.0768 0x3958 intelide - ok 01:00:29.0804 0x3958 intelpep - ok 01:00:29.0848 0x3958 [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax C:\WINDOWS\System32\drivers\intelpmax.sys 01:00:29.0868 0x3958 intelpmax - ok 01:00:29.0896 0x3958 intelppm - ok 01:00:29.0929 0x3958 [ D22A1D8ADEE382386F4B5BE950F870A7, 56A4C885DF07EF3DB14A2ECDE09B4B2ABAAA774600880C8F7382F3089A5071D2 ] iorate C:\WINDOWS\system32\drivers\iorate.sys 01:00:29.0942 0x3958 iorate - ok 01:00:29.0984 0x3958 [ BC54C689313865E84657FAC9D5A2D255, 65BEDDAF252AC56781E01A36E92329F23D8FA4F2D1CC145A0A89F48D2BD1B350 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 01:00:30.0002 0x3958 IpFilterDriver - ok 01:00:30.0030 0x3958 iphlpsvc - ok 01:00:30.0050 0x3958 IPMIDRV - ok 01:00:30.0080 0x3958 [ F63572DF4295C78B3F7036AEDA878176, B71EB3CC4EC95BC9A3FA217736C6C36C756935714D7E16E34C05D913B829CB9C ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 01:00:30.0094 0x3958 IPNAT - ok 01:00:30.0101 0x3958 [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT C:\WINDOWS\System32\drivers\ipt.sys 01:00:30.0105 0x3958 IPT - ok 01:00:30.0130 0x3958 [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll 01:00:30.0151 0x3958 IpxlatCfgSvc - ok 01:00:30.0172 0x3958 isapnp - ok 01:00:30.0201 0x3958 iScsiPrt - ok 01:00:30.0207 0x3958 ItSas35i - ok 01:00:30.0290 0x3958 [ C395FADCE0E9FD9B0F23E622C2249701, 257E0DF7CDAA23AFBFE53E22DA44140D43DB5298086C5BB49DB155A261895998 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 01:00:30.0302 0x3958 jhi_service - ok 01:00:30.0323 0x3958 kbdclass - ok 01:00:30.0336 0x3958 kbdhid - ok 01:00:30.0346 0x3958 kdnic - ok 01:00:30.0366 0x3958 KeyIso - ok 01:00:30.0381 0x3958 KSecDD - ok 01:00:30.0396 0x3958 KSecPkg - ok 01:00:30.0413 0x3958 ksthunk - ok 01:00:30.0459 0x3958 [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 01:00:30.0480 0x3958 KtmRm - ok 01:00:30.0495 0x3958 LanmanServer - ok 01:00:30.0504 0x3958 LanmanWorkstation - ok 01:00:30.0532 0x3958 [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc C:\WINDOWS\System32\lfsvc.dll 01:00:30.0541 0x3958 lfsvc - ok 01:00:30.0563 0x3958 LicenseManager - ok 01:00:30.0602 0x3958 [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 01:00:30.0618 0x3958 lltdio - ok 01:00:30.0645 0x3958 lltdsvc - ok 01:00:30.0654 0x3958 lmhosts - ok 01:00:30.0734 0x3958 [ B743127DDCE8CF670C187BE2CF8A38E5, C64244B32BA7825E41C141BFCB0593CB6D2A1B65A9C9ED85C7FB8668093FF949 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 01:00:30.0759 0x3958 LMS - ok 01:00:30.0776 0x3958 LSI_SAS - ok 01:00:30.0784 0x3958 LSI_SAS2i - ok 01:00:30.0799 0x3958 LSI_SAS3i - ok 01:00:30.0806 0x3958 LSI_SSS - ok 01:00:30.0842 0x3958 LSM - ok 01:00:30.0856 0x3958 luafv - ok 01:00:30.0870 0x3958 LxpSvc - ok 01:00:30.0920 0x3958 [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker C:\WINDOWS\System32\moshost.dll 01:00:30.0933 0x3958 MapsBroker - ok 01:00:30.0948 0x3958 mausbhost - ok 01:00:30.0963 0x3958 mausbip - ok 01:00:30.0974 0x3958 MbbCx - ok 01:00:30.0987 0x3958 megasas - ok 01:00:30.0991 0x3958 megasas2i - ok 01:00:31.0008 0x3958 megasas35i - ok 01:00:31.0015 0x3958 megasr - ok 01:00:31.0047 0x3958 [ 06D4AEA95783EC15B2D6098AD47F5590, 368C19CD520CABA1F26FB2FBBA81BB1A301BC8E2980FDD866E68097677FF33D8 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 01:00:31.0055 0x3958 MEIx64 - ok 01:00:31.0066 0x3958 MessagingService - ok 01:00:31.0179 0x3958 MicrosoftEdgeElevationService - ok 01:00:31.0229 0x3958 [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys 01:00:31.0245 0x3958 Microsoft_Bluetooth_AvrcpTransport - ok 01:00:31.0266 0x3958 MixedRealityOpenXRSvc - ok 01:00:31.0295 0x3958 mlx4_bus - ok 01:00:31.0317 0x3958 MMCSS - ok 01:00:31.0347 0x3958 Modem - ok 01:00:31.0381 0x3958 monitor - ok 01:00:31.0402 0x3958 mouclass - ok 01:00:31.0424 0x3958 mouhid - ok 01:00:31.0447 0x3958 mountmgr - ok 01:00:31.0470 0x3958 mpsdrv - ok 01:00:31.0504 0x3958 mpssvc - ok 01:00:31.0553 0x3958 [ 186251D6489F7470616862DD15644177, CC06B99F3F67A90E0B5FC3B2FD7A0DBB23B0D766DDCC94FF6C72B1C2C6C913DF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 01:00:31.0567 0x3958 MRxDAV - ok 01:00:31.0596 0x3958 mrxsmb - ok 01:00:31.0609 0x3958 mrxsmb20 - ok 01:00:31.0647 0x3958 [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 01:00:31.0668 0x3958 