Imagen incorrecta en multiples .DLL

Arcanine · 8 Febrero, 2021 03:19

Buenas,

Desde hace un par de horas, cada vez que abro alguna aplicación me aparece un error:

Imagen incorrecta

C:\Windows\SYSTEM32\XXXXXX.DLL no esta diseñado para ejecutarse en Winwdows o contiene un error. Intente instalar el programa de nuevo por medio de los medios originales de instalación, o póngase en contacto con el administrado del sistema o el fabricante de software para obtener ayuda.

Estado del error 0x000012f

Todo estaba bien hasta que reinicie la computadora porque llevaba un par de días encendida. Espero me puedan ayudar a recuperar el windows.

Marr0n · 9 Febrero, 2021 01:58

Hola, buenas @Arcanine

¿Relacionas algún hecho o algo que has realizado recientemente con el ordenador para que te aparezca dicho error repetidamente. Ejemplo: descargar cosas varias de internet, instalar programas, quitar programas, etc…?

¿Qué sistema operativo utilizas?

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente.

0) Descarga IFS

Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
Cierra todos los programas que tengas abiertos.
Ejecuta IFS.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
Pulsar en el botón Analizar, y espera a que se realice el proceso. Puede tardar varios minutos.
Al terminar se abrirá un informe, lo adjuntas en tu próxima respuesta (puedes encontrarlo en C:\IFS.log).

Pegas el reporte de IFS.

NOTA IMPORTANTE

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Arcanine · 9 Febrero, 2021 02:26

La verdad es que nada que me dijera que estaba tan mal el PC o que fuera tan mal como ahora, y pues bueno instale un programa tratando de hacer trampa en un juego, ahora ya ni recuerdo como se llama correctamente el programa pero es uno parecido a “TeamPlayer”.

Otra cosa el link del programa IFS me manda al hilo donde esta la guia del malwarebytes.

Arcanine · 9 Febrero, 2021 02:38

[B]~~~~~~~~~~~| Inicio: [/B]

*IFS (InfoSpyware First Steps) v 1.3
*www.InfoSpyware.com | www.ForoSpyware.com
*Iniciado: 08/02/2021 a las 20h.28m.18s

[B]~~~~~~~~~~~|  Información del Sistema:[/B]

OS: Microsoft Windows 10 Pro x64 
Idioma: Spanish (Mexico) (|es-MX)
Permisos de Administrador / ON
Windows se Inició en   Modo Normal
Drive: C:\Windows (Install: \Device\HarddiskVolume3)

[B]~~~~~~~~~~~| Arquitectura Fisica:[/B]

CPU: Gigabyte Technology Co., Ltd.
CPU Modelo: B360 AORUS GAMING 3
Procesador: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz (x64-BasedPC)
Memoria RAM: 32 Gb. En Uso: 12 %
Video: NVIDIA GeForce GTX 1660 SUPER
Chip: GeForce GTX 1660 SUPER Capacidad video:-1 MB (Integrated RAMDAC)

[B]~~~~~~~~~~~| Unidades[/B]

C: [FIXED|NTFS|] - [1397.3 Gb][633.6 Gb][763.7 Gb]
E: [FIXED|NTFS|] - [1677.9 Gb][1677.7 Gb][0.14921875000 Gb]
C:\ Fragmentación total 24.43% - Desfragmentar unidad
E:\ Fragmentación total 0.00% - Correcto

[B]~~~~~~~~~~~| Seguridad del SO[/B]

SafeBoot: Inicio en Modo seguro Correcto
Security Center: [COLOR=#FF0000][B]El servicio no está activo[/B][/COLOR]
Windows Update: [COLOR=#FF0000][B]El servicio no está activo[/B][/COLOR] 
AV: Windows Defender *[COLOR=#FF0000][B]Protección Residente [OFF][/B][/COLOR] / Actualizado*
FW: Windows Firewall *Habilitado*

[B]~~~~~~~~~~~|  Update Check[/B]

Internet Explorer Versión Instalada 11

[B]~~~~~~~~~~~| Process List[/B] 

MBAMTray.exe (Malwarebytes Anti-Malware)
MBAMservice.exe (Malwarebytes Anti-Malware)
avp.exe (Kaspersky)

[B]~~~~~~~~~~~| Install Check[/B] 


Kaspersky Internet Security [21.2.16.590]
Kaspersky Secure Connection [21.1.15.500]
Panda USB Vaccine 1.0.1.16 []
CCleaner [5.72]
Revo Uninstaller Pro 4.3.3 [4.3.3]

[B]~~~~~~~~~~~| Registry Check[/B]

HKLM\Run(x64): [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
HKLM\Run: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
HKLM\Run: [OneDrive] "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKLM\Run: [Opera Browser Assistant] C:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
HKLM\Run: [utweb] "C:\Users\Admin\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
HKLM\Run: [Supercopier4.exe] C:\Program Files (x86)\Supercopier\SuperCopier4.exe
HKLM\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
Winlogon(x64): Shell = explorer.exe
Winlogon: Shell = explorer.exe
Userinit(x64): Userinit = C:\Windows\system32\userinit.exe,
Userinit: Userinit = C:\Windows\system32\userinit.exe,

[HKCR\.\.open\command] -> Navegador Preferido es Internet Explorer
StarPage:hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
StarPage:hxxp://go.microsoft.com/fwlink/?LinkId=54896

[B]~~~~~~~~~~~| PUPs Check[/B]

HKLM64\SOFTWARE\Partner


[B]~~~~~~~~~~~| Listado 7 Días (Predeterminado)[/B]

[07/02/2021 20:24] - C:\Windows\pss
[08/02/2021 07:34] - C:\Windows\setupact.log
[08/02/2021 07:34] - C:\Windows\setuperr.log
[08/02/2021 20:10] - C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
[08/02/2021 20:11] - C:\Windows\tweaking.com-regbackup-DESKTOP-9B0E2ED-Windows-10-Pro-(64-bit).dat
[07/02/2021 20:04] - C:\Windows\WindowsUpdate.log
[02/02/2021 10:03] - C:\AdwCleaner
[07/02/2021 20:07] - C:\bootTel.dat
[07/02/2021 20:07] - C:\found.000
[08/02/2021 20:27] - C:\FSTool
[08/02/2021 20:28] - C:\IFS.log
[08/02/2021 20:11] - C:\RegBackup
[08/02/2021 09:31] - C:\TDSSKiller.3.1.0.28_08.02.2021_09.31.20_log.txt
[08/02/2021 09:33] - C:\TDSSKiller.3.1.0.28_08.02.2021_09.33.42_log.txt
[08/02/2021 09:44] - C:\TDSSKiller.3.1.0.28_08.02.2021_09.44.58_log.txt
[08/02/2021 09:37] - C:\TDSSKiller_Quarantine

[B]~~~~~~~~~~~| C:\Windows\Tasks:[/B]

[07/02/2021 20:26] - C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job

[B]~~~~~~~~~~~| End Report[/B]
*Finalizado 20:34:48
*Se limpiaron los archivos temporales
*[1599815] C:\Users\Admin\Downloads\Programs\IFS.exe
*Herramienta de Análisis e investigación

Marr0n · 9 Febrero, 2021 02:48

OK. Debo decirte que muy probablemente tengas infectada la máquina. Veo que no es la primera vez que se te infecta la máquina.

¿Has probado desinfecciones por tu cuenta? ¿Verdad? Pon los reportes de todas las herramientas que hayas utilizado como AdwCleaner, TDSSKiller, todas.

Tienes Adware y casi seguro o al menos tenías/tienes Rootkits. Aparte tienes la unidad C fragmentada, y tienes las actualizaciones desactivadas.

Tienes buen HardWare en general en tu máquina. Pero tienes un pequeño desastre dentro de ella, de nada sirve tener buen HardWare si después no la cuidas y vigilas en cuanto a software y que es lo que haces con ella.

Traes los reportes pedidos.

Salu2.

P.D.:

Fallo mío.

Arcanine · 9 Febrero, 2021 02:54

AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build:    01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-07-2021
# Duration: 00:01:11
# OS:       Windows 10 Pro
# Scanned:  31956
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2428 octets] - [02/02/2021 10:05:03]
AdwCleaner[C00].txt - [2669 octets] - [02/02/2021 10:06:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Arcanine · 9 Febrero, 2021 03:00

TDS Killer (parte1)