MsBridge - ok 01:00:31.0697 0x3958 [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC C:\WINDOWS\System32\msdtc.exe 01:00:31.0714 0x3958 MSDTC - ok 01:00:31.0746 0x3958 Msfs - ok 01:00:31.0783 0x3958 [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 01:00:31.0801 0x3958 msgpiowin32 - ok 01:00:31.0820 0x3958 mshidkmdf - ok 01:00:31.0849 0x3958 [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 01:00:31.0865 0x3958 mshidumdf - ok 01:00:31.0883 0x3958 msisadrv - ok 01:00:31.0899 0x3958 MSiSCSI - ok 01:00:31.0907 0x3958 msiserver - ok 01:00:31.0921 0x3958 MSKSSRV - ok 01:00:31.0948 0x3958 [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 01:00:31.0958 0x3958 MsLldp - ok 01:00:31.0971 0x3958 MSPCLOCK - ok 01:00:31.0985 0x3958 MSPQM - ok 01:00:31.0999 0x3958 MsQuic - ok 01:00:32.0021 0x3958 MsRPC - ok 01:00:32.0050 0x3958 mssmbios - ok 01:00:32.0071 0x3958 MSTEE - ok 01:00:32.0087 0x3958 MTConfig - ok 01:00:32.0103 0x3958 Mup - ok 01:00:32.0119 0x3958 mvumis - ok 01:00:32.0143 0x3958 NativeWifiP - ok 01:00:32.0156 0x3958 NaturalAuthentication - ok 01:00:32.0193 0x3958 [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 01:00:32.0216 0x3958 NcaSvc - ok 01:00:32.0237 0x3958 NcbService - ok 01:00:32.0259 0x3958 [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 01:00:32.0273 0x3958 NcdAutoSetup - ok 01:00:32.0296 0x3958 ndfltr - ok 01:00:32.0315 0x3958 NDIS - ok 01:00:32.0347 0x3958 [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 01:00:32.0366 0x3958 NdisCap - ok 01:00:32.0397 0x3958 NdisImPlatform - ok 01:00:32.0415 0x3958 NdisTapi - ok 01:00:32.0438 0x3958 Ndisuio - ok 01:00:32.0474 0x3958 NdisVirtualBus - ok 01:00:32.0495 0x3958 NdisWan - ok 01:00:32.0503 0x3958 ndiswanlegacy - ok 01:00:32.0531 0x3958 [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing C:\WINDOWS\system32\drivers\NDKPing.sys 01:00:32.0553 0x3958 NDKPing - ok 01:00:32.0562 0x3958 ndproxy - ok 01:00:32.0597 0x3958 [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 01:00:32.0605 0x3958 Ndu - ok 01:00:32.0633 0x3958 NetAdapterCx - ok 01:00:32.0654 0x3958 NetBIOS - ok 01:00:32.0682 0x3958 NetBT - ok 01:00:32.0689 0x3958 Netlogon - ok 01:00:32.0705 0x3958 Netman - ok 01:00:32.0730 0x3958 netprofm - ok 01:00:32.0768 0x3958 NetSetupSvc - ok 01:00:32.0890 0x3958 [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:00:32.0897 0x3958 NetTcpPortSharing - ok 01:00:32.0930 0x3958 netvsc - ok 01:00:32.0966 0x3958 NgcCtnrSvc - ok 01:00:32.0998 0x3958 NgcSvc - ok 01:00:33.0028 0x3958 NlaSvc - ok 01:00:33.0049 0x3958 Npfs - ok 01:00:33.0081 0x3958 npsvctrig - ok 01:00:33.0122 0x3958 nsi - ok 01:00:33.0158 0x3958 nsiproxy - ok 01:00:33.0201 0x3958 Ntfs - ok 01:00:33.0230 0x3958 Null - ok 01:00:33.0257 0x3958 nvdimm - ok 01:00:33.0288 0x3958 nvraid - ok 01:00:33.0312 0x3958 nvstor - ok 01:00:33.0352 0x3958 OneSyncSvc - ok 01:00:33.0466 0x3958 [ 8EBA5640D3316EC1D2F251F591A8D739, 586F4B9FD0151B97E9AF628FB639B274B5993290057E1C455B3907FE92C3D572 ] ose64 c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 01:00:33.0481 0x3958 ose64 - ok 01:00:33.0527 0x3958 p2pimsvc - ok 01:00:33.0576 0x3958 [ DA97CD5815EC123BC88382C08D465B9E, 46F5EA2E3D590FB10E14BC811612B6EF87C805B359A652D2C6BFE4840D5D6AA2 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 01:00:33.0605 0x3958 p2psvc - ok 01:00:33.0630 0x3958 Parport - ok 01:00:33.0640 0x3958 partmgr - ok 01:00:33.0674 0x3958 PcaSvc - ok 01:00:33.0710 0x3958 pci - ok 01:00:33.0740 0x3958 pciide - ok 01:00:33.0768 0x3958 pcmcia - ok 01:00:33.0790 0x3958 pcw - ok 01:00:33.0814 0x3958 pdc - ok 01:00:33.0833 0x3958 PEAUTH - ok 01:00:33.0905 0x3958 perceptionsimulation - ok 01:00:33.0936 0x3958 percsas2i - ok 01:00:33.0958 0x3958 percsas3i - ok 01:00:34.0063 0x3958 [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 01:00:34.0080 0x3958 PerfHost - ok 01:00:34.0137 0x3958 PhoneSvc - ok 01:00:34.0162 0x3958 PimIndexMaintenanceSvc - ok 01:00:34.0187 0x3958 PktMon - ok 01:00:34.0258 0x3958 [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla C:\WINDOWS\system32\pla.dll 01:00:34.0331 0x3958 pla - ok 01:00:34.0362 0x3958 PlugPlay - ok 01:00:34.0378 0x3958 pmem - ok 01:00:34.0398 0x3958 [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys 01:00:34.0401 0x3958 PNPMEM - ok 01:00:34.0425 0x3958 [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 01:00:34.0439 0x3958 PNRPAutoReg - ok 01:00:34.0448 0x3958 PNRPsvc - ok 01:00:34.0457 0x3958 PolicyAgent - ok 01:00:34.0481 0x3958 portcfg - ok 01:00:34.0504 0x3958 Power - ok 01:00:34.0520 0x3958 PptpMiniport - ok 01:00:34.0692 0x3958 [ 402C790E8775ED10D69E42BD533F3C98, E0E26A33B5ECF07E492CC44770E6678C6CA71DB0E47F898BC2A730B11970C9D9 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 01:00:34.0798 0x3958 PrintNotify - ok 01:00:34.0830 0x3958 PrintWorkflowUserSvc - ok 01:00:34.0864 0x3958 Processor - ok 01:00:34.0879 0x3958 ProfSvc - ok 01:00:34.0900 0x3958 Psched - ok 01:00:34.0920 0x3958 PushToInstall - ok 01:00:35.0014 0x3958 [ 0961CFC1E20554C813302B74CF47ED57, EA83E4000346E6F53AE4518BD462ECA4DA9132C050D41404B73EC85AADB4B2AF ] QHActiveDefense C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe 01:00:35.0072 0x3958 QHActiveDefense - ok 01:00:35.0195 0x3958 [ 26DFADD9C2293F71105D1819720BC4D7, F308F01277A6900C32427B9E55550830AEADEBF9A2F5B340BE805474FF42A081 ] QHProtected C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe 01:00:35.0324 0x3958 QHProtected - ok 01:00:35.0366 0x3958 [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE C:\WINDOWS\system32\qwave.dll 01:00:35.0381 0x3958 QWAVE - ok 01:00:35.0425 0x3958 [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 01:00:35.0440 0x3958 QWAVEdrv - ok 01:00:35.0462 0x3958 Ramdisk - ok 01:00:35.0476 0x3958 RasAcd - ok 01:00:35.0495 0x3958 RasAgileVpn - ok 01:00:35.0529 0x3958 RasAuto - ok 01:00:35.0535 0x3958 Rasl2tp - ok 01:00:35.0563 0x3958 RasMan - ok 01:00:35.0583 0x3958 RasPppoe - ok 01:00:35.0606 0x3958 RasSstp - ok 01:00:35.0620 0x3958 rdbss - ok 01:00:35.0661 0x3958 [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 01:00:35.0678 0x3958 rdpbus - ok 01:00:35.0698 0x3958 RDPDR - ok 01:00:35.0739 0x3958 RdpVideoMiniport - ok 01:00:35.0779 0x3958 [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 01:00:35.0786 0x3958 rdyboost - ok 01:00:35.0807 0x3958 ReFS - ok 01:00:35.0829 0x3958 ReFSv1 - ok 01:00:35.0855 0x3958 RemoteAccess - ok 01:00:35.0902 0x3958 [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 01:00:35.0911 0x3958 RemoteRegistry - ok 01:00:35.0927 0x3958 RetailDemo - ok 01:00:35.0962 0x3958 [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 01:00:35.0970 0x3958 RFCOMM - ok 01:00:36.0038 0x3958 [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys 01:00:36.0059 0x3958 rhproxy - ok 01:00:36.0095 0x3958 RmSvc - ok 01:00:36.0123 0x3958 RpcEptMapper - ok 01:00:36.0147 0x3958 [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator C:\WINDOWS\system32\locator.exe 01:00:36.0166 0x3958 RpcLocator - ok 01:00:36.0203 0x3958 RpcSs - ok 01:00:36.0253 0x3958 [ 685B0561F0E0B13CD7DDBC47892BD732, D277FBAAE817DD071D6973BB47991E9DCBE64169169B321BF0A5FEA91AEF1981 ] RSBASTOR C:\WINDOWS\System32\drivers\RtsBaStor.sys 01:00:36.0268 0x3958 RSBASTOR - ok 01:00:36.0297 0x3958 [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 01:00:36.0306 0x3958 rspndr - ok 01:00:36.0368 0x3958 [ 80453D2522DA43AED8F2D94ABD33B01B, C50CE27C17FB5EBA4E3C75D1A8BD1161CD82AB47A48AE3B95E7352B783AAB415 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 01:00:36.0389 0x3958 rt640x64 - ok 01:00:36.0431 0x3958 [ 3BFB070CC6B1F820D14768B1EC3991C6, B4ED7CE848FEE3E3A69016228B149A96624FB0AC1D36A7A86F73BF23C89FA649 ] RtkBtFilter C:\WINDOWS\System32\drivers\RtkBtfilter.sys 01:00:36.0447 0x3958 RtkBtFilter - ok 01:00:36.0505 0x3958 [ 61227D4CB642C0D39ABC8034FF9B857E, AFAA9ABE34D08DBB6E36E69F9BC3FFF6D553552E7962FC466572D8A88843AF33 ] RtkBtManServ C:\WINDOWS\RtkBtManServ.exe 01:00:36.0527 0x3958 RtkBtManServ - ok 01:00:36.0756 0x3958 [ 67B22F88762D8013317862EFFA49F307, 550780AD7F46D159FAD7FC99744BEF33BF3C37ABEB03F8DC2666E988A00705EF ] RTWlanE02 C:\WINDOWS\System32\drivers\rtwlane02.sys 01:00:36.0988 0x3958 RTWlanE02 - ok 01:00:37.0031 0x3958 [ 797F4F4A558F634B483F8A51D0C6E60B, A02D31D05FCC4F58033972200749EEF878CB960E500A95A1B0AAC32E6B14450D ] RVG6Driver C:\WINDOWS\System32\Drivers\RVG6USB_64.sys 01:00:37.0038 0x3958 RVG6Driver - ok 01:00:37.0074 0x3958 [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 01:00:37.0075 0x3958 s3cap - ok 01:00:37.0102 0x3958 SamSs - ok 01:00:37.0117 0x3958 sbp2port - ok 01:00:37.0139 0x3958 SCardSvr - ok 01:00:37.0181 0x3958 