09:44:58.0918 0x151c  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
09:45:00.0926 0x151c  ============================================================
09:45:00.0926 0x151c  Current date / time: 2021/02/08 09:45:00.0926
09:45:00.0926 0x151c  SystemInfo:
09:45:02.0490 0x151c  
09:45:02.0490 0x151c  OS Version: 10.0.19041 ServicePack: 0.0
09:45:02.0490 0x151c  Product type: Workstation
09:45:02.0490 0x151c  ComputerName: DESKTOP-9B0E2ED
09:45:02.0490 0x151c  UserName: Admin
09:45:02.0490 0x151c  Windows directory: C:\Windows
09:45:02.0490 0x151c  System windows directory: C:\Windows
09:45:02.0490 0x151c  Running under WOW64
09:45:02.0490 0x151c  Processor architecture: Intel x64
09:45:02.0490 0x151c  Number of processors: 12
09:45:02.0490 0x151c  Page size: 0x1000
09:45:02.0490 0x151c  Boot type: Normal boot
09:45:02.0490 0x151c  CodeIntegrityOptions = 0x00000001
09:45:02.0490 0x151c  ============================================================
09:45:02.0491 0x151c  KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
09:45:02.0491 0x151c  KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
09:45:02.0491 0x151c  BG loaded
09:45:03.0773 0x151c  System UUID: {085C100A-AEA2-D806-03F1-1AABC234596B}
09:45:04.0583 0x151c  !crdlk
09:45:04.0585 0x151c  Drive \Device\Harddisk0\DR0 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
09:45:04.0785 0x151c  Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
09:45:04.0792 0x151c  ============================================================
09:45:04.0792 0x151c  \Device\Harddisk0\DR0:
09:45:04.0792 0x151c  MBR partitions:
09:45:04.0792 0x151c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x19000
09:45:04.0792 0x151c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x40800, BlocksNum 0xD1BCAFFF
09:45:04.0792 0x151c  \Device\Harddisk1\DR1:
09:45:04.0801 0x151c  MBR partitions:
09:45:04.0801 0x151c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
09:45:04.0801 0x151c  ============================================================
09:45:04.0844 0x151c  C: <-> \Device\Harddisk1\DR1\Partition1
09:45:04.0896 0x151c  E: <-> \Device\Harddisk0\DR0\Partition2
09:45:04.0896 0x151c  ============================================================
09:45:04.0896 0x151c  Initialize success
09:45:04.0896 0x151c  ============================================================
09:45:30.0713 0x151c  ============================================================
09:45:30.0713 0x151c  Scan started
09:45:30.0713 0x151c  Mode: Manual; SigCheck; TDLFS; 
09:45:30.0713 0x151c  ============================================================
09:45:30.0713 0x151c  KSN ping started
09:45:30.0847 0x151c  KSN ping finished: true
09:45:38.0649 0x151c  ================ Scan BIOS =================================
09:45:38.0649 0x151c  BIOS info: vendor = American Megatrends Inc., version = F13, releaseDate = 06/05/2019
09:45:38.0649 0x151c  Base board info: manufacturer = Gigabyte Technology Co., Ltd., product = B360 AORUS GAMING 3-CF, version = x.x
09:45:43.0049 0x151c  [ 5FF4F50AB85FE8F0EF4C66FB6E252E4D, 41679CA7C8E3E5F5B3330E78295A385626DFC35EB3B4FD4FD85B68B580FCECCD ] BIOS
09:45:43.0049 0x151c  BIOS - ok
09:45:43.0050 0x151c  ================ Scan system memory ========================
09:45:43.0051 0x151c  System memory - ok
09:45:43.0052 0x151c  ================ Scan services =============================
09:45:46.0831 0x151c  [ AF50A9D10FF7B1D999BA99D00CC128B3, 3D6E0579821BFA91B7F0A6E6DDC6E03BD3389202AD1A079B825D18D2A76250A0 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
09:45:46.0941 0x151c  1394ohci - ok
09:45:46.0959 0x151c  [ 1C29610EDF5FE3C9D313207BD65BCDD0, 5A29D80AF47D08998125CB81BC1D4E84093291A74DE422B63F7BBDA7BDE95311 ] 3ware           C:\Windows\system32\drivers\3ware.sys
09:45:46.0968 0x151c  3ware - ok
09:45:47.0014 0x151c  [ 3C9B298DD9DE74489CD0D260C9788E51, 0089243A907FCDBA372AB30464D5DDC6A7EEFF07149BF213C353209B9D7FED8D ] AarSvc          C:\Windows\System32\AarSvc.dll
09:45:47.0058 0x151c  AarSvc - ok
09:45:47.0141 0x151c  [ B518ABCB48F248FF2D582C2F9E4E6D01, 7C1F6FF379450159ECA8249427628F7F56B0E4D7E62C3CD743EA5DCE2B311FBF ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:45:47.0160 0x151c  ACPI - ok
09:45:47.0234 0x151c  [ 6A424E6ABD1970E23ECF3DA85725B6BF, 1D576471A8035AD3FF5B0616F47B79E43AA367ECDF009D7CADDA0F11F13A1345 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
09:45:47.0250 0x151c  AcpiDev - ok
09:45:47.0260 0x151c  [ 70D9FC69CED08E86B888717CC5C37367, 34856C805B67F3EE4ABFD81B61879112344C343BC7E76A7A466FAD276E0E5165 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
09:45:47.0268 0x151c  acpiex - ok
09:45:47.0288 0x151c  [ EF7CB34FB2D56305EF942012499AB8F7, 3A9A504797FD22BB5447BB36597D5001320ABC0D4A1853D478C038EAC6847913 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
09:45:47.0303 0x151c  acpipagr - ok
09:45:47.0324 0x151c  [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
09:45:47.0353 0x151c  AcpiPmi - ok
09:45:47.0369 0x151c  [ 85A86944A6163F0B7A8B10203B70CB9A, 72D35F5DB8714D38E4050A7F7A457C4AD99E3EA212040704F1C1ECBB70E865E9 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
09:45:47.0402 0x151c  acpitime - ok
09:45:47.0430 0x151c  [ 0A5B95079E8854FFDB8ABC057812AD8B, 897A9C367AD464F0CB4DEB4E53CD788D75673B0F84241D5CEE2DBE64BE038818 ] Acx01000        C:\Windows\system32\drivers\Acx01000.sys
09:45:47.0502 0x151c  Acx01000 - ok
09:45:47.0536 0x151c  [ B4B75D49BFBCFB2762593F77E5BD7789, B83072D77685F973701EC6629D8AC2626FDEFD657A4DB9AA7D532960A29FC67C ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
09:45:47.0565 0x151c  ADP80XX - ok
09:45:47.0588 0x151c  [ 330D000E981E6EDDD8CCA1273B023216, C825D08F01FDE3ACB33605A0CA9643876F783240D68644E748258FF3E97B2CA1 ] AFD             C:\Windows\system32\drivers\afd.sys
09:45:47.0603 0x151c  AFD - ok
09:45:47.0673 0x151c  [ DA9358F605BE585CA155175054E6B1D2, 5DC32BD6FF5689A8CE9510A85BE8CF3EF3B5214A655D31F0CAD038ECC9D89955 ] afunix          C:\Windows\system32\drivers\afunix.sys
09:45:47.0746 0x151c  afunix - ok
09:45:47.0816 0x151c  [ 852B17846D11304E043E4C8A71323D5E, BC3A37CEB86D2B1970A9F4ABA31F958A1FE07C246F4F127334BB19719893ED91 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
09:45:47.0846 0x151c  ahcache - ok
09:45:47.0920 0x151c  [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter        C:\Windows\System32\AJRouter.dll
09:45:48.0015 0x151c  AJRouter - ok
09:45:48.0043 0x151c  [ EE6E3DCACA515C8E507236E4FAC225DE, AC42E63AB0DF0D5329506900D4CBE188BB3A24AEBEE368F9FF413A2C464AD656 ] ALG             C:\Windows\System32\alg.exe
09:45:48.0065 0x151c  ALG - ok
09:45:48.0098 0x151c  [ A7561471131641373CE6C01C6A51364D, A5BB2CDC3093B0FF099EB962BC1C89CD10BE40BAEF09B0EEC2167F6653B77690 ] AMD Crash Defender Service C:\Windows\system32\amdfendrsr.exe
09:45:48.0113 0x151c  AMD Crash Defender Service - ok
09:45:48.0197 0x151c  [ 89884017B9E3FA7C5951ED1C9721903E, E2942883C4D7DF32490FCD570F3510AD99EFF548C795CB0F7F999907DD401DB5 ] AMD External Events Utility C:\Windows\System32\DriverStore\FileRepository\u0358704.inf_amd64_0f4f1df2ad15c360\B358374\atiesrxx.exe
09:45:48.0216 0x151c  AMD External Events Utility - ok
09:45:48.0251 0x151c  [ C9E41E129CEF9659DF849F0B681D0E7D, 691FD310ED5D8DE70A7179106302A712AA7C61126AB763AAD9B51A28CDBD27C2 ] amdfendr        C:\Windows\system32\DRIVERS\amdfendr.sys
09:45:48.0257 0x151c  amdfendr - ok
09:45:48.0275 0x151c  [ 55578CF027B0AE9F0D653B209C9F1B6D, 46A53925BAA34FA9D87E7C3157504A4557D81CD8B8608E7AB6CAF02F482F7792 ] amdgpio2        C:\Windows\System32\drivers\amdgpio2.sys
09:45:48.0307 0x151c  amdgpio2 - ok
09:45:48.0330 0x151c  [ D0E26E590DE1424CCC4F77D1687049EF, 387811D57DEF06C9736D9F0BAB0DFB0F83DBAB19E5489BF9A6DCDCBD682DD8FE ] amdi2c          C:\Windows\System32\drivers\amdi2c.sys
09:45:48.0347 0x151c  amdi2c - ok
09:45:48.0414 0x151c  [ 734E112E25EDCA35997E98B7CE9B275B, F30F7E60B78E70C4395CC601870B130DB207DB765032495F7F3DAD66423C233B ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
09:45:48.0436 0x151c  AmdK8 - ok
09:45:48.0474 0x151c  amdkmdag - ok
09:45:48.0503 0x151c  [ 6EC5D4D633BDE748A4D423885BE56034, B553890CB5703C291084C5CF2013D2EF560E8953C582832AE11462FA12C3334A ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
09:45:48.0513 0x151c  AmdPPM - ok
09:45:48.0537 0x151c  [ 70D7BE6BB8D22A38AD0040A1EC41C1FE, D5231F97E5432234A8A19904E59C324E825AF04881AA195C19CCC9E6A7684B14 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:45:48.0550 0x151c  amdsata - ok
09:45:48.0637 0x151c  [ C47EDC5D81546677A772CFC86281ED29, 71C7E7E5AA74596A6725D8F70F1DE9A0C63D3C3E120D9CCF8A508854AC340A23 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:45:48.0653 0x151c  amdsbs - ok
09:45:48.0683 0x151c  [ F1A1CA86A1E3782A0CABB07EF3663C70, 1FC1D4287DB56A387BDF917C0CB3BFC30CA5D792A350E2EDBBDDEBF8127E1AF9 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:45:48.0688 0x151c  amdxata - ok
09:45:48.0703 0x151c  [ A3602EB3D3F55027AABB58480E287294, 496ADD91BDA3EA592D1E34FEB5D8B211DD650EE34F99DC34733418078BEDC2B6 ] AMDXE           C:\Windows\System32\drivers\amdxe.sys
09:45:48.0707 0x151c  AMDXE - ok
09:45:48.0885 0x151c  [ E9FB13875B744FA633D1A7A34B0F6A52, FB8FB89B5F56CE2ACD9668021A470A18B7898808750800861151E908D5B1A20E ] AnyDesk         C:\Program Files (x86)\AnyDesk\AnyDesk.exe
09:45:49.0149 0x151c  AnyDesk - ok
09:45:49.0337 0x151c  [ 929D8C927E33378726CCAB85B67394A4, 8420A6D78FE94305C1F15FFADA20ADDEA141CAC98210B312AAB4C7BF45B138FE ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
09:45:49.0409 0x151c  AppHostSvc - ok
09:45:49.0452 0x151c  [ 9221DE634DD1E89CBE7A8A8FBD9659F6, CDAB57359232E7DA2B535E5CA4B040FCABAC9481F90744DE47E145875E61A7EB ] AppID           C:\Windows\system32\drivers\appid.sys
09:45:49.0460 0x151c  AppID - ok
09:45:49.0498 0x151c  [ D4FA92DB8BBC5840FBD921EEC4F424F8, 9F6E16BC3D5E03841225C0163120FB6D6B1F74BD9B289A8AD3A8D3C53AFA414D ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:45:49.0525 0x151c  AppIDSvc - ok
09:45:49.0537 0x151c  [ 158283FDB4A60D3A2BCC86EC0CD203EB, E03E314025BD2FD7976366885DDD245717DEEF03840466573E48C1FE0503A11C ] Appinfo         C:\Windows\System32\appinfo.dll
09:45:49.0620 0x151c  Appinfo - ok
09:45:49.0634 0x151c  [ 57F91DFF3124A0FCEDB6041DC184DB88, 183CE2AA9887D402FBB4FCD419162B27019B0CC19970909DBDAED607AE92F875 ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
09:45:49.0692 0x151c  applockerfltr - ok
09:45:49.0733 0x151c  [ 23A64FAEBC3E565537D8A54BC2791F9A, 0F142FA2669BA775C0A253CBEC8AD81632135B28221C464DDE49BC58BE9689C3 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:45:49.0837 0x151c  AppMgmt - ok
09:45:49.0871 0x151c  [ 63009F3BC5877AAEED991DD62A6B16D3, DF2426C250E444FFB46CC98E096BA5B14DB92099E21CC0765216124CBB5DE119 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
09:45:49.0947 0x151c  AppReadiness - ok
09:45:50.0199 0x151c  [ DC06815F02B8E4F5BFDD44D29DE33047, 03BC40C526BA6C67474DF13A61D724F7E01C39342D66C5F4BE7FC3F8A0F5A662 ] AppVClient      C:\Windows\system32\AppVClient.exe
09:45:50.0284 0x151c  AppVClient - ok
09:45:51.0101 0x151c  [ 6859368DBF5BD69B25B34AA1475258EC, 15763D9C6EC89DBA974C41BDB362D82F23A550FF78943D8B2E158518DB899A14 ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
09:45:51.0108 0x151c  AppvStrm - ok
09:45:51.0255 0x151c  [ E4F5D59DC7E64CF1194BE21313F9F06B, FCF60C3C9A5A864AAAFBEF0FC3BE098EF3B28F89B92CCDAF7902D5022E9BB2CF ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
09:45:51.0263 0x151c  AppvVemgr - ok
09:45:51.0287 0x151c  [ 0D69102DA6BCC3297F8C1BA77AB87F73, E073804F721AD6067D54C6604945C5365E45935C76AC5EC5DBC1ED1F91CA1878 ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
09:45:51.0294 0x151c  AppvVfs - ok
09:45:51.0424 0x151c  [ 86D999584CAE04145573482866210A71, 167371EE457E74A1C281A97161799DD1C9FED7B5B2F618501C4996AB09926F9A ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
09:45:51.0679 0x151c  AppXSvc - ok
09:45:51.0708 0x151c  [ 46FD8469080917EE12425AF692C4BC20, 96DCA25AE619F38640B22702A10BC3191626F3A36DE0E1B0EDA3B079EA9DEB24 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:45:51.0716 0x151c  arcsas - ok
09:45:54.0169 0x151c  [ E521372979F4F1AB092B6FC18EAF76F6, 64FAE007652F3F416E3F700BD4C80BFCA19B5076ABB231A549167A2C7D9A5A1A ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:45:54.0252 0x151c  aspnet_state - ok
09:45:54.0389 0x151c  [ B92E98787BF020A827003976E2D0380D, CB7DD9F580A8A67F53259B8A988209EC2B8BEBE39BE945BD916237F24E5923C5 ] AssignedAccessManagerSvc C:\Windows\System32\assignedaccessmanagersvc.dll
09:45:54.0506 0x151c  AssignedAccessManagerSvc - ok
09:45:54.0578 0x151c  [ D930AAE80A55116D07C41E95DE5671DB, 14985D6D2D52689C1B012F64ED0D7C9C5F6BADB51C4528BF6456D3EAE2FE69A7 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
09:45:54.0621 0x151c  AsyncMac - ok
09:45:54.0644 0x151c  [ 3A12051B3C48B37760C77D93D7577E4E, B43465C265992657743D2ADED51E9DE64F0963E8B3B257F166890730919EE031 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:45:54.0708 0x151c  atapi - ok
09:45:54.0765 0x151c  [ 08D3A5CE2FE501438099002524E26E5F, F6CFB657EF0488959A637459DF2278419ABA3DEDDEF731156DCBD5DBB3C5817E ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWT6.sys
09:45:54.0786 0x151c  AtiHDAudioService - ok
09:45:54.0882 0x151c  [ 6AB644BCB51E5874FE068310549139A9, 6B07F11B69559FC0C16F43EDB8FE1D1390BAF9DBDE8F8C5842F9DC43BA2F9D54 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
09:45:54.0977 0x151c  AudioEndpointBuilder - ok
09:45:55.0081 0x151c  [ 998F4F6854596AD73E21494EFEA5D25A, 5CD875A3431F593992DD7AAD17643D18FE9317EBAAC5E10264CFF32C43F0A62F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:45:55.0127 0x151c  Audiosrv - ok
09:45:55.0288 0x151c  [ 5842D10A7461B7F1E456666A22611089, 7E0D27F365B3E1C89FA88EE28A8AE69ABB959083E6D151BBED87E9D41B743033 ] autotimesvc     C:\Windows\System32\autotimesvc.dll
09:45:55.0340 0x151c  autotimesvc - ok
09:45:55.0995 0x151c  [ 152EA58B5A112A9F9477E7BC90274D7C, 5067D8A4696D4F91D1E70CCEA66D3E3B7F8A41717024BBA124EDA55EEF5BF077 ] AVP21.2         C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe
09:45:56.0120 0x151c  AVP21.2 - ok
09:45:56.0147 0x151c  [ 33A4AE9880A55320D6922FF9193190CC, 98E1D7AF4B14BE99F0786170E6C1B4562672E535BBA5984658DA00D6F4DD70F9 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:45:56.0175 0x151c  AxInstSV - ok
09:45:56.0213 0x151c  [ 638C59D330A7AF943074678A70F22E7C, FEB2771428706126FEA1CC9A50EBE3CF4F8E8FB6FCB3CA19996497CA44FDAC45 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:45:56.0242 0x151c  b06bdrv - ok
09:45:56.0317 0x151c  [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam             C:\Windows\system32\drivers\bam.sys
09:45:56.0332 0x151c  bam - ok
09:45:57.0559 0x151c  [ 0A9D38310E9683EB13C7DB9F289DDD70, B39BF3F5877613A05088B57B218D8342129DB86FD064B3DC25D1FB2B0611EBA3 ] BasicDisplay    C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys
09:45:57.0611 0x151c  BasicDisplay - ok
09:45:57.0636 0x151c  [ D6854E27F8E52524BAD0DDB0B06057E3, 77CD4ED4D9EADF350E5015F5DB4146D981ECF38491C52CF26CD9C3E95918DD80 ] BasicRender     C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys
09:45:57.0657 0x151c  BasicRender - ok
09:45:57.0764 0x151c  [ 7D1FEE3400150B5C5B6A2DB49FC8CF8D, 36162C9969ECE92D6E08123A7F117BB11D735213242F78B0EE50AAB141CB8291 ] BcastDVRUserService C:\Windows\System32\BcastDVRUserService.dll
09:45:57.0802 0x151c  BcastDVRUserService - ok
09:45:58.0127 0x151c  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
09:45:58.0142 0x151c  bcmfn2 - ok
09:45:58.0197 0x151c  [ 99F72A71BC0DEDA99C0F3424B23DB4A2, 1276972565AD6FB7EAE392A5851050D7B4DC244C74D8FDE25CEAFBBDC24F7087 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:45:58.0274 0x151c  BDESVC - ok
09:45:58.0306 0x151c  [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep            C:\Windows\system32\drivers\Beep.sys
09:45:58.0350 0x151c  Beep - ok
09:45:58.0444 0x151c  [ DBE50ED024962A6CEBD2DB5CB3ADE97D, 5A0B6E4D4C0F7B43EC0E4C562C5A5E53331F7CB020C89189DC0BE425497638BE ] BFE             C:\Windows\System32\bfe.dll
09:45:58.0527 0x151c  BFE - ok
09:45:58.0572 0x151c  [ EEA21C915F325FD6E029DB7927D95C11, 071E0B7204947AC13CAF3994267D0ADA31EA862F62BD3A0BC98F6A96C29EAC61 ] bindflt         C:\Windows\system32\drivers\bindflt.sys
09:45:58.0582 0x151c  bindflt - ok
09:45:58.0850 0x151c  [ BCFC1194BEF8900C4D3C023A607683E9, C6B3A5493E6654926343BB9147F56DF052B61697FE3E20F268D70F4168A71F52 ] BITS            C:\Windows\System32\qmgr.dll
09:45:59.0853 0x151c  BITS - ok
09:45:59.0900 0x151c  [ 75EAE89BE11B0C8DF8F05CF8AE335ABF, F88B7BDEEF51523BF155E8ED24D88FCA73483ECA09CD34D20AD098C83A3F3721 ] BluetoothUserService C:\Windows\System32\Microsoft.Bluetooth.UserService.dll
09:45:59.0927 0x151c  BluetoothUserService - ok
09:46:00.0012 0x151c  [ 56283073404C55F35FD182B2A8025405, 78312CD9CADB24DEE22413F2F0642A8FF10C91200D7ABB17C1C2D2D7B30E18D8 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:46:00.0097 0x151c  bowser - ok
09:46:00.0122 0x151c  [ BB5F7158B36E065CFBAEFD6E6E245B1F, 69409DC4972D0C31C79B6833584D9B197BB36C7B94F9010CD3D9AE04441EB68D ] BrokerInfrastructure C:\Windows\System32\psmsrv.dll
09:46:00.0143 0x151c  BrokerInfrastructure - ok
09:46:00.0254 0x151c  [ AB468C5CECD1E9C3514330EDE7ED4E36, 7D40DA12F7307A5B98BD9041ABB001F9507D2E1E87E27A918DE2C93FE2AC31D5 ] BTAGService     C:\Windows\System32\BTAGService.dll
09:46:00.0330 0x151c  BTAGService - ok
09:46:00.0361 0x151c  [ 7F09708B8C651A0C0E2A2725136BA254, 0442A18BBED4E323265C66561C8F8C171D8E934E9089C12B94D1DFDBB057B737 ] BthA2dp         C:\Windows\System32\drivers\BthA2dp.sys
09:46:00.0399 0x151c  BthA2dp - ok
09:46:00.0452 0x151c  [ 7BF7F35786BC3BA6B80FC5CED70D5735, AC601B53D6B36EA3F3E0C7698085A0937957920691495264305B05730B4D44BD ] BthAvctpSvc     C:\Windows\System32\BthAvctpSvc.dll
09:46:00.0483 0x151c  BthAvctpSvc - ok
09:46:00.0493 0x151c  [ BD44766A28D3C9E6F58AEB11590B40E2, B05BB560E4A52D6AEC201690C8506B17CBDD5E7F2692BA227CAB1599F0209DE8 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
09:46:00.0504 0x151c  BthEnum - ok
09:46:00.0565 0x151c  [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
09:46:00.0645 0x151c  BthHFEnum - ok
09:46:00.0678 0x151c  [ 5DB45AA1E36C0F7A636F3535519760C3, DE43D46E89ADB26F124530A9EABAA3A7553546F92BAC432D28A35682ED38DEEE ] BthLEEnum       C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
09:46:00.0936 0x151c  BthLEEnum - ok
09:46:00.0966 0x151c  [ 6FF284D55CD3F37269E1B4F629768BC9, 4CDE4D8B0E23B196B796761C4C7F0E4E70E0E710353D69651022A8A17BB2542C ] BthMini         C:\Windows\System32\drivers\BTHMINI.sys
09:46:00.0976 0x151c  BthMini - ok
09:46:01.0009 0x151c  [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
09:46:01.0029 0x151c  BTHMODEM - ok
09:46:01.0184 0x151c  [ A9A48279B79E494DB8252024BE613EEC, EF8B3E5F0622E2B2956E0BC8BA16A5476B9A130DBD148639DF78CAF6DD5886BE ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
09:46:01.0251 0x151c  BTHPORT - ok
09:46:01.0417 0x151c  [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv         C:\Windows\system32\bthserv.dll
09:46:01.0679 0x151c  bthserv - ok
09:46:01.0702 0x151c  [ E0332CBEEB6DA46E359501C5E0D4A8BB, 1B4443DA8F93D12C062AA7E1B6983E84BFA31E962F0262748DCDFF77097AD1D6 ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
09:46:01.0752 0x151c  BTHUSB - ok
09:46:01.0816 0x151c  [ 4FF20E869FE2B5A0B8CE2E8BE61C7F7F, 8DE3B7C87D88CF375417355A7C5052B2DE38805B563D61D0E483DB4AD96BD741 ] bttflt          C:\Windows\system32\drivers\bttflt.sys
09:46:01.0937 0x151c  bttflt - ok
09:46:01.0990 0x151c  [ EF2A1F3C5EC4EFFFBE9A69B892FBA29C, 16A900FBAB30D008F01F4CAE96347BF313D9D13C7FE430249A0BF4322534CB18 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
09:46:02.0011 0x151c  buttonconverter - ok
09:46:02.0031 0x151c  [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD             C:\Windows\System32\drivers\CAD.sys
09:46:02.0052 0x151c  CAD - ok
09:46:02.0086 0x151c  [ 6BFF62BA360EAF372BE4E3C2B2BE8806, 267265782A252C2F87EE0DF5FA71EEE2EE61A271E58DF98F520478220051ABF0 ] camsvc          C:\Windows\system32\CapabilityAccessManager.dll
09:46:02.0117 0x151c  camsvc - ok
09:46:02.0158 0x151c  [ 2105AA8FE3EFA084BCDB3D4541FCF3C2, 0ADE641090361B6B67EFC7F1771312173BCDD293C3E54132378768CBE46A9A60 ] CaptureService  C:\Windows\System32\CaptureService.dll
09:46:02.0178 0x151c  CaptureService - ok
09:46:02.0550 0x151c  [ 8FA9D78ED249291F43EE74B0A2B6D1EA, 0FD22505CBF690E9BC735B87422D6F9E5EBB3F6290900AB903CCDAAB5A947D8D ] cbdhsvc         C:\Windows\System32\cbdhsvc.dll
09:46:02.0756 0x151c  cbdhsvc - ok
09:46:02.0793 0x151c  [ 764FE2149251A246F6B047A0F09F5F0B, 9E0B3102BE75FB571A884D8CDD79F3A104DD63A53C8A6815C0992232A888321E ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:46:02.0819 0x151c  cdfs - ok