ScDeviceEnum - ok 01:00:37.0214 0x3958 scfilter - ok 01:00:37.0254 0x3958 Schedule - ok 01:00:37.0304 0x3958 scmbus - ok 01:00:37.0334 0x3958 SCPolicySvc - ok 01:00:37.0362 0x3958 sdbus - ok 01:00:37.0384 0x3958 [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys 01:00:37.0404 0x3958 SDFRd - ok 01:00:37.0420 0x3958 SDRSVC - ok 01:00:37.0458 0x3958 sdstor - ok 01:00:37.0491 0x3958 [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon C:\WINDOWS\system32\seclogon.dll 01:00:37.0507 0x3958 seclogon - ok 01:00:37.0545 0x3958 SecurityHealthService - ok 01:00:37.0560 0x3958 SEMgrSvc - ok 01:00:37.0600 0x3958 [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS C:\WINDOWS\System32\sens.dll 01:00:37.0614 0x3958 SENS - ok 01:00:37.0636 0x3958 SensorDataService - ok 01:00:37.0665 0x3958 SensorService - ok 01:00:37.0714 0x3958 [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 01:00:37.0737 0x3958 SensrSvc - ok 01:00:37.0764 0x3958 SerCx - ok 01:00:37.0780 0x3958 SerCx2 - ok 01:00:37.0798 0x3958 Serenum - ok 01:00:37.0805 0x3958 Serial - ok 01:00:37.0815 0x3958 sermouse - ok 01:00:37.0873 0x3958 [ 4856CC4E3433A8FD246E8978A02653FA, E3B6E15917C86EC95E9BB0EB206F17DD277CEEE1B00854A791BB23C7F6C06E2E ] SessionEnv C:\WINDOWS\system32\sessenv.dll 01:00:37.0902 0x3958 SessionEnv - ok 01:00:37.0938 0x3958 sfloppy - ok 01:00:37.0967 0x3958 [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys 01:00:37.0970 0x3958 SgrmAgent - ok 01:00:38.0014 0x3958 SgrmBroker - ok 01:00:38.0038 0x3958 SharedAccess - ok 01:00:38.0119 0x3958 SharedRealitySvc - ok 01:00:38.0189 0x3958 [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 01:00:38.0210 0x3958 ShellHWDetection - ok 01:00:38.0241 0x3958 shpamsvc - ok 01:00:38.0255 0x3958 SiSRaid2 - ok 01:00:38.0271 0x3958 SiSRaid4 - ok 01:00:38.0291 0x3958 SmartSAMD - ok 01:00:38.0321 0x3958 smphost - ok 01:00:38.0370 0x3958 [ 4E3C693505FDCC0D33DB214699A9EAE6, 1C873640728B4585CC8D2AE92AF4745BD090E38365C8B212CB5E1C8A8482C0A5 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 01:00:38.0396 0x3958 SmsRouter - ok 01:00:38.0421 0x3958 [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 01:00:38.0442 0x3958 SNMPTRAP - ok 01:00:38.0472 0x3958 [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser C:\WINDOWS\system32\drivers\spaceparser.sys 01:00:38.0472 0x3958 spaceparser - ok 01:00:38.0508 0x3958 spaceport - ok 01:00:38.0546 0x3958 [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys 01:00:38.0550 0x3958 SpatialGraphFilter - ok 01:00:38.0572 0x3958 SpbCx - ok 01:00:38.0614 0x3958 spectrum - ok 01:00:38.0630 0x3958 Spooler - ok 01:00:38.0658 0x3958 sppsvc - ok 01:00:38.0673 0x3958 srv2 - ok 01:00:38.0684 0x3958 srvnet - ok 01:00:38.0724 0x3958 SSDPSRV - ok 01:00:38.0816 0x3958 [ 9FFECD197D09FF33B00D5E5B78A48146, 79C03E83B42E3C0402680B47A2493C3C506E2D212062859BD7C4EBACA46F3AD5 ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe 01:00:38.0832 0x3958 ssh-agent - ok 01:00:38.0853 0x3958 SstpSvc - ok 01:00:38.0874 0x3958 StateRepository - ok 01:00:38.0881 0x3958 stexstor - ok 01:00:38.0912 0x3958 stisvc - ok 01:00:38.0940 0x3958 storahci - ok 01:00:38.0964 0x3958 storflt - ok 01:00:38.0982 0x3958 stornvme - ok 01:00:39.0005 0x3958 storqosflt - ok 01:00:39.0043 0x3958 StorSvc - ok 01:00:39.0066 0x3958 storufs - ok 01:00:39.0083 0x3958 storvsc - ok 01:00:39.0104 0x3958 svsvc - ok 01:00:39.0156 0x3958 swenum - ok 01:00:39.0198 0x3958 swprv - ok 01:00:39.0247 0x3958 [ 39DA98A21DF2129DB71B58786F37FE16, C395FD230A9295500C0A8675D67791E9CE8A33B7B7633BE459AC55C0F33C1500 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 01:00:39.0255 0x3958 Synth3dVsc - ok 01:00:39.0302 0x3958 SysMain - ok 01:00:39.0342 0x3958 SystemEventsBroker - ok 01:00:39.0365 0x3958 TabletInputService - ok 01:00:39.0392 0x3958 [ 059E578D456043A8C3B76EC365B375F3, A0170CF78105CE757E0549D79E4AE7C412240E8B81D262A24D76A047F181F881 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys 01:00:39.0399 0x3958 tap0901 - ok 01:00:39.0429 0x3958 TapiSrv - ok 01:00:39.0458 0x3958 Tcpip - ok 01:00:39.0472 0x3958 Tcpip6 - ok 01:00:39.0515 0x3958 [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 01:00:39.0522 0x3958 tcpipreg - ok 01:00:39.0565 0x3958 tdx - ok 01:00:39.0587 0x3958 Telemetry - ok 01:00:39.0615 0x3958 [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 