09:46:02.0895 0x151c  [ A9C7257E12D187A230B4144548892280, B940D7BD5AD25F5D5D24E65A53A6F58AED6D5DE02D94CF8820BDE47F6DFFC2C5 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
09:46:02.0950 0x151c  CDPSvc - ok
09:46:02.0963 0x151c  [ 2EDD23195FD4DA658C1DCD7535BD9EBA, D0D0AA4E22F21F4F8A6356DC90AFF9C8A6D943FB64BE01A0FD1A664DD3802760 ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
09:46:03.0032 0x151c  CDPUserSvc - ok
09:46:03.0104 0x151c  [ 26255C953A69CCD32EF4491411737904, 1DA759586E92BD5987AA28B697401D76BABECABBF214D08D71C27FCDBF5ADBA1 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
09:46:03.0118 0x151c  cdrom - ok
09:46:03.0133 0x151c  [ 8445EF0312F43ED972F055F59065E2C1, 40DFFCE462031D22F7ADF0BD62D31960D66BE385DE3F2A40431196DE7B87436D ] CertPropSvc     C:\Windows\System32\certprop.dll
09:46:03.0146 0x151c  CertPropSvc - ok
09:46:03.0239 0x151c  [ 198D403332FB8F2DA289BEBFEC8199AD, 5A7FD2D58C433B9B498A1B37A2F2D877061215360D8E6A752601F2ED4F283A8F ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
09:46:03.0250 0x151c  cht4iscsi - ok
09:46:03.0346 0x151c  [ 77065056FBE4E29054CB1D20303B9F59, 83E2C81274DDBE695EF845E541F7A2DB60EF5E195AE14FACDEEEBD30C0EF4E67 ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
09:46:03.0392 0x151c  cht4vbd - ok
09:46:03.0429 0x151c  [ 50D960D26425BB435B2DF67CBC14E084, 9F9C129F4BA9B71B2213BB97991C45273A1A76C83340EA37B6ED81E3972E7B6A ] CimFS           C:\Windows\system32\drivers\CimFS.sys
09:46:03.0469 0x151c  CimFS - ok
09:46:03.0512 0x151c  [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass        C:\Windows\System32\drivers\circlass.sys
09:46:03.0523 0x151c  circlass - ok
09:46:03.0577 0x151c  [ B51CE548893C0839C1577167EE8E59D3, 04D5E7454A45991067A03F75FD0C1C4D229A12DECB5486FC4D1346ED9B4EC2D3 ] CldFlt          C:\Windows\system32\drivers\cldflt.sys
09:46:03.0599 0x151c  CldFlt - ok
09:46:03.0625 0x151c  [ 0B6C0C26981B7F0088C92329C3C57200, 348564B6FD9E8E3CE0B4079AF0053E9210C1D27745B1CB9BE6FDD37199607AD5 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
09:46:03.0636 0x151c  CLFS - ok
09:46:04.0166 0x151c  [ 8F06646E409E7BADFAAA00002464972D, 9FFCC9761F13BF59D678CB5F72D34358E034D0C5B5AB3EDEE349F541897400B1 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
09:46:04.0402 0x151c  ClickToRunSvc - ok
09:46:04.0564 0x151c  [ BE588E73B7F476CB68865448DD4CE6D3, B8354942FCE4F955A594ECF552FAF102DFA5BB6AC542F1377279049887EE07CC ] ClipSVC         C:\Windows\System32\ClipSVC.dll
09:46:04.0591 0x151c  ClipSVC - ok
09:46:04.0618 0x151c  [ E127E772A705CD32BE34166F679C61C8, 209723632369404308EF6DF734077A99A295C2E380DB85AD1F8498CC8DFBC88A ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
09:46:04.0671 0x151c  CmBatt - ok
09:46:04.0762 0x151c  [ A5E72B6510D9F009DA1A7A32E18799DF, B3802798A47DD8EC7171452399E9B73EB71226CDE1BFD5E438B14231A4039C9D ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
09:46:04.0769 0x151c  cm_km - ok
09:46:04.0819 0x151c  [ D4F9936929255185F12E868C4C8A9D80, 1E04297CCD58EAE1B154E0C1C70BC679A6A6FB2D4AF4E584BE1A4FCD9709BBDC ] CNG             C:\Windows\system32\Drivers\cng.sys
09:46:04.0835 0x151c  CNG - ok
09:46:04.0859 0x151c  [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
09:46:04.0869 0x151c  cnghwassist - ok
09:46:04.0908 0x151c  [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
09:46:04.0957 0x151c  CompositeBus - ok
09:46:04.0959 0x151c  COMSysApp - ok
09:46:04.0986 0x151c  [ 57B0E791DACAD9D9524248CF240EC5F2, 2530BA7E4E7D92A3E03EFD5A50A787993A73B170619E2E4B1B37655914CD46C1 ] condrv          C:\Windows\system32\drivers\condrv.sys
09:46:04.0992 0x151c  condrv - ok
09:46:05.0029 0x151c  [ 777D606906DC4273B75D64EBFE456EF7, 38341ED0CC47B41ACF7ACDC2A345B29847A4FB48E38ACEAB1BCF89D12E6ED8AA ] ConsentUxUserSvc C:\Windows\System32\ConsentUxClient.dll
09:46:05.0077 0x151c  ConsentUxUserSvc - ok
09:46:05.0157 0x151c  [ FCDD36494083127946EDCBDA2F9706EE, 77FEEBBF5141279FB3B92E6A02D1E23C4E94B89690C886726D098142503FC52D ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
09:46:05.0263 0x151c  CoreMessagingRegistrar - ok
09:46:05.0284 0x151c  [ 4B40E06424244941C1B677B41ABA4CF7, 2266BE2B8D50DE5D366E2404F604F7A63A50233EB5425727106ECB3C14528AFD ] CredentialEnrollmentManagerUserSvc C:\Windows\system32\CredentialEnrollmentManager.exe
09:46:05.0295 0x151c  CredentialEnrollmentManagerUserSvc - ok
09:46:05.0401 0x151c  [ 4B40E06424244941C1B677B41ABA4CF7, 2266BE2B8D50DE5D366E2404F604F7A63A50233EB5425727106ECB3C14528AFD ] CredentialEnrollmentManagerUserSvc_51e88 C:\Windows\system32\CredentialEnrollmentManager.exe
09:46:05.0414 0x151c  CredentialEnrollmentManagerUserSvc_51e88 - ok
09:46:05.0490 0x151c  [ 8AB3568419872D1A8A7B45153AF7B3D4, 5171ED876E0EC5CAE2BE9161ACC90F4865FF6416EFA376C82D8A5B65724A8910 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:46:05.0538 0x151c  CryptSvc - ok
09:46:05.0577 0x151c  [ 972F6286E5D77B2CC1ED912E0565719A, 5A69D5B7354CF5D7DBDEDFB515568B4262D25685703A70CEE36BC12545B16E41 ] CSC             C:\Windows\system32\drivers\csc.sys
09:46:05.0727 0x151c  CSC - ok
09:46:05.0793 0x151c  [ 72E0D6777530626CACCA6D52A12EBFA9, 276033C2F83DCBE4AFAFA148099D40CF00891518C892885581E22C60B71E4D8F ] CscService      C:\Windows\System32\cscsvc.dll
09:46:05.0840 0x151c  CscService - ok
09:46:05.0867 0x151c  [ 612AB1277F4E89410BF1C8BE10EA1BDB, FD2CB85CDA0212C2015B1AAFEB880A4CDD4372FA843CF70C47D42984E33688B1 ] dam             C:\Windows\system32\drivers\dam.sys
09:46:05.0881 0x151c  dam - ok
09:46:05.0914 0x151c  [ 62E6F8ED10F2864DCCD5793C9E899EC8, 29405230E68E4BD26CA9E115D25A4BBCF6C69007A9066AF0550D5A8CAF451FF1 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:46:05.0969 0x151c  DcomLaunch - ok
09:46:06.0050 0x151c  [ DFEA1100B052EBB5C31CB56327D1CD33, 0A4C62D0C124B15D568E5596F75555303BF1873ED00F310E0E94D9662BDA8E85 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:46:06.0082 0x151c  defragsvc - ok
09:46:06.0133 0x151c  [ 1A2E1A2858E6B37CC446B57E7E750B54, 52C797F763337A041157C25BAF96DCA2EBFA0115DBA39381B8029914BDBA598D ] DeviceAssociationBrokerSvc C:\Windows\System32\deviceaccess.dll
09:46:06.0145 0x151c  DeviceAssociationBrokerSvc - ok
09:46:06.0308 0x151c  [ FE4EA0CAA5E58D470209FF0EB18270C5, 6F142077608D6986180C76E67AE078BAD58DCE0702946D7179D5B0C7611FC969 ] DeviceAssociationService C:\Windows\system32\das.dll
09:46:06.0355 0x151c  DeviceAssociationService - ok
09:46:06.0379 0x151c  [ 88518DAB0F204861A00EEB60A2F67055, DA34F158E527D1F6276F8FEF7D151C929199D76279B326D2721C492EB637F7ED ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
09:46:06.0397 0x151c  DeviceInstall - ok
09:46:06.0468 0x151c  [ 5A1D2CC04E1A9A170B50F730E374C7B4, EDE7EE17026B8E568DB48BFD96CF49BB004459B86E57B555B73871148343F4AF ] DevicePickerUserSvc C:\Windows\System32\Windows.Devices.Picker.dll
09:46:06.0598 0x151c  DevicePickerUserSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:46:06.0837 0x151c  Detect skipped due to KSN trusted
09:46:06.0837 0x151c  DevicePickerUserSvc - ok
09:46:06.0860 0x151c  [ 6E0BB96E369FC2F6F1830BFE098683FF, B00B3C616F64CDB53DCE00CA9C45B8618CBCCF431AFAB3145121C56EFF28E3A8 ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
09:46:06.0963 0x151c  DevicesFlowUserSvc - ok
09:46:06.0992 0x151c  [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
09:46:07.0032 0x151c  DevQueryBroker - ok
09:46:07.0069 0x151c  [ E958B2741A04DD6442F8AD0FE543D473, E26E8040A808042A0B1853D73B91081F43417979EF771E5B2ABFEE2D96B5C398 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
09:46:07.0322 0x151c  Dfsc - ok
09:46:07.0686 0x151c  [ BA7F4304D04AAE24FE319D0ACEA5F2A4, 4A3C0B0ADD742FC97A6E8A2755A98501ED57FDEEB60CB883B001849647C734D7 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus2.sys
09:46:07.0937 0x151c  dg_ssudbus - ok
09:46:08.0241 0x151c  [ 326F8AD93BD4F1A6EE30E8805BB7FC15, 4A87CFF8BA1A0AFA725FDF2B4126A051285B99B92CCBCBB568FE33AC1B27A9CD ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:46:08.0272 0x151c  Dhcp - ok
09:46:08.0327 0x151c  [ 533D631A23D178E5B4FC7660BEE3CFD2, AF2CF6B7DE3A16048B65992DFC4FE15222DA9ED597ADFF081290FB4F03581077 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:46:08.0356 0x151c  diagnosticshub.standardcollector.service - ok
09:46:08.0413 0x151c  [ 37BE5A95A334395E23BB0D82EE9BA778, D90E3A4C2F94F41C25B20D26C22C966A8B23AE9EFF0A2DC3192D08FAC9B8F865 ] diagsvc         C:\Windows\system32\DiagSvc.dll
09:46:08.0474 0x151c  diagsvc - ok
09:46:08.0571 0x151c  [ 3389C0F9A5EBD7E68ACDA5A6904D9716, 32B84953FAFDB50D22A2985DAB1899C1F2DA23BD8615E153E6962762C4ED7DF4 ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:46:08.0809 0x151c  DiagTrack - ok
09:46:08.0833 0x151c  [ C18DA33428A9A2B9D25324CEF58D8D7D, 77D90E76672653BAEE01278C276F5C9264B66BEDDBA9BCE130D8EB20A2F613A0 ] disk            C:\Windows\system32\drivers\disk.sys
09:46:08.0844 0x151c  disk - ok
09:46:08.0926 0x151c  [ CFABE1AC3ED92E7825D05E5F1E0E0026, 5045D809451A108B95067EF73624B89558CF27F4FCA15DB0FE3C920B52482729 ] DispBrokerDesktopSvc C:\Windows\System32\DispBroker.Desktop.dll
09:46:08.0998 0x151c  DispBrokerDesktopSvc - ok
09:46:09.0345 0x151c  [ 97031586FD68533A07640D7A36444D0F, 76750CC663E76D2242C0F18B67CF25E4D5D43CD4033AB7ED4C50CC612B4D5E13 ] DisplayEnhancementService C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
09:46:09.0458 0x151c  DisplayEnhancementService - ok
09:46:09.0640 0x151c  [ 2E534ECC7E339831A4CD1A641DB59BA7, F55466D0A3E4765BE4DEBDC8F2D5556B6AA451FB1EC541BB80A71B5C8955EEE8 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
09:46:09.0708 0x151c  DmEnrollmentSvc - ok
09:46:09.0835 0x151c  [ 48AA813AAA7E347CD7D6D56FE32144C6, 6604DC0E7607E46B83F1239934646AC4ADF5CA4CC463FB9DF521B243F434579B ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
09:46:09.0842 0x151c  dmvsc - ok
09:46:09.0902 0x151c  [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
09:46:10.0008 0x151c  dmwappushservice - ok
09:46:10.0159 0x151c  [ 93DC78FA4DBDF2AE6DBA778837FCCC22, 0D698E26F758ECCDFBEC4C7710FAF5E82165CA026F3F194541150178B976F16E ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:46:10.0191 0x151c  Dnscache - ok
09:46:10.0208 0x151c  [ CADE8229A1F67F84333E900E3EAD48BD, 3ED6076407384DC3691DF7F0620259FABC788B52BFC126F330405326E5344C9D ] dot3svc         C:\Windows\System32\dot3svc.dll
09:46:10.0245 0x151c  dot3svc - ok
09:46:10.0264 0x151c  [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS             C:\Windows\system32\dps.dll
09:46:10.0275 0x151c  DPS - ok