01:00:39.0638 0x3958 terminpt - ok 01:00:39.0653 0x3958 TermService - ok 01:00:39.0688 0x3958 [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes C:\WINDOWS\system32\themeservice.dll 01:00:39.0714 0x3958 Themes - ok 01:00:39.0735 0x3958 TieringEngineService - ok 01:00:39.0757 0x3958 TimeBrokerSvc - ok 01:00:39.0781 0x3958 TokenBroker - ok 01:00:39.0810 0x3958 TPM - ok 01:00:39.0847 0x3958 [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks C:\WINDOWS\System32\trkwks.dll 01:00:39.0869 0x3958 TrkWks - ok 01:00:39.0889 0x3958 TroubleshootingSvc - ok 01:00:39.0941 0x3958 TrustedInstaller - ok 01:00:39.0996 0x3958 [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 01:00:39.0998 0x3958 TsUsbFlt - ok 01:00:40.0041 0x3958 [ BF1D6924E7949102DA6F14F7EFE8D2D5, EA6AE80568B8FEB5EAE213EC8222AD72FFD99D80321D7F2A52C1B42A88F583AD ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 01:00:40.0061 0x3958 TsUsbGD - ok 01:00:40.0113 0x3958 [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys 01:00:40.0120 0x3958 tunnel - ok 01:00:40.0148 0x3958 tzautoupdate - ok 01:00:40.0184 0x3958 UASPStor - ok 01:00:40.0225 0x3958 [ 388FE883FE8D9D307398715C508B96F4, C101A6362E6101DEC559798045CAD7A950C965693F008A4B14EE23F75796CB22 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 01:00:40.0237 0x3958 UcmCx0101 - ok 01:00:40.0300 0x3958 [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys 01:00:40.0313 0x3958 UcmTcpciCx0101 - ok 01:00:40.0360 0x3958 [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys 01:00:40.0365 0x3958 UcmUcsiAcpiClient - ok 01:00:40.0409 0x3958 UcmUcsiCx0101 - ok 01:00:40.0422 0x3958 Ucx01000 - ok 01:00:40.0447 0x3958 UdeCx - ok 01:00:40.0466 0x3958 udfs - ok 01:00:40.0502 0x3958 UdkUserSvc - ok 01:00:40.0531 0x3958 UEFI - ok 01:00:40.0559 0x3958 Ufx01000 - ok 01:00:40.0612 0x3958 UfxChipidea - ok 01:00:40.0645 0x3958 ufxsynopsys - ok 01:00:41.0199 0x3958 [ D5A850BAC9BB7C290E35A63E999F16F3, E443361F10E97E5EB56B1C23846F401C94AE451C9CA74D37B7B24D7E08382A2E ] uhssvc C:\Program Files\Microsoft Update Health Tools\uhssvc.exe 01:00:41.0217 0x3958 uhssvc - ok 01:00:41.0359 0x3958 umbus - ok 01:00:41.0504 0x3958 UmPass - ok 01:00:41.0561 0x3958 UmRdpService - ok 01:00:41.0596 0x3958 UnistoreSvc - ok 01:00:41.0682 0x3958 upnphost - ok 01:00:41.0735 0x3958 [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys 01:00:41.0749 0x3958 UrsChipidea - ok 01:00:41.0799 0x3958 [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 01:00:41.0807 0x3958 UrsCx01000 - ok 01:00:41.0856 0x3958 [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys 01:00:41.0871 0x3958 UrsSynopsys - ok 01:00:41.0900 0x3958 usbaudio - ok 01:00:41.0963 0x3958 [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2 C:\WINDOWS\System32\drivers\usbaudio2.sys 01:00:41.0980 0x3958 usbaudio2 - ok 01:00:42.0030 0x3958 usbccgp - ok 01:00:42.0072 0x3958 [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 01:00:42.0080 0x3958 usbcir - ok 01:00:42.0115 0x3958 usbehci - ok 01:00:42.0131 0x3958 usbhub - ok 01:00:42.0146 0x3958 USBHUB3 - ok 01:00:42.0162 0x3958 usbohci - ok 01:00:42.0179 0x3958 [ E7D67614480D6365CA96FA6919F6CFF0, 7AC5FAC0D8E0A86CBD67407EA9EF95C6A2CBAA397EB959E074B6D87E85CEBD0A ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 01:00:42.0183 0x3958 usbprint - ok 01:00:42.0190 0x3958 usbser - ok 01:00:42.0200 0x3958 USBSTOR - ok 01:00:42.0216 0x3958 usbuhci - ok 01:00:42.0237 0x3958 usbvideo - ok 01:00:42.0252 0x3958 USBXHCI - ok 01:00:42.0262 0x3958 UserDataSvc - ok 01:00:42.0297 0x3958 UserManager - ok 01:00:42.0340 0x3958 UsoSvc - ok 01:00:42.0362 0x3958 VacSvc - ok 01:00:42.0379 0x3958 VaultSvc - ok 01:00:42.0389 0x3958 vdrvroot - ok 01:00:42.0432 0x3958 vds - ok 01:00:42.0454 0x3958 VerifierExt - ok 01:00:42.0496 0x3958 vhdmp - ok 01:00:42.0525 0x3958 vhf - ok 01:00:42.0541 0x3958 Vid - ok 01:00:42.0584 0x3958 [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys 01:00:42.0606 0x3958 VirtualRender - ok 01:00:42.0633 0x3958 vmbus - ok 01:00:42.0657 0x3958 VMBusHID - ok 01:00:42.0696 0x3958 [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys 01:00:42.0714 0x3958 vmgid - ok 01:00:42.0742 0x3958 vmicguestinterface - ok 01:00:42.0756 0x3958 vmicheartbeat - ok 01:00:42.0778 0x3958 vmickvpexchange - ok 01:00:42.0815 