09:46:10.0359 0x151c  [ BFE3C263371211636A8A8296FEF9C88B, 2E9D9FAF2A328382421DD27B12AF690BC02C4535BBF0D2C74CB117565F7BE0A2 ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
09:46:10.0366 0x151c  drmkaud - ok
09:46:10.0434 0x151c  [ CAAEDA9EF78F6DDCBF99D3F9A9488244, C84D39077362E96844233CEC5AE709752CBD576DAD8C44FB5908DA803B3D23A8 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
09:46:10.0494 0x151c  DsmSvc - ok
09:46:10.0588 0x151c  [ 4B903583999E571ED2B3B1CB6D694605, 30B4DD37228E0FE50C200F511505C09D3FD5B3395E5AE49931E752463424C302 ] DsSvc           C:\Windows\System32\DsSvc.dll
09:46:10.0623 0x151c  DsSvc - ok
09:46:10.0723 0x151c  [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc         C:\Windows\System32\dusmsvc.dll
09:46:10.0758 0x151c  DusmSvc - ok
09:46:11.0168 0x151c  [ FCAAD06E5437CE00C6B25B9B0103DEB0, D8FC96125FD6DD91C1201AC950156287CC64668C4C067A5CD21EF60C97D3E90C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:46:11.0453 0x151c  DXGKrnl - ok
09:46:11.0529 0x151c  [ 80D54727BA06412794788ECFB278AD81, A8984C47A2BD8D3375A2D2F21AD167FA2773FD957A947C4E67BFA96CAD3683EA ] e1i65x64        C:\Windows\System32\drivers\e1i65x64.sys
09:46:11.0553 0x151c  e1i65x64 - ok
09:46:11.0774 0x151c  [ AF7B5676A104F8A7D87DDA84DDFD5240, C89BE2506C647924E94FA2F44AA4AF9EAA2F794FA444C8854FEA5B3F563AC185 ] Eaphost         C:\Windows\System32\eapsvc.dll
09:46:11.0900 0x151c  Eaphost - ok
09:46:12.0083 0x151c  [ E7B7E38AD720352CFE9A5FF3A82AB124, 48D9F61E943A7855562950FF26B866BD51A27D980757B065504FCD3F1A1D6F07 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:46:12.0297 0x151c  ebdrv - ok
09:46:12.0471 0x151c  [ A6236E9A991C5B4E450AA6F25A460BCC, D70219DBE8CDA2F93972EA4574AA47E57B61480EF31C69510A8FAF681B0BFF46 ] EFS             C:\Windows\System32\lsass.exe
09:46:12.0570 0x151c  EFS - ok
09:46:12.0594 0x151c  [ 43114B6F1C928B6B9518B2946AF8B056, 6C8359F008A28153906D3E2876B1356EBCFA1942F6C9CF49EE6C568FF6050203 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
09:46:12.0601 0x151c  EhStorClass - ok
09:46:12.0653 0x151c  [ 9F04CF369B93A78B2E56A3DF9B41F25F, 514A0687D2ABE6C52D6BFF8F0F5E47DD77EBEEDC4E6C6539B05BD0EC27B6704D ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
09:46:12.0660 0x151c  EhStorTcgDrv - ok
09:46:13.0027 0x151c  [ BEC04CC76D692C2604ED8A6F96CFCFA5, 20494DD87A81BECB1F5EF30E3661B058C1E9BDBDE256B2E0E3E997EFC0BFE2EA ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
09:46:13.0133 0x151c  embeddedmode - ok
09:46:13.0470 0x151c  [ 3BB604FEB8A3F91C6CDD298E8AA1362F, 7A69F0C9528FD9996C12EA3AE2FB8BFDF0DF05018D46D88B5F85500E32F6606A ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
09:46:14.0151 0x151c  EntAppSvc - ok
09:46:14.0289 0x151c  [ E87F3FA1F9133DEEC1B3692976487777, BF14DB2762B48ACE54977E98DC2A4060B8B1122B58FDEFBB4C84546ABEB410A5 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
09:46:14.0429 0x151c  ErrDev - ok
09:46:14.0558 0x151c  [ E01F46001B2EB16FB51E4E518BC1FABC, BCD010D1040BC1F3024EB4B75113C7BB683EEE3B9B7A9B45769356A82C5E2130 ] EventLog        C:\Windows\System32\wevtsvc.dll
09:46:14.0667 0x151c  EventLog - ok
09:46:14.0818 0x151c  [ 32A5C3A37F88D7C3DFA78A6403B06EEF, 0313DADC0E475CEB45F19DB965CC267E32C2E5931D07E97BBA4959B15EA1D1AE ] EventSystem     C:\Windows\system32\es.dll
09:46:14.0875 0x151c  EventSystem - ok
09:46:14.0902 0x151c  [ 85B2C8DF0153F0F88BB48C9DBBA63C0B, B4C370E6A917F46EF6562091A6113E9D602A2F1B855E02690FB3359AF7B229D6 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:46:14.0917 0x151c  exfat - ok
09:46:14.0956 0x151c  [ 2AF02242359F939A7719A18CF104CB0A, EDE81DE7C493B46A7D2664ACD9119CCD3EB05FDB0EAF5576DE89C37F927B1323 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:46:14.0983 0x151c  fastfat - ok
09:46:15.0161 0x151c  [ 448D27130A927F933E9B283A165300A3, D70CB3598AF18E75DB858ACCB6D3E7B4D6F6D8F68E50673BF28A45CEA1658701 ] Fax             C:\Windows\system32\fxssvc.exe
09:46:15.0312 0x151c  Fax - ok
09:46:15.0415 0x151c  [ F567A0C101AECF4548E0BF61EE25D332, 26BC9C2F1D42CE5BEF55E98DC0DA557F09B747186580C796003CF84229F6D151 ] fdc             C:\Windows\System32\drivers\fdc.sys
09:46:15.0461 0x151c  fdc - ok
09:46:15.0727 0x151c  [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:46:15.0741 0x151c  fdPHost - ok
09:46:15.0795 0x151c  [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub        C:\Windows\system32\fdrespub.dll
09:46:15.0809 0x151c  FDResPub - ok
09:46:15.0843 0x151c  [ C014F0E25B87168982845EA57E3F2658, 58CCDAFB43C0301C4BE521CD4DA5570488090251FD30F8C999D75408E1DE0EA2 ] fhsvc           C:\Windows\system32\fhsvc.dll
09:46:16.0566 0x151c  fhsvc - ok
09:46:16.0761 0x151c  [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
09:46:16.0773 0x151c  FileCrypt - ok
09:46:16.0805 0x151c  [ EE7605E60374CBD2DDAAA120FA2E458A, 832BF32B9EFA04FBDD9638D00B209DFC88C4C69E0AEC7FF1B5AD4DDEC0F20878 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:46:16.0814 0x151c  FileInfo - ok
09:46:16.0872 0x151c  [ C7F6F4B73E410087C6DE5658AAD70232, 42C56B93FF52CAC5B74CE0A16D9D4425E8B3E690B3BD76A5A3C657655B62A34A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:46:16.0881 0x151c  Filetrace - ok
09:46:16.0897 0x151c  [ C867FE1865F45469DD96957900073361, 1534A840C56912D34DEC8F487683C0A782070A89726BF87DFAAF7F953A18A1DA ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
09:46:16.0906 0x151c  flpydisk - ok
09:46:17.0014 0x151c  [ 823F66F291F30493AD4120CDD7D377C5, 6390C3D54E955C42E73B74B1FDFB7BA45965DCBA273B34EDADAC265ADCDD9731 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:46:17.0027 0x151c  FltMgr - ok
09:46:17.0171 0x151c  [ CD96F44F2D09172B6F454737B90BAEE0, 1E4667509FBAB1D1BB6DA7D248736A234F11FFA151AEEFB09D20020DFAB69F53 ] FontCache       C:\Windows\system32\FntCache.dll
09:46:17.0403 0x151c  FontCache - ok
09:46:18.0167 0x151c  [ 91857D4F6633493CF03C22BD86ED7F81, 80982C4DA12FDD501C234782A14243DFFA8AA4D6EB94BA5E37E3575ADE53000D ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:46:18.0177 0x151c  FontCache3.0.0.0 - ok
09:46:18.0245 0x151c  [ 9B148471AAD036A3ABE3A50562877100, A7292A5E55A15090E1B61CD4A505F3195E71D4F65B41BD24F78801CF1AD3E333 ] FrameServer     C:\Windows\system32\FrameServer.dll
09:46:18.0298 0x151c  FrameServer - ok
09:46:19.0330 0x151c  [ 235DA3EC756049F96CF40818F272BE3B, FAF2420C060ED7A2A3DA3B6AE4D985720FD23306E07161292F6B09107DF35D34 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
09:46:19.0337 0x151c  Freemake Improver - ok
09:46:19.0373 0x151c  [ 426D997C91380977448617307BD67078, 3A0269C7E178CDF17ECCCDC49FC3AFD7665B3E45185C4D7F3B88D37FD1802DDA ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:46:19.0384 0x151c  FsDepends - ok
09:46:19.0446 0x151c  [ A3631ADDD926826110A436D6A04B31CA, 2073327E5C1E542EA2740CA0D43204940EB72652619B5209A2E4A4A0FB18D20A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:46:19.0455 0x151c  Fs_Rec - ok
09:46:19.0482 0x151c  [ 9E2F025BAC9AD7C6EFFF440C2C68F7FC, 8B4158C975B3585DBF01B18D648DA2DE02C220E10531AC5943A39E65FBF0BA9D ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:46:19.0505 0x151c  fvevol - ok
09:46:19.0533 0x151c  [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
09:46:19.0547 0x151c  gencounter - ok
09:46:19.0576 0x151c  [ DF2344160D1E58AB5E1DDB174D46853D, B263D352479812A4DEB6BB8AF573150491EA9F5D55DCD00185AF6759FF2601F6 ] genericusbfn    C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys
09:46:19.0689 0x151c  genericusbfn - ok
09:46:19.0720 0x151c  [ 25BBD25D30B6430E2EACB5BEFEF609CF, D0FD993B423CBBC46E41A0F1E153047592EDBFA3ADABFB041C12987FD4C41802 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
09:46:19.0728 0x151c  GPIOClx0101 - ok
09:46:19.0831 0x151c  [ BAA0BA8DD91B385BAAA093DCB0F61183, 38F85C89356C1433535CF81E6E9E1B9072DF1914B18591E424D1548E698166CA ] gpsvc           C:\Windows\System32\gpsvc.dll
09:46:19.0994 0x151c  gpsvc - ok
09:46:20.0172 0x151c  [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
09:46:20.0179 0x151c  GpuEnergyDrv - ok
09:46:20.0245 0x151c  [ A9C3C3762927473519B9F3C9847E2497, B2B5A4C7512865975BFCEE50B7CDE206D719AC5094C02E750AB436211191D12E ] GraphicsPerfSvc C:\Windows\System32\GraphicsPerfSvc.dll
09:46:20.0279 0x151c  GraphicsPerfSvc - ok
09:46:20.0292 0x151c  [ 6A3D89AC2F01A375CC6F12FEC588EFC9, 3BAB7BEB30ED64634587B6EBE625FB78A8C58058AED4151FF83231E0D5CBEFDE ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
09:46:20.0316 0x151c  HdAudAddService - ok
09:46:20.0342 0x151c  [ 4BFD517F80F247590AB6C03E3FF55E1A, A73E21AE0EEF6C49D91524B3CF118148809662D7346E6AA335CEAD12164DF073 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
09:46:20.0423 0x151c  HDAudBus - ok
09:46:20.0447 0x151c  [ 05FC1B768ACB2D5CADDCA2F2E89F579C, D773640F980BF832D74FBB5E19FC1FFC06F9401C10698C0C26CFB7C067F3DB73 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
09:46:20.0453 0x151c  HidBatt - ok
09:46:20.0589 0x151c  [ BAA82FAEFCCA50270C6F38D4108403A3, 7704F6F7716D9DF1C3CD81A228B361574A5783DC89A8DFE9B27318EBE3131345 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
09:46:20.0699 0x151c  HidBth - ok
09:46:20.0713 0x151c  [ 1E129E905072A79282D6CC929284DFE5, C161D2122638690CE4DA546CE8827B4BBD96747A4A7D799A776FEC5BC57D1582 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
09:46:20.0748 0x151c  hidi2c - ok
09:46:20.0798 0x151c  [ 1E9F3C9B201614CF4816C5D5B6C570D8, 60CF06F1668FFFB870E76D8231A090AB3AD7EA44F1F45A36FC28814CC845B94D ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
09:46:20.0810 0x151c  hidinterrupt - ok
09:46:20.0933 0x151c  [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr           C:\Windows\System32\drivers\hidir.sys
09:46:20.0952 0x151c  HidIr - ok
09:46:20.0969 0x151c  [ 2A41AF60430E686985E9101C07A77B80, 2B6EC0692A09E5943C5BBA0E3AEFC746E96412E1836C84B1857B4DCF242DD28B ] hidserv         C:\Windows\system32\hidserv.dll
09:46:20.0988 0x151c  hidserv - ok
09:46:21.0001 0x151c  [ 8E8C163D599B0F075841893DB1CAFB4B, EBE1B4498E2214AFD03B6FD8BEF52E07017A45BC7AB1501BA4BEC563C2F16F0D ] hidspi          C:\Windows\System32\drivers\hidspi.sys
09:46:21.0010 0x151c  hidspi - ok
09:46:21.0107 0x151c  [ C46EE01CE7FE9FE25D83589BD9B62C1F, 10FF1288C40916110BC95112BEF8A42124486ACD0624F92D2A96A960E10905DF ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
09:46:21.0232 0x151c  HidUsb - ok
09:46:21.0269 0x151c  [ 530C0E730B5E6BA332FB4AC98F760789, 0ADE20523619D5705B941591DF0C19D6B0030F96FECEBBC7A4ADEF963A476383 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:46:21.0276 0x151c  HpSAMD - ok

Arcanine · 9 Febrero, 2021 03:01

TDS Killer (parte2)

09:46:21.0389 0x151c  [ BDBE8ACA653E1033A4355F52BE9301D8, 789244D3DA3B91CA705F335E7EC6231B9A458485BD831B13E89821864B3ECEC7 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:46:21.0465 0x151c  HTTP - ok
09:46:21.0468 0x151c  [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash         C:\Windows\System32\drivers\hvcrash.sys
09:46:21.0473 0x151c  hvcrash - ok
09:46:21.0661 0x151c  [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost          C:\Windows\System32\hvhostsvc.dll
09:46:21.0686 0x151c  HvHost - ok
09:46:21.0846 0x151c  [ 580AE5D9F7747286B032E8364F9A8B96, 0F22EC541A13AC16A298AB5DA19590CB64E010434CA58EFE22136C14CDF4D5F1 ] hvservice       C:\Windows\system32\drivers\hvservice.sys
09:46:21.0863 0x151c  hvservice - ok
09:46:21.0900 0x151c  [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101      C:\Windows\system32\Drivers\mshwnclx.sys
09:46:21.0914 0x151c  HwNClx0101 - ok
09:46:22.0166 0x151c  [ D734926DC33F9D7E306F8B3BF68EAC57, F1CCE47AEC0E653CA6DC04C21CBC78EC6C6D74D4BF329D50BE9A7497ADD1FB3F ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:46:22.0171 0x151c  hwpolicy - ok
09:46:22.0212 0x151c  [ 22362F7C8B7B1456DDF019BFB0523C26, 3DCA435A621FC3CD786E02D013B363ADA9399839E0A31F2969E094F69AD3A183 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
09:46:22.0222 0x151c  hyperkbd - ok
09:46:22.0242 0x151c  [ BE7559280E3327E9B35E843414957438, 157D5626090149A2F71BB483C57CB20259B98C61C35185AA7C6FCD533ABE7D90 ] HyperVideo      C:\Windows\System32\drivers\HyperVideo.sys
09:46:22.0249 0x151c  HyperVideo - ok
09:46:22.0268 0x151c  [ E4B36C6EAAAB703CBFECB92EE590FB31, E1887A4E678BBA7226E7EBE5B49EC821C2F23642D321A9E1513F7477E4B9340D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
09:46:22.0280 0x151c  i8042prt - ok
09:46:22.0400 0x151c  [ 9E5AECAB5F05218D9AC923E7CEA1CE15, FAAA46F22944E043A90AE6E9F0F86AF187FC2819C563DA375B2A409347BB2C35 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
09:46:22.0453 0x151c  iagpio - ok
09:46:22.0509 0x151c  [ 48EDB9B5DAB7D294951A520330F13715, 9296A14590DFD94A3C728CAF3CA91BA211F27974F9CFF8417CDDC00D1453315C ] iai2c           C:\Windows\System32\drivers\iai2c.sys
09:46:22.0623 0x151c  iai2c - ok
09:46:22.0649 0x151c  [ 6C3EDE394C71D5A67A504F55E35B6F47, 6FF5D13EF69E8FBCB4772C7B5C4D5770C78E0B29F9164FA1611EFDE91CE876BE ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
09:46:22.0657 0x151c  iaLPSS2i_GPIO2 - ok
09:46:22.0680 0x151c  [ 806D14CEAF25E5F2DFCBA8E7E33B86BB, 2141DE558461B592D4111A0388D1AAC8062FA72CD1E2A2D2D68279A9633288E9 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
09:46:22.0717 0x151c  iaLPSS2i_GPIO2_BXT_P - ok
09:46:22.0731 0x151c  [ 87DDDAE1693484BD0A210C877BDA00C2, E353D90D0B79A70F976FD5EA1CB7E25A97835E25116962EA035424715B2F43FE ] iaLPSS2i_GPIO2_CNL C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys
09:46:22.0833 0x151c  iaLPSS2i_GPIO2_CNL - ok
09:46:22.0869 0x151c  [ 8D3E3C431367E3BA632B4396CA662E1A, 71FDC25244298D62A335769D6ED43394C33FBD8DB05AA54CA924A2977F37858F ] iaLPSS2i_GPIO2_GLK C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys
09:46:22.0878 0x151c  iaLPSS2i_GPIO2_GLK - ok
09:46:22.0928 0x151c  [ 149F1260537C4F68C3F67C363B62F3C5, 3F1F9EC7571D0F82D3F5BBA298965491260708F05EBAAA2CC23483521A5FF079 ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
09:46:22.0948 0x151c  iaLPSS2i_I2C - ok
09:46:22.0971 0x151c  [ 3E641E905A6DBF29CBA1E72BBE349808, BF354297A55713D9E2DD4044D42810C007733EE54D5A80D58B96DD279D92C716 ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
09:46:23.0054 0x151c  iaLPSS2i_I2C_BXT_P - ok
09:46:23.0075 0x151c  [ 897478D8FACEAE8681F6F3502201EC68, F105EDD16E38F5C0044CC7139E4084A04B0AE3212171A1C7F6FE759F3F5F77FC ] iaLPSS2i_I2C_CNL C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys
09:46:23.0105 0x151c  iaLPSS2i_I2C_CNL - ok
09:46:23.0180 0x151c  [ 2ED3B41C7CB4101ACB15D84D8AB5AA9D, A92487129B81376471C842B9932FF3A7B3ABBBB89797978E3FDEAF71A6FD5E3F ] iaLPSS2i_I2C_GLK C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys
09:46:23.0191 0x151c  iaLPSS2i_I2C_GLK - ok
09:46:23.0276 0x151c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
09:46:23.0282 0x151c  iaLPSSi_GPIO - ok
09:46:23.0294 0x151c  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
09:46:23.0311 0x151c  iaLPSSi_I2C - ok
09:46:23.0361 0x151c  [ E2E64636CD6A6902BD81AC3B90089484, 7274F33E5EED8AF739FFCC80B9A62CDF12553EBD2724E2F8E93FD67376CC6E84 ] iaStorAVC       C:\Windows\system32\drivers\iaStorAVC.sys
09:46:23.0392 0x151c  iaStorAVC - ok
09:46:23.0434 0x151c  [ 215525477CBDCD07A82AC518BAE3DEC3, 30BEE94794953E2DBF0FC5AFCE0566F335AF022E89819DE145329E7C09C636BD ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:46:23.0445 0x151c  iaStorV - ok
09:46:23.0473 0x151c  [ 329F2FEC47FD8754FC44A8F3F283C915, 0F3E4F33B019B278B6657B4ECEC25D04B128578622539FF5855330BDB6537545 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
09:46:23.0511 0x151c  ibbus - ok
09:46:23.0549 0x151c  [ D49DC8BB8EE3B51E343CEE6FE7A7B3F6, B587B3FDA7967D399CAF1583C254FB0FAC6A79B1FE664E320B7700BBD263B66E ] icssvc          C:\Windows\System32\tetheringservice.dll
09:46:23.0562 0x151c  icssvc - ok
09:46:23.0612 0x151c  [ 2AA81AB974C62144C8678F2CB3B6B7F4, D48F8F9DB8E128E72B1C6FAAFC3E6B3AF49D4A7E295E057479BC6FF12359E0A2 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
09:46:23.0625 0x151c  IDMWFP - ok
09:46:23.0687 0x151c  [ F4DFD5B245A3718B22B67C142CD43775, FCB8A01972C0FB19799502F8F46C67B795C721DBB76E573A73EBAA5AA08D8F38 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:46:23.0737 0x151c  IKEEXT - ok
09:46:23.0845 0x151c  [ 757B13C061132E566162F4A5F8106FD4, 284F4AAE766DD1B1AEB1C9BBEF797ACEBA94C1AD370B1FDC33649FD34F0A3DA3 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
09:46:23.0901 0x151c  IndirectKmd - ok
09:46:23.0991 0x151c  [ 1D8049147E2040039795A82B9B603963, 5DCA63897F78908E55BAD67C5E4F4AFB8C1362EBC025F4ACD9F48FF20A0D5BD8 ] InstallService  C:\Windows\system32\InstallService.dll
09:46:24.0079 0x151c  InstallService - ok
09:46:24.0101 0x151c  [ 0DE71D858231650A48536F2194692179, CC914B29A293F019886C10851F8A6987BEF554196FF5E143039CEA07F1EF6364 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:46:24.0108 0x151c  intelide - ok
09:46:24.0208 0x151c  [ 33BD441DD63284F3038A175CF970349A, D8C4579F827B80A8C45F0A506464F27A209682BD51AF3B475251B87B608F3B2F ] intelpep        C:\Windows\system32\drivers\intelpep.sys
09:46:24.0231 0x151c  intelpep - ok
09:46:24.0268 0x151c  [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax       C:\Windows\System32\drivers\intelpmax.sys
09:46:24.0279 0x151c  intelpmax - ok
09:46:24.0338 0x151c  [ 2AC9F6E1CBB8BE50C334E86BE7F1055C, 5051734B7F26F02D47FC7D45E1F908C7B0ED34A1D82F41D7D0347EAF2F433A49 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
09:46:24.0356 0x151c  intelppm - ok
09:46:24.0400 0x151c  [ D22A1D8ADEE382386F4B5BE950F870A7, 56A4C885DF07EF3DB14A2ECDE09B4B2ABAAA774600880C8F7382F3089A5071D2 ] iorate          C:\Windows\system32\drivers\iorate.sys
09:46:24.0412 0x151c  iorate - ok
09:46:24.0445 0x151c  [ BC54C689313865E84657FAC9D5A2D255, 65BEDDAF252AC56781E01A36E92329F23D8FA4F2D1CC145A0A89F48D2BD1B350 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:46:24.0557 0x151c  IpFilterDriver - ok
09:46:24.0602 0x151c  [ C669B5F35FC37F7B083A278577D08874, 253E2535D737868F5B797781591966A3BADEF78341C534E337B196C1F22505C1 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:46:24.0658 0x151c  iphlpsvc - ok
09:46:24.0723 0x151c  [ 0ED186CFCA4EA3C21D118A4940D4B0E8, A245EF8A9101241AAE2BAB46F16D664B2624CAF68DAA967491276F59E4B9C34C ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
09:46:24.0739 0x151c  IPMIDRV - ok
09:46:24.0773 0x151c  [ F63572DF4295C78B3F7036AEDA878176, B71EB3CC4EC95BC9A3FA217736C6C36C756935714D7E16E34C05D913B829CB9C ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:46:24.0824 0x151c  IPNAT - ok
09:46:24.0827 0x151c  [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT             C:\Windows\System32\drivers\ipt.sys
09:46:24.0833 0x151c  IPT - ok
09:46:24.0879 0x151c  [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc    C:\Windows\System32\IpxlatCfg.dll
09:46:24.0893 0x151c  IpxlatCfgSvc - ok
09:46:24.0944 0x151c  [ 31500D8C02A45E1C5DE00BDEC46AEAA3, 574968A5B8EED68D0A71466BE2A4AD432871907C2A255EFE156BBDCAD5987E3E ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:46:24.0955 0x151c  isapnp - ok
09:46:24.0993 0x151c  [ 017F91FF78FD18B8866C16B466CF9D9F, 7AB649FBC2DE6368B7BDE5A1751BEC7D47F3CAC97F040A8E09E629A8A02ADE2D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
09:46:25.0006 0x151c  iScsiPrt - ok
09:46:25.0042 0x151c  [ 2DAB988FDD06CACD99B9DB2A05569449, A66C90009C7B20736A8B291889C518CBAF9D0C32A5EC720330EF25F30C056F1B ] ItSas35i        C:\Windows\system32\drivers\ItSas35i.sys
09:46:25.0056 0x151c  ItSas35i - ok
09:46:25.0068 0x151c  [ 02A6967D5AEF2F15AA9C838DBF3E1C04, 7639DCD4328C14F3FB522EC501F4DF374CCBE87699EB4A2B238C9F9C526FDF59 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
09:46:25.0074 0x151c  kbdclass - ok
09:46:25.0088 0x151c  [ DD56D35E1708207B5006B491AFBD47D7, 4DDDE0AF2816A5302511E99FD26F77517EA5C2C6D9BE76D70199A33BF3EE9FE3 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
09:46:25.0131 0x151c  kbdhid - ok
09:46:25.0152 0x151c  [ 6B7422A382C1788AAF7C6CE6D4A4B375, F14AC6EF3695E05CD2D5CD9524AF7D0327E11A8B2BA9315A1EBF53828A608D33 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
09:46:25.0158 0x151c  kdnic - ok
09:46:25.0209 0x151c  [ A6236E9A991C5B4E450AA6F25A460BCC, D70219DBE8CDA2F93972EA4574AA47E57B61480EF31C69510A8FAF681B0BFF46 ] KeyIso          C:\Windows\system32\lsass.exe
09:46:25.0227 0x151c  KeyIso - ok
09:46:25.0339 0x151c  [ AEC6134259978B15DFD8456FD9C4089E, B09A561A574C8BD3C696E5C57366B9E8C470CDBAA87D5D34922BBDCF9BDB4C86 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
09:46:25.0360 0x151c  klbackupdisk - ok
09:46:25.0423 0x151c  [ 9A619E8A9C86969EE88765063D65B44C, F054E6C7161E595A255B57310177C18661DC80D53DD647F1AEE966B6A36E5D2D ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
09:46:25.0440 0x151c  klbackupflt - ok
09:46:25.0500 0x151c  [ BB565A8BAAEC722882D1A231E70AAC1C, B1511A506458C37516F9A973520B195EBFEB06E60C81F053C7E39EE4B678E01B ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
09:46:25.0516 0x151c  kldisk - ok
09:46:25.0543 0x151c  [ 75A99630F6F7C9DF51E6C308EA8BB93D, 3CA715A3706F2D01A7AB1CE36FF0A8056CF9A90F1D5008488530AF89B5DB5E9C ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
09:46:25.0549 0x151c  klelam - ok
09:46:25.0621 0x151c  [ 8FF5EE48D9780FBAED4756BEE7494DA6, B8B9F4499519A3369F1B2C573802E0FC3A974D4664C49CEA839466B5131DD845 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
09:46:25.0636 0x151c  klflt - ok
09:46:25.0692 0x151c  [ F7C8501207C56DF9029414DC1852E729, 8BEBCFA4DCCB448F4C5A8D6D694891DDD3D44608CCC47657AA2EF5502EBADA69 ] klgse           C:\Windows\system32\DRIVERS\klgse.sys
09:46:25.0711 0x151c  klgse - ok
09:46:25.0886 0x151c  [ 338E40151C3E24636D3A2369E2A0CF9F, 42EF560A918CF15896F840ED66C38A3298D2F282081BD915E4570E2D60BB627D ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
09:46:25.0914 0x151c  klhk - ok
09:46:26.0241 0x151c  [ 3996BBF09A39EFCEA8B4C6AF407C30EC, BA90275E1028C2DC6F7C87FC0DF2D9CF4CA6B2C3D274548D3B7789ADC068DE35 ] klids           C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys
09:46:26.0247 0x151c  klids - ok
09:46:26.0340 0x151c  [ C66F6D15D4E06322E2B8F1645E0DA399, D96EC504DC0A6CA049A659F8470E3D8A7F1CD3187477D32C7FB1C55E5FF1B817 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
09:46:26.0358 0x151c  KLIF - ok
09:46:26.0497 0x151c  [ 4B12C66340E1A21FA7B8508ABAF48C20, 59EBBDD4800EB2B2A619678318E95C102784EB14AB85E4A84B6715648395D130 ] klim6           C:\Windows\system32\DRIVERS\klim6.sys
09:46:26.0502 0x151c  klim6 - ok
09:46:26.0518 0x151c  [ 1EBCBFB9F0777565CEF34B01427E63D3, E884C9F094FB5C3E5C7E02478016D3398341743078AF2531BB73E616357D0948 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
09:46:26.0524 0x151c  klkbdflt - ok
09:46:26.0550 0x151c  [ 8425065D9135BD5303E8D0F5C1F0F778, 19C25FE1AE3A1C3EB9ED3CEC0BDF28E7E215272BDA6A8C3DF7AA335C0DED1C0A ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
09:46:26.0567 0x151c  klmouflt - ok
09:46:26.0629 0x151c  [ 8A79E89FE4FE1186F42360868129F57E, 599B98C4BCF10C07CD5A038D27484B0FAD9649DD1A3E720C5DCF7DC310352383 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
09:46:26.0636 0x151c  klpd - ok
09:46:26.0672 0x151c  [ CD6DD95641780DB8D1173ACE4359C8C1, 0A0FDC6E6BDFD58A7606B1FA24A9E2D994320D9D27CB249C28393E4DDC6A6A2E ] klpnpflt        C:\Windows\system32\DRIVERS\klpnpflt.sys
09:46:26.0678 0x151c  klpnpflt - ok
09:46:26.0723 0x151c  [ 0E972768BB14405B1DD09861D709C658, 0CF3EF10691E6272FA69FDE00108A38380842617C7FE59F04079AD76DB348211 ] kltap           C:\Windows\System32\drivers\kltap.sys
09:46:26.0734 0x151c  kltap - ok
09:46:26.0861 0x151c  [ 818E8C6D8588802E3E63CD8CEF03AF3B, E6CD03C1F8AE72B1A138A10F6244F5A2B970178BCD3FB2B127F5103E47673419 ] klupd_klif_arkmon C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
09:46:26.0868 0x151c  klupd_klif_arkmon - ok
09:46:26.0955 0x151c  [ 144D238063D7E5BE75F80D115A421A81, 3A56229436056522792042B2AC74E1B08083AE5445FA5041F5F259559539976D ] klupd_klif_kimul C:\Windows\system32\Drivers\klupd_klif_kimul.sys
09:46:26.0960 0x151c  klupd_klif_kimul - ok