0x3958 vmicrdv - ok 01:00:42.0831 0x3958 vmicshutdown - ok 01:00:42.0849 0x3958 vmictimesync - ok 01:00:42.0869 0x3958 vmicvmsession - ok 01:00:42.0886 0x3958 vmicvss - ok 01:00:42.0908 0x3958 volmgr - ok 01:00:42.0921 0x3958 volmgrx - ok 01:00:42.0937 0x3958 volsnap - ok 01:00:42.0954 0x3958 volume - ok 01:00:42.0986 0x3958 [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci C:\WINDOWS\system32\drivers\vpci.sys 01:00:42.0995 0x3958 vpci - ok 01:00:43.0088 0x3958 [ 79CB7180EA0C40A8525F70B8B612222D, 626C400015275523EFD97D9E4C9312DF8C3971375A960200953F5012EAC6D913 ] VPNProxyMasterService C:\Program Files (x86)\VPNMaster\master_vpn-service.exe 01:00:43.0116 0x3958 VPNProxyMasterService - ok 01:00:43.0130 0x3958 vsmraid - ok 01:00:43.0146 0x3958 VSS - ok 01:00:43.0155 0x3958 VSTXRAID - ok 01:00:43.0164 0x3958 vwifibus - ok 01:00:43.0179 0x3958 vwififlt - ok 01:00:43.0195 0x3958 vwifimp - ok 01:00:43.0224 0x3958 W32Time - ok 01:00:43.0252 0x3958 WaaSMedicSvc - ok 01:00:43.0262 0x3958 WacomPen - ok 01:00:43.0277 0x3958 WalletService - ok 01:00:43.0289 0x3958 wanarp - ok 01:00:43.0303 0x3958 wanarpv6 - ok 01:00:43.0347 0x3958 [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll 01:00:43.0367 0x3958 WarpJITSvc - ok 01:00:43.0410 0x3958 wbengine - ok 01:00:43.0426 0x3958 WbioSrvc - ok 01:00:43.0439 0x3958 wcifs - ok 01:00:43.0465 0x3958 Wcmsvc - ok 01:00:43.0483 0x3958 wcncsvc - ok 01:00:43.0513 0x3958 wcnfs - ok 01:00:43.0540 0x3958 WdBoot - ok 01:00:43.0560 0x3958 Wdf01000 - ok 01:00:43.0569 0x3958 WdFilter - ok 01:00:43.0605 0x3958 [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 01:00:43.0622 0x3958 WdiServiceHost - ok 01:00:43.0632 0x3958 [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 01:00:43.0648 0x3958 WdiSystemHost - ok 01:00:43.0663 0x3958 wdiwifi - ok 01:00:43.0697 0x3958 [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys 01:00:43.0702 0x3958 WdmCompanionFilter - ok 01:00:43.0713 0x3958 WdNisDrv - ok 01:00:43.0780 0x3958 WdNisSvc - ok 01:00:43.0826 0x3958 [ 4A81FA6E29A3909FC620EC8B7AE0C8FF, 89F67C978A7F58FF1E51CE6DE17FE8FAF64A52A2E96BD188E911517AF1949275 ] WebClient C:\WINDOWS\System32\webclnt.dll 01:00:43.0847 0x3958 WebClient - ok 01:00:43.0877 0x3958 Wecsvc - ok 01:00:43.0913 0x3958 [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 01:00:43.0929 0x3958 WEPHOSTSVC - ok 01:00:43.0963 0x3958 wercplsupport - ok 01:00:44.0008 0x3958 WerSvc - ok 01:00:44.0079 0x3958 [ 39B758E2093B9FB42A086BF4BB1B8BEC, 473C61E7F4D734AE9C4BD2E111C6DCE595E9EF167C001CEDC35E53213F2987F6 ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll 01:00:44.0116 0x3958 WFDSConMgrSvc - ok 01:00:44.0137 0x3958 WFPLWFS - ok 01:00:44.0173 0x3958 WiaRpc - ok 01:00:44.0202 0x3958 WIMMount - ok 01:00:44.0213 0x3958 WinDefend - ok 01:00:44.0264 0x3958 [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 01:00:44.0266 0x3958 WindowsTrustedRT - ok 01:00:44.0324 0x3958 [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 01:00:44.0345 0x3958 WindowsTrustedRTProxy - ok 01:00:44.0367 0x3958 WinHttpAutoProxySvc - ok 01:00:44.0395 0x3958 WinMad - ok 01:00:44.0468 0x3958 Winmgmt - ok 01:00:44.0497 0x3958 WinNat - ok 01:00:44.0541 0x3958 WinRM - ok 01:00:44.0619 0x3958 [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB C:\WINDOWS\System32\drivers\WinUsb.sys 01:00:44.0632 0x3958 WINUSB - ok 01:00:44.0654 0x3958 WinVerbs - ok 01:00:44.0696 0x3958 wisvc - ok 01:00:44.0714 0x3958 WlanSvc - ok 01:00:44.0745 0x3958 wlidsvc - ok 01:00:44.0756 0x3958 wlpasvc - ok 01:00:44.0780 0x3958 WManSvc - ok 01:00:44.0791 0x3958 WmiAcpi - ok 01:00:44.0835 0x3958 wmiApSrv - ok 01:00:44.0856 0x3958 WMPNetworkSvc - ok 01:00:44.0880 0x3958 Wof - ok 01:00:44.0897 0x3958 workfolderssvc - ok 01:00:44.0928 0x3958 WpcMonSvc - ok 01:00:44.0972 0x3958 [ 02876C4F9F4EEC8AC30BBCFFE3447AB6, 0744CBBD9F2B867DF456E2B0E113897B654F07E1C96FCB32D4B4B57BE6A3BE81 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 01:00:45.0006 0x3958 WPDBusEnum - ok 01:00:45.0036 0x3958 [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 01:00:45.0036 0x3958 WpdUpFltr - ok 01:00:45.0058 0x3958 WpnService - ok 01:00:45.0066 0x3958 WpnUserService - ok 01:00:45.0096 0x3958 ws2ifsl - ok 01:00:45.0129 0x3958 [ E2BDC4D8D6090ED797FBD39FC097576F, 2BE313764D9830C9B4072A2CF98B4895A66BD83200A350D7ED7C8764AB2316D7 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 01:00:45.0157 0x3958 wscsvc - ok 01:00:45.0164 0x3958 WSearch - ok 01:00:45.0197 0x3958 wuauserv - ok 01:00:45.0229 0x3958 [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 01:00:45.0229 0x3958 WudfPf - ok 01:00:45.0287 0x3958 [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 01:00:45.0302 0x3958 WUDFRd - ok 01:00:45.0323 0x3958 [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 01:00:45.0330 0x3958 WUDFWpdFs - ok 01:00:45.0346 0x3958 [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 01:00:45.0352 0x3958 WUDFWpdMtp - ok 01:00:45.0367 0x3958 WwanSvc - ok 01:00:45.0385 0x3958 XblAuthManager - ok 01:00:45.0403 0x3958 XblGameSave - ok 01:00:45.0431 0x3958 xboxgip - ok 01:00:45.0450 0x3958 XboxGipSvc - ok 01:00:45.0467 0x3958 XboxNetApiSvc - ok 01:00:45.0509 0x3958 xinputhid - ok 01:00:45.0518 0x3958 ================ Scan global =============================== 01:00:45.0626 0x3958 [ Global ] - ok 01:00:45.0629 0x3958 ================ Scan MBR ================================== 01:00:45.0647 0x3958 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 01:00:45.0704 0x3958 \Device\Harddisk0\DR0 - ok 01:00:45.0704 0x3958 ================ Scan VBR ================================== 01:00:45.0710 0x3958 [ 148B2ABAE6BDAFA332B2DFB0A753535C ] \Device\Harddisk0\DR0\Partition1 01:00:45.0711 0x3958 \Device\Harddisk0\DR0\Partition1 - ok 01:00:45.0719 0x3958 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2 01:00:45.0740 0x3958 \Device\Harddisk0\DR0\Partition2 - ok 01:00:45.0791 0x3958 [ 9EA1E5A4D1FC21C0B8D0888AC43F2397 ] \Device\Harddisk0\DR0\Partition3 01:00:45.0812 0x3958 \Device\Harddisk0\DR0\Partition3 - ok 01:00:45.0856 0x3958 [ FE3E09E0F4EB6350610B59AEEAAD42A5 ] \Device\Harddisk0\DR0\Partition4 01:00:45.0905 0x3958 \Device\Harddisk0\DR0\Partition4 - ok 01:00:45.0905 0x3958 ================ Scan generic autorun ====================== 01:00:45.0985 0x3958 [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\WINDOWS\system32\SecurityHealthSystray.exe 01:00:46.0012 0x3958 SecurityHealth - ok 01:00:46.0178 0x3958 [ F7C8EF9FD17E2C89DC2770CCA8DB6242, EB8FAF481EEAFB6BE3C1254B81A800F2C74FA7D8AB682CAB5409BEF44251B60F ] C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe 01:00:46.0273 0x3958 AdobeGCInvoker-1.0 - ok 01:00:46.0338 0x3958 [ F6ED9E26759AFD59156D31EA6D11AC8A, 757D9D038BABCF733A7164102E4BE0B5065BBC8D0CED36AAD6946EDAC459E616 ] C:\Program Files\AVG\Antivirus\AvLaunch.exe 01:00:46.0352 0x3958 AVGUI.exe - ok 01:00:46.0424 0x3958 [ 57B51D223396DCD333A943859A9AE200, ABC0DA03C59F60C7F99D40EFFDA14C05057134082B681E776F18D2BBF21CF459 ] C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe 01:00:46.0438 0x3958 QHSafeTray - ok 01:00:46.0477 0x3958 [ C565A33C1878117F609DCCA5B569E085, 451C09556B26FB04C97CDA3B87120364A67C69EBAE86E354D071F24A62E11F54 ] C:\Program Files (x86)\VPNMaster\Startup.exe 01:00:46.0495 0x3958 VPNMaster - ok 01:00:46.0575 0x3958 OneDriveSetup - ok 01:00:46.0589 0x3958 OneDriveSetup - ok 01:00:46.0727 0x3958 [ 237F6F39C5128C1A62BDDE15579C5FBE, 9D70598D81C7BD35A1DEFA1DAAF57B533F161BB6763F12DE402DE84E9C46940C ] C:\ProgramData\360TotalSecurity\DesktopPlus\DesktopPlus64.exe 01:00:46.0762 0x3958 360DesktopLite - ok 01:00:46.0762 0x3958 Waiting for KSN requests completion. In queue: 167 01:00:47.0772 0x3958 Waiting for KSN requests completion. In queue: 167 01:00:48.0905 0x3958 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated ) 01:00:48.0910 0x3958 AV detected via SS2: AVG Antivirus, C:\Program Files\AVG\Antivirus\wsc_proxy.exe ( 21.2.6096.0 ), 0x41000 ( enabled : updated ) 01:00:48.0912 0x3958 AV detected via SS2: AVG Antivirus, C:\Program Files\AVG\Antivirus\wsc_proxy.exe ( 21.2.6096.0 ), 0x41000 ( enabled : updated ) 01:00:48.0915 0x3958 AV detected via SS2: 360 Total Security, C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ( 10.0.0.1540 ), 0x51000 ( enabled : updated ) 01:00:48.0921 0x3958 Win FW state via NFP2: enabled ( trusted ) 01:00:49.0704 0x3958 ============================================================ 01:00:49.0704 0x3958 Scan finished 01:00:49.0704 0x3958 ============================================================ 01:00:49.0727 0x2bd0 Detected object count: 0 01:00:49.0727 0x2bd0 Actual detected object count: 0