09:46:27.0014 0x151c  [ 71E5DD959D5FEB17161B68BA5E58A569, B08C488ACEF98E5E4424DC6836018E46E3094D2E5EDF96848723A0E405965F30 ] klupd_klif_klark C:\Windows\system32\Drivers\klupd_klif_klark.sys
09:46:27.0022 0x151c  klupd_klif_klark - ok
09:46:27.0067 0x151c  [ 9A88547FC37710AA80B8A16B85FCF108, 65406C2DDAFDDE1A0CD0D8B0E7B0F4327E711792E8D4431D00A033575E40C57C ] klupd_klif_klbg C:\Windows\system32\Drivers\klupd_klif_klbg.sys
09:46:27.0072 0x151c  klupd_klif_klbg - ok
09:46:27.0128 0x151c  [ DB7E385E701EF99961225251B48C5728, 92C0A50F5A00AFBD27BE78EF22B9199C43F8FACB4D116AB3E7F41CE406D94B31 ] klupd_klif_mark C:\Windows\system32\Drivers\klupd_klif_mark.sys
09:46:27.0134 0x151c  klupd_klif_mark - ok
09:46:27.0897 0x151c  [ 3554950D681990DF3C8CF2502CBDB1F7, 4236A5066D71D5A899A76940C9110640949733BBBE7A4684E5971803F7C7DE39 ] klvssbridge64_21.2 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\vssbridge64.exe
09:46:27.0908 0x151c  klvssbridge64_21.2 - ok
09:46:27.0972 0x151c  [ 1EFB0155BD6F46FE55376E8B84DA5761, 08490CB3781CA32575B41590BF1E052D099FA5F393FBF47081395A7731D1FFC7 ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
09:46:27.0984 0x151c  klwfp - ok
09:46:28.0013 0x151c  [ 9A6D8EE189B9E825B6B77169A368E27B, B9F842661169DBD23CDCF32E60D241BDB01DDA16BBA2DBACA740FA35D60BFBC8 ] klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
09:46:28.0025 0x151c  klwtp - ok
09:46:28.0131 0x151c  [ 5276C42B9BDDD6958E9B573E06E87A88, F0DE9F28DA815DB2F5C2E278C1E21739A36244E9AE931D646C8C3EC9BD6090CD ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
09:46:28.0154 0x151c  kneps - ok
09:46:28.0305 0x151c  [ C0F84E8A13B1E065111C755715321298, 9821F71CCB1D8AA9E2A82302BBEAA5074502A5CA556FADDA27B1374AB4A3991B ] KSDE5.1         C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 5.1\ksde.exe
09:46:28.0445 0x151c  KSDE5.1 - ok
09:46:28.0471 0x151c  [ 994ECC77A8CF366B68D004FBCBA4EB8E, 0C9D7E20C191E9A19C69A0F31E4C8ADC55F4C5A3E034AED74CE0A159E5C7AF15 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:46:28.0478 0x151c  KSecDD - ok
09:46:28.0492 0x151c  [ 6A4B72803951FAB725E4B616F4FFC2A3, 49F4033C33E823663E9389BD2C1E5E1F9E5E92A9284953ACE0A7ED0927CF9BA9 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:46:28.0501 0x151c  KSecPkg - ok
09:46:28.0522 0x151c  [ E5304DE29BB9666DF0E57E5BA71C0E10, 491802A11F9E563369DB69E1D838C6F0F54F69F31BDC14018339CEE1B6C9C3CA ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:46:28.0561 0x151c  ksthunk - ok
09:46:28.0608 0x151c  [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:46:28.0625 0x151c  KtmRm - ok
09:46:28.0669 0x151c  [ 93A1623588FB4E1CEE36B86DB28C8566, EB1FD7247E8C17DA0EE0728FDA50AAFF1EA56C150739B59A6E472E3F1DF30B81 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:46:28.0695 0x151c  LanmanServer - ok
09:46:28.0825 0x151c  [ 5ADCB62320EEAAC526F8E464BEAC3D17, 297B48E02834E4460C52CF181DC03D6FC2B9698A2537BFD60DD933F3EEA86C68 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:46:28.0884 0x151c  LanmanWorkstation - ok
09:46:29.0098 0x151c  [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc           C:\Windows\System32\lfsvc.dll
09:46:29.0217 0x151c  lfsvc - ok
09:46:29.0323 0x151c  [ C2442CD79AFB01CF3C50FC3815F06010, 5D2A1F3F4BEE9C69B792C5292121639E8582634EBF1CAF43C0D7E81E597B4385 ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
09:46:29.0518 0x151c  LicenseManager - ok
09:46:29.0708 0x151c  [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio          C:\Windows\system32\drivers\lltdio.sys
09:46:29.0898 0x151c  lltdio - ok
09:46:30.0168 0x151c  [ 1BC0F8B36B0EB96322FF6F4F3BC3B7D2, 72B81ABD2A5503E46B52DE6F2B5DAA2B000751189BD13BB4365FFA4F2750DF04 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:46:30.0265 0x151c  lltdsvc - ok
09:46:30.0296 0x151c  [ 4A501E9429650B678610ABCCAD1D2609, 71F33FD997D36B8CFB7FD36397CB768AEF1B6329B3882D445B72246621F3BD7E ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:46:30.0419 0x151c  lmhosts - ok
09:46:30.0622 0x151c  [ 89EB90814DA5FB6F5299240AD8B9C7A7, 36857AFABD064196B7D2A7CFAE3696D96C1FE13431DB49ACE161E706680231DA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:46:30.0629 0x151c  LSI_SAS - ok
09:46:30.0649 0x151c  [ 2FD85E518EA97BB642B018EEB453401A, 7EA218BB57843B80AB5A987BA915829B8262629F72EEC84238634A016D05504E ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
09:46:30.0656 0x151c  LSI_SAS2i - ok
09:46:30.0680 0x151c  [ 8B7995D9E487C8F90BEA8F1EF6331C10, 2EE68AFEB6D5EC98A996C1722057275C1648411898359248D390B6AA9F697AB5 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
09:46:30.0687 0x151c  LSI_SAS3i - ok
09:46:30.0704 0x151c  [ ED902EBC8DEEF6E5FC00D0816DDFFB42, FFDDB7BA54C999D5689152E4EDACC838A769B6C479F0A0FCF294C8632F4E4C1F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
09:46:30.0711 0x151c  LSI_SSS - ok
09:46:31.0007 0x151c  [ BE244459BAC02DABA7F7CDAE0707FF7A, 36AA26FF3AD4B72475092CB2B7EF1232FFD5FE93FBE604D0E2FAC3D40221DBEC ] LSM             C:\Windows\System32\lsm.dll
09:46:31.0061 0x151c  LSM - ok
09:46:31.0093 0x151c  [ 5713ADC1FB288A983C4B1CE5037FE238, F91B50D66EB06B7E7CDA69EBC618EB5E371FB7194945AE1235754C552FA963BE ] luafv           C:\Windows\system32\drivers\luafv.sys
09:46:31.0117 0x151c  luafv - ok
09:46:31.0190 0x151c  [ 6F98C1637140758941D6E0911D020976, C416BCB7FCEDF8E1A1F5533A4B6E1CDF690AF95318820F96EFDA5A13C589C331 ] LxpSvc          C:\Windows\System32\LanguageOverlayServer.dll
09:46:31.0253 0x151c  LxpSvc - ok
09:46:31.0404 0x151c  [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker      C:\Windows\System32\moshost.dll
09:46:31.0427 0x151c  MapsBroker - ok
09:46:31.0466 0x151c  [ 6C965A0AC264AF1A8E0A69882A7EAFDC, DA40E73A7F584D944F58C7F489B701315B8D30A29E5A6C840C9D291302271834 ] mausbhost       C:\Windows\System32\drivers\mausbhost.sys
09:46:31.0480 0x151c  mausbhost - ok
09:46:31.0506 0x151c  [ 6C6C1EFC46A62091224333E1E9304FBC, AEADB11E2BE2EEB4BB5E4E13ADDA4633475022312AEE777CFE7FEB27C490B54C ] mausbip         C:\Windows\System32\drivers\mausbip.sys
09:46:31.0564 0x151c  mausbip - ok
09:46:31.0753 0x151c  [ BF46AFE0CC03D9A5883E74438170B841, 43309A4DBCF15F09AB3066E96C498785C4F41DBCA8467B0385FCA467AE370980 ] MbamElam        C:\Windows\system32\DRIVERS\MbamElam.sys
09:46:31.0758 0x151c  MbamElam - ok
09:46:33.0207 0x151c  [ 9A463A0386D75F5EE3D496966FA5E466, 340E72FF6E0AD4D48749EED73452EBB5A6B7679BFB98FBBEDF8C4C6A2B3D118C ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
09:46:33.0294 0x151c  MBAMService - ok
09:46:33.0482 0x151c  [ 78E352A45506B8AA6C1A343F1BCFA13F, 7579489DB1BDCC4A4BE0CEDBC76ACE58E0CB9185F8D8508DF1B7AB9E2C3E8CC6 ] MbbCx           C:\Windows\system32\drivers\MbbCx.sys
09:46:33.0515 0x151c  MbbCx - ok
09:46:33.0576 0x151c  [ CE4B01081B8FD211A7A34219D5E8154A, 9041FDEB932F2CBBCE4A017256C81B3733604403AA343D4532910436E8288CA9 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:46:33.0583 0x151c  megasas - ok
09:46:33.0601 0x151c  [ F3C6B901E3FF70F27A17CFDDD7BA85AA, 6D67F52F0B63724126DD7B75B3489D14A6CBC3BD1E0D19188026DA21E85A620A ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
09:46:33.0615 0x151c  megasas2i - ok
09:46:33.0633 0x151c  [ EB84966D14F9342C8AD3D78BA9AA8754, 83C982FC61094A9E9F3E3CB5174B7409698C12FE3B6BF9B2F4C9365E56C642B2 ] megasas35i      C:\Windows\system32\drivers\megasas35i.sys
09:46:33.0640 0x151c  megasas35i - ok
09:46:33.0715 0x151c  [ A4DC7070D92AD82A7BDF2F69C155AF69, 8A902DDB6016E4D5C28808FBA5741751D94FFBD4B55724D47BBA0A8C29900E53 ] megasr          C:\Windows\system32\drivers\megasr.sys
09:46:33.0740 0x151c  megasr - ok
09:46:33.0867 0x151c  [ 39FF928D8EC49A318B40761DD7C1CDF3, 9E18ED94739AE711585E397A8EA2F7E1B05E00BD23F57FBB7606C4498192C5E0 ] MEmuDrv         C:\Windows\system32\DRIVERS\MEmuDrv.sys
09:46:33.0884 0x151c  MEmuDrv - ok
09:46:33.0886 0x151c  MEmuSVC - ok
09:46:34.0005 0x151c  [ 2F8B410ED73F57AAD8B85159124A57D3, FCD2F46C9DF66EAD8AE719854653AAF3C3185DDF4F12CDB52CF5B98725B03D56 ] MessagingService C:\Windows\System32\MessagingService.dll
09:46:34.0061 0x151c  MessagingService - ok
09:46:34.0159 0x151c  [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
09:46:34.0189 0x151c  Microsoft_Bluetooth_AvrcpTransport - ok
09:46:34.0234 0x151c  [ AE769055D99C13B85EC84D04A945E804, 9138C8B2CDEE3584F344F46A2E2F06B5C159887C8B147A33E7603877C992DFEC ] MixedRealityOpenXRSvc C:\Windows\System32\MixedRealityRuntime.dll
09:46:34.0244 0x151c  MixedRealityOpenXRSvc - ok
09:46:34.0508 0x151c  [ 517DC2DF12A391699F8432AF89947F2B, 2C6B268486AD0F3BFB82DE0F61D076DF7C334C1C94A0316084713EBDB0C9C518 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
09:46:34.0565 0x151c  mlx4_bus - ok
09:46:34.0602 0x151c  [ 606DC152CEE802A425E26D77661F38A6, 11CA6C6CCAAECFC5E89473B52E0EDF66D290C15E0F13E703895D07E3F0C7B82D ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
09:46:34.0610 0x151c  MMCSS - ok
09:46:34.0645 0x151c  [ 1BF8F673F7123FBE536D25C22B464F42, 0195CE67E94BEEE33D474C6189AAD746D2B310B714A67639D1D54D0E79B1A44F ] Modem           C:\Windows\system32\drivers\modem.sys
09:46:34.0690 0x151c  Modem - ok
09:46:34.0774 0x151c  [ EFD41C0B7945B7767F1C8939DA26BDEB, 16C4511901A5DE0B9DF8A8A3CBF1D230E452A4784063AC0DD680C3E246B4039A ] monitor         C:\Windows\System32\drivers\monitor.sys
09:46:34.0817 0x151c  monitor - ok
09:46:34.0825 0x151c  [ 4352C109DD892A5A5413897A74103024, DB5D99DBFF8C84A7D87109DFB71396DF8E0F0754FC0D263E45116915A39735CE ] mouclass        C:\Windows\System32\drivers\mouclass.sys
09:46:34.0831 0x151c  mouclass - ok
09:46:34.0897 0x151c  [ 66E41E31DEBD4E1A2762945B4F15C780, 3A05D657E03B6CD9D62023061F9C652357F16DA2F2337FB6C617AEEFFAD794B4 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
09:46:34.0916 0x151c  mouhid - ok
09:46:34.0956 0x151c  [ 180D9E273A958B6D2B55410DB2C431C4, EE3598DECA591E8735DE0F449F292E9DDDBCE28A8A7B814E78DFD90AC867B7F2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:46:34.0965 0x151c  mountmgr - ok
09:46:35.0044 0x151c  [ 63766B0A4D692E441BA44AA7F5080059, 9D852BADCDD2270E3F632E4CDF68267A26ADE7DDFFC492D3C9BD42FF9074939F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:46:35.0120 0x151c  MozillaMaintenance - ok
09:46:35.0174 0x151c  [ 19623B4213820840730EF00BA52201B6, E9AF731D982F2E6D6DEF9239E4912881043804E6C557C6DBA9B16AD6AE0473F7 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:46:35.0271 0x151c  mpsdrv - ok
09:46:35.0334 0x151c  [ 0D4E6EA9761C8AAAEF31F6B25D642BC0, 210FC6A6746F1F39B0E2308B8CE3D0B58E028F2AC39D72AB6170D3DF28E72A4A ] mpssvc          C:\Windows\system32\mpssvc.dll
09:46:35.0369 0x151c  mpssvc - ok
09:46:35.0408 0x151c  [ 5AE0BB0321E93008E78B1394E0A5A660, 8E691EF94A164F47EC745E41DC8089F32C6045A0749398F843E1AF726DD0EF28 ] MQAC            C:\Windows\system32\drivers\mqac.sys
09:46:35.0506 0x151c  MQAC - ok
09:46:35.0577 0x151c  [ 186251D6489F7470616862DD15644177, CC06B99F3F67A90E0B5FC3B2FD7A0DBB23B0D766DDCC94FF6C72B1C2C6C913DF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:46:35.0821 0x151c  MRxDAV - ok
09:46:35.0864 0x151c  [ 45B58848D69B7FE5F1F220A4FB6746B5, 531888FA2A9D4F5578916CDF785B284B27689BE10986D40809CF06197AE1C8C4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:46:35.0879 0x151c  mrxsmb - ok
09:46:35.0909 0x151c  [ 0699473AA979E95C61A76F20EC7CFF2D, 856D97F663EF3BE8574792C708E2B2F6A7BF9AD996B65BBB89DFF3359E768851 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:46:35.0917 0x151c  mrxsmb20 - ok
09:46:35.0990 0x151c  [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge        C:\Windows\system32\drivers\bridge.sys
09:46:36.0045 0x151c  MsBridge - ok
09:46:36.0122 0x151c  [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC           C:\Windows\System32\msdtc.exe
09:46:36.0146 0x151c  MSDTC - ok
09:46:36.0210 0x151c  [ 4D8C5C0B06D8F4B28AAD865ACA6C5494, 8AC1A5358691DA4FBEC7BAA3711321EAD20439029031696F12BB287771E82893 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:46:36.0216 0x151c  Msfs - ok
09:46:36.0219 0x151c  [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
09:46:36.0226 0x151c  msgpiowin32 - ok
09:46:36.0261 0x151c  [ 78689B7121F3DA06A879FBBD039B29AA, C656B13E0329B86663C2382943B1DD6F6E5080FAC71E3FEFA056D261F30E273E ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:46:36.0269 0x151c  mshidkmdf - ok
09:46:36.0272 0x151c  [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
09:46:36.0301 0x151c  mshidumdf - ok
09:46:36.0317 0x151c  [ AA319FAE5B8B9637E9F0D243A92D856B, 83AEF35DC458621A5FD84311EC2FB6A7319EE274ADB0A96521A2F527D44D8262 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:46:36.0323 0x151c  msisadrv - ok
09:46:36.0365 0x151c  [ 7643DE5E3FD4BE1917B8D830E67E79E5, 7202B00E92DCA1232E93D04E1FA695281132E4EFEE325EEFF34B872B000922F7 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:46:36.0762 0x151c  MSiSCSI - ok
09:46:36.0764 0x151c  msiserver - ok
09:46:36.0781 0x151c  [ AC81B26C0CA3869412FF0DAE12F49C0A, F279D54F13B525D3F377D254BF1B5DCB78EDE25D99590F508B5FBE6004F028E3 ] MSKSSRV         C:\Windows\System32\drivers\MSKSSRV.sys
09:46:36.0790 0x151c  MSKSSRV - ok
09:46:36.0814 0x151c  [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
09:46:36.0840 0x151c  MsLldp - ok
09:46:36.0874 0x151c  [ AEC7A2ADEEA66EF5F748E71C47BB98EE, 31C40262695497117CBA5693A0EF1C4FCD84B27563592271B60F28F4AF6888C2 ] MSMQ            C:\Windows\system32\mqsvc.exe
09:46:36.0916 0x151c  MSMQ - ok
09:46:36.0960 0x151c  [ 4B5CD00DEAB6BC5FE650D5E90BA5719A, 6E5DAA5D9826A3165514CE2AC4AEC23033D7BA993F06D2BDFFC68052CA71C4A0 ] MSPCLOCK        C:\Windows\System32\drivers\MSPCLOCK.sys