[CODE]

[CODE]

[CODE]

[CODE]

[CODE]

Buenas, en cuanto al Software que le has pasado que es el MalwareByte AntiMalwareByte le has pasado el “Análisis Rápido” y tienes que volverle a pasar el mismo programa “MalwareByte AntiMalware” y se lo tienes que pasar pero el “ANÁLISIS PERSONALIZADO

Sigue estos pasos:

Paso 1: Abre el Software MalwareByte AntiMalwareByte como “ADMINISTRADOR

Paso 2: Clikea sobre donde pone: “Analizador

Paso 3: Cliquea donde pone: "“Análisis Avanzados”.

Paso 4: En Análisis personalizado clikea donde pone: “"Configurar el análisis"” y marcar (tildar) las siguientes pestañas:

-. Analizar objetos de memoria.

-. Analizar registro y elementos de inicio.

-. Analizar dentro de los archivos.

-. Analizar en busca de rootkits.

Donde pone programas potencialmente no deseados (PUP):

-. Marcada la opción que pone:

"Considerar las detecciones como malware"

En la “Segunda Opción” que pone: “Modificaciones potencialmente no deseadas (PUM)”: “dejar marcada” la opción que pone:

-. “Considerar las detecciones como malware”.

Una vez echo esto, “en la parte derecha”, marca “TODAS” las unidades, es decir:

-. Pulsar en la UNIDAD C, D…: -. y así marcar “TODAS LAS UNIDADES” que se reflejen en esos recuadros.

Paso 5: Pulsar donde pone: “Analizar” y empezará el Análisis.

Cuando termine de analizar todo el ordenador, si encuentra amenazas, dejar marcadas todas las casillas que salgan y clikea donde pone: Cuarentena o algo parecido, esperar a que realice el proceso y si te pide reiniciar el ordenador para poder eliminar las amenazas y/o infecciones lo reinicias y me mandas de nuevo el reporte.

Comunicarte que la pantalla "NO"; se tiene que poner en “Estado de Suspensión”, es decir, que “NO”; “Se Apague La Pantalla”; mientras se está llevando a cabo dicho proceso, eso lo puedes hacer llendo a la opción de “Configuración” en tu ordenador, en la opción de “Sistema”; “Inicio/apagado y suspensión”; “Opciones de Energía” y configurando tu ordenador para tal finalidad ya que si se apaga la pantalla se puede interrumpir el proceso de análisis y no producirse adecuadamente el proceso de desinfección