09:46:36.0998 0x151c  MSPCLOCK - ok
09:46:37.0001 0x151c  [ 3FC09B334BB53D2EB289887CFBD79D0B, AD55F307A8146BC2ACB1B2437C19B405F7BC3F5E4A81DB685B0C046FEC4C30BC ] MSPQM           C:\Windows\System32\drivers\MSPQM.sys
09:46:37.0024 0x151c  MSPQM - ok
09:46:37.0045 0x151c  [ 3556214D24BA979DADB2FCD01C72B95E, A4BBC06BF5169AF921A9A922F2F5A8DFD7A4665945E3AEF2EB4EF15B73C9BED4 ] MsQuic          C:\Windows\system32\drivers\msquic.sys
09:46:37.0469 0x151c  MsQuic - ok
09:46:37.0570 0x151c  [ AF2D8D4CF8B5ED63521E701FF1E7ACF2, D6A1443227D067B8EECAA78FB4D941A18137110F04B7048AD06D5561E47F0FA0 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:46:37.0619 0x151c  MsRPC - ok
09:46:37.0701 0x151c  [ 5C2788BD8C1A2D5AE653EA438B6CB427, 4EA03A2136FB759151622A5856FAC8DE1271E6D25E4CF96D0A89F6BB0FA885FD ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
09:46:37.0843 0x151c  MsSecFlt - ok
09:46:37.0912 0x151c  [ DB89919F84809686BD4F8C24EB6CB3FA, 360A199A6D4690FE248C6EAA4E84673F299FA4CA6C21E940F4DF1B28216BA23C ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
09:46:37.0992 0x151c  mssmbios - ok
09:46:38.0073 0x151c  [ 244C73253E165582DDC43AF4467D23DF, 808FF81F0030CC7390B4790F91CE1763EAC02CCECA6014A2D9D990A40DBD0580 ] MSTEE           C:\Windows\System32\drivers\MSTEE.sys
09:46:38.0132 0x151c  MSTEE - ok
09:46:38.0187 0x151c  [ 8EE2EEE12398FEA5BC8E37AAAFE59852, E37965B9EFD9ADA6A81585DD792A20CD03BFC28512E92FC63CD2CBAE9A41AD1A ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
09:46:38.0284 0x151c  MTConfig - ok
09:46:38.0331 0x151c  [ E30A8073EDCFB9788CF479B4F5D66C03, 1FDB9297989D86A9E650ECA4F0E22DA53664FD2ACE34B4FDC78DE4BA6E3F316A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:46:38.0386 0x151c  Mup - ok
09:46:38.0462 0x151c  [ 82B656712713424A707F1E127C68E02F, 69FBB0692C37DA498014CC6CDC609E612A3207A17B280EDE5C02248571F91F11 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
09:46:38.0525 0x151c  mvumis - ok
09:46:38.0653 0x151c  [ 5F4FB4BE3C9865078AB241B95194709E, F9E107AB08BC5A7864121C45F374E174431901B93B1419A52F9CF00DADA63D2A ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:46:38.0807 0x151c  NativeWifiP - ok
09:46:38.0889 0x151c  [ 32E78AC5EF776E85AAB22943F2D7F12C, 4E8D65C0A56AD40300BAEAEC5DB7F2244511B84BE1FD4C85DD3A9511D832ECE1 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
09:46:39.0020 0x151c  NaturalAuthentication - ok
09:46:39.0073 0x151c  [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc          C:\Windows\System32\ncasvc.dll
09:46:39.0259 0x151c  NcaSvc - ok
09:46:39.0284 0x151c  [ DC740DB836CFBFD26CE55A26E75CB4E2, 22C428721738803A32AD7FE86DC5E4A4902C45CA17084F6DF3F62FB50CF137AA ] NcbService      C:\Windows\System32\ncbservice.dll
09:46:39.0418 0x151c  NcbService - ok
09:46:39.0502 0x151c  [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
09:46:39.0654 0x151c  NcdAutoSetup - ok
09:46:39.0715 0x151c  [ D62777BD13AC73F8FB20039B701D5292, E3708D62DEA31BA03D7CE7EEF6A270DA2B3556559140B556F5AB4EA289F921E2 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
09:46:39.0758 0x151c  ndfltr - ok
09:46:39.0886 0x151c  [ C312D864AA56D052D24A6970DCA1E6A1, F298197ED1FABDBFD07E6E252249F70F3594980965182D7E068E19D70AA17A2F ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:46:40.0112 0x151c  NDIS - ok
09:46:40.0204 0x151c  [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
09:46:40.0333 0x151c  NdisCap - ok
09:46:40.0399 0x151c  [ B1D4D003790DFC0AAA44BAD38717F980, 12921F923D6B72F29C24E8044F83F2C24333D015FB5B8EF0C534A54DCBB9A697 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
09:46:40.0603 0x151c  NdisImPlatform - ok
09:46:40.0650 0x151c  [ A2BFBB204B51D25A3D04D4BA6A2182F2, F5163C3C60379C9D11DF5DAA5767135ECC741687B2474D69C52FFFB3B0829491 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:46:40.0785 0x151c  NdisTapi - ok
09:46:40.0869 0x151c  [ 09BD40437780ED584D06519373ACEDC7, 3D7685D3960382FB102E225634D54A2370DA53DEB89CAE4765AD00C9AFE030B7 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
09:46:40.0981 0x151c  Ndisuio - ok
09:46:41.0134 0x151c  [ 31AE9050FF9D6CBE1BC2A7EA5F98D6A3, 2960AF22637EDA95DF6ED154278B23AC157AF2DE6F342DA7D8083E4F7F70730F ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
09:46:41.0664 0x151c  NdisVirtualBus - ok
09:46:41.0721 0x151c  [ 38D8A3C5180CC469A69ED0CA8E78DB13, AF065C518D63C9C32572A076D45E9A754764D719FA4D12F430FB3783257E8DC8 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
09:46:42.0054 0x151c  NdisWan - ok
09:46:42.0133 0x151c  [ 38D8A3C5180CC469A69ED0CA8E78DB13, AF065C518D63C9C32572A076D45E9A754764D719FA4D12F430FB3783257E8DC8 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
09:46:42.0246 0x151c  ndiswanlegacy - ok
09:46:42.0296 0x151c  [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing         C:\Windows\system32\drivers\NDKPing.sys
09:46:42.0546 0x151c  NDKPing - ok
09:46:42.0630 0x151c  [ 125C0590A156A02E62E202F88DC89474, C3902B851F96A0CBC2926A0E5DB0DED80C30D92BDEE07CA7E64A95E5EF69C86C ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
09:46:42.0840 0x151c  ndproxy - ok
09:46:42.0894 0x151c  [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu             C:\Windows\system32\drivers\Ndu.sys
09:46:43.0019 0x151c  Ndu - ok
09:46:43.0096 0x151c  [ BB02F33AB9F357A6CD5B6747C3CE7B65, FA13E546D17171133375855A61491FC671E18DC624B67FD4ED1D6DC44C38B037 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
09:46:43.0220 0x151c  NetAdapterCx - ok
09:46:43.0306 0x151c  [ 4687FAC962855BDB1896C02334E95D54, E7F7F30D9513FDD2236FCFD5549DCD93101562BA1117213EA4DF32B70BB48A73 ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
09:46:43.0329 0x151c  NetBIOS - ok
09:46:43.0408 0x151c  [ F40D4DAFAC8D949AE1738D536D74DD1C, 20048980D8B49D151DD7C5C4122CB52771C26DAB07E5098EB11668BEA87AF0EA ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:46:43.0429 0x151c  NetBT - ok
09:46:43.0448 0x151c  [ A6236E9A991C5B4E450AA6F25A460BCC, D70219DBE8CDA2F93972EA4574AA47E57B61480EF31C69510A8FAF681B0BFF46 ] Netlogon        C:\Windows\system32\lsass.exe
09:46:43.0489 0x151c  Netlogon - ok
09:46:43.0573 0x151c  [ 699B9B10FE9F3831744B1CED9D604C91, 8BBEAFE08220505E707B3FE52E5E154EA91BCAA59E323B31DD3CCA6F267CE193 ] Netman          C:\Windows\System32\netman.dll
09:46:43.0838 0x151c  Netman - ok
09:46:44.0833 0x151c  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:46:44.0881 0x151c  NetMsmqActivator - ok
09:46:44.0886 0x151c  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:46:44.0891 0x151c  NetPipeActivator - ok
09:46:44.0933 0x151c  [ 88582E1E3C4FE28F95490D6A979F6397, 395AB50F2456FD2AB1E63F6FE3C231986EAAB06802310B45AFB8669B752B30B3 ] netprofm        C:\Windows\System32\netprofmsvc.dll
09:46:44.0992 0x151c  netprofm - ok
09:46:44.0996 0x151c  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:46:45.0003 0x151c  NetTcpActivator - ok
09:46:45.0006 0x151c  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:46:45.0012 0x151c  NetTcpPortSharing - ok
09:46:45.0028 0x151c  [ F01FDF680565C648F164CBD2F67A4A8C, 1197B8296BDA737C9B05EAEC4FE11A752BFA49E1D876A3E445BFF122DB32ABD7 ] netvsc          C:\Windows\System32\drivers\netvsc.sys
09:46:45.0037 0x151c  netvsc - ok
09:46:45.0088 0x151c  [ B45F5E20DD52EA9297D358D5CACB1BB6, 1994B5EBAE6A3753636D449072DCA8A417A37AB6AB481AFA19BBE432A86180A5 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
09:46:45.0125 0x151c  NgcCtnrSvc - ok
09:46:45.0179 0x151c  [ CA871583FBFBAD5033901E5F8577DAC4, C571563F1FF022C72CC0654DD7BA87F7EE20E21D8CAD6913EBE1FDC79E7BCD07 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
09:46:45.0208 0x151c  NgcSvc - ok
09:46:45.0284 0x151c  [ 30C5C9D5ED890C8595F8BC297E5963DC, BCB917B10950A4455B74DD30E098FDF5B86D50C8E842BE56D4FED8FACDD27983 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:46:45.0375 0x151c  NlaSvc - ok
09:46:45.0617 0x151c  [ C363D8176886C4EF30A7D24CFF7B7F09, E1956332E86BD9FE468D35960C4C4EF258864F9D5F968BD7E804F8218379C8FC ] NovaPdf10Server C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
09:46:45.0651 0x151c  NovaPdf10Server - ok
09:46:45.0684 0x151c  [ 6E9CB02C4FB90AC76B11D01D5D5EB934, C3168A7240D56300CC8C4C72508A8249D36AAB630429A0B26D742192FB6F0D35 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:46:45.0712 0x151c  Npfs - ok
09:46:45.0755 0x151c  [ B2B57F620C085F2EA764BDF79AF7BE30, CA3657D9365D34FFECF6B5DE8E5905A2491756B1CC227D9AB8762B09111E9860 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
09:46:45.0845 0x151c  npsvctrig - ok
09:46:45.0959 0x151c  [ 59C6B018A535720299D53870A20935A0, CCCE624CA4944ACC72E2E20A14D85CA7A848965C1505E9F0ACD73DD38DEDFA1E ] nsi             C:\Windows\system32\nsisvc.dll
09:46:45.0990 0x151c  nsi - ok
09:46:46.0006 0x151c  [ 60E8FEF0AFB093E017EF69F0464561D0, 89A60691BB31A90EF1DDD93539CEEC685F67412DC926F81898AD7F37EE2CF88C ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:46:46.0036 0x151c  nsiproxy - ok
09:46:46.0094 0x151c  [ 0794F8E5FF6872789334E599985DAA52, 950AE59301163B6D15A0A93F883EE9FD5108D9931659A890CD18C5FCB3288B14 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:46:46.0219 0x151c  Ntfs - ok
09:46:46.0243 0x151c  [ 2CB7C3B739D8D34B9249F7DC6C8B5C1A, 318DD3D989EBED3F29A4C3F6FA819F060BE9C14C549B7DAD8ECA2B73C7932722 ] Null            C:\Windows\system32\drivers\Null.sys
09:46:46.0273 0x151c  Null - ok
09:46:46.0318 0x151c  [ BEB8637D4B098B286B8B4F46E88A57AD, C0515F0F429A3B60AEC5F9F2AEDCF387CF941D306A21C9BCB56571C83560C6C1 ] nvdimm          C:\Windows\system32\drivers\nvdimm.sys
09:46:46.0375 0x151c  nvdimm - ok
09:46:46.0424 0x151c  [ 32BA1A767CA6DB2CCE9A743F1334B72C, 8588DAFE4105DEE75A6FFE553E4ABF055D7232DF37842158C13E542243D4F9B2 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
09:46:46.0722 0x151c  NVHDA - ok
09:46:46.0950 0x151c  nvlddmkm - ok
09:46:46.0968 0x151c  [ 5281A4F23E594AE6EDE1E38B1F8518E0, 628927EB91C6A323CA67B97EF743775B68D30599A0F0593BC3B5C0BA6C5AB82C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:46:46.0988 0x151c  nvraid - ok
09:46:47.0031 0x151c  [ A11D15751217EEB734033BB5A929B1CD, F07CD88B7939C53DF83E93D40FB5AB115946393AFBE8DBA75FEE7247BF3063A9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:46:47.0054 0x151c  nvstor - ok
09:46:47.0162 0x151c  [ 4D952813F897436F446C7D2132C837B7, 532F364E5ED1DB9D73FB2662C87E0A709915914B99F822DB0368AB55F5D96A9F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
09:46:47.0804 0x151c  OneSyncSvc - ok
09:46:48.0009 0x151c  [ 758A4D17948667B7969565C8F53B51E8, EF0349C8B5B8EAC890B5D11C93E08C6B79017D3464C3DA93D202E251090F9971 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:46:48.0049 0x151c  p2pimsvc - ok
09:46:48.0177 0x151c  [ DA97CD5815EC123BC88382C08D465B9E, 46F5EA2E3D590FB10E14BC811612B6EF87C805B359A652D2C6BFE4840D5D6AA2 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:46:48.0205 0x151c  p2psvc - ok
09:46:48.0260 0x151c  [ 138FDB1EBCB61287A645BD3B06DBED5E, 1E59DE429B54E910688BF917F2AD97E66241EE3FB924C24E3627E9603E8A9C5D ] Parport         C:\Windows\System32\drivers\parport.sys
09:46:48.0419 0x151c  Parport - ok
09:46:48.0495 0x151c  [ 70DA84CCFC5302571EBC4C59DEADEA98, B0E50CA471F424E7EE3D035C535AAB9029D423CF375756D9EF747AE1FAE99F5F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:46:48.0527 0x151c  partmgr - ok
09:46:48.0630 0x151c  [ E0C6D51F92A7C55C0B91E26EA892152E, AAB65583C886EAAC294D3B2F6B2CCC05593C7A1CB6CB565C5344375A8A9B493B ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:46:48.0708 0x151c  PcaSvc - ok
09:46:48.0739 0x151c  [ 654CD4DA72F6188A5998131A85FB0D76, 403EEC93BEF9AF790099D7287B4841072F6B70B15297ECBBD9BB2CFF7506A3D0 ] pci             C:\Windows\system32\drivers\pci.sys
09:46:48.0751 0x151c  pci - ok
09:46:48.0769 0x151c  [ 4B1DFFCE9833C8DC25657BE0EC2DE3BD, DB140E5A7A6C7DE25A56138ABE9759AA637F745A52FBD3D4E7B9327F3C6DA66D ] pciide          C:\Windows\system32\drivers\pciide.sys
09:46:48.0792 0x151c  pciide - ok
09:46:48.0823 0x151c  [ 0543F01C97CE2D3ABB4F8CEA56B99721, CD84890DEB63C782A51A7F4D962B88CAC9AA226C3C7DDC2D2B0A56E81B00B07C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:46:48.0862 0x151c  pcmcia - ok
09:46:48.0888 0x151c  [ FE3E9C016B908745987C45D40A31F4ED, 94CF7ECBE1F62A1952FF8E3FF8799ADCAA1AA3211B18395875A75EFCEA786DBC ] pcw             C:\Windows\system32\drivers\pcw.sys
09:46:48.0937 0x151c  pcw - ok
09:46:49.0003 0x151c  [ 36105B31C484736DA8205CDCC6020572, 0520DD7B8F1895494194CF1E82BBDF780C228BE4ED9943D8DF3E6708ACA440CE ] pdc             C:\Windows\system32\drivers\pdc.sys
09:46:49.0033 0x151c  pdc - ok
09:46:49.0099 0x151c  [ 13020AE75353E1A3CFE38BA156D045AA, 68F2D4AB365393DF0A817CA667DB46FCD31D1FC1154DE0D8BDD387F99F91F435 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:46:49.0198 0x151c  PEAUTH - ok
09:46:49.0317 0x151c  [ 7637AA24341F76378F678A3511C3CC6D, 74EB2CC6566CA44E0BFF2FB1BCEC989332D9DAFCF480225B79A6E0D7EF0DE0B4 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:46:49.0478 0x151c  PeerDistSvc - ok
09:46:49.0582 0x151c  [ FC843422E589B5B2400FE528BCF96DD3, 2FBD09D8C423876B4C47211FD878514DB630DD38A0EE7292B608051CA2CAF137 ] perceptionsimulation C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe
09:46:49.0632 0x151c  perceptionsimulation - ok
09:46:49.0654 0x151c  [ 2E2E8BA514A93C297F124BAB53F4E921, D6B8116E5C920032A5926D5D047BFD72B05ACBB08E26F177A0B0E6B4EC735FA1 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
09:46:49.0683 0x151c  percsas2i - ok
09:46:49.0717 0x151c  [ 1C6720616FF300235509D5EFBB2CAE20, 92017ECB36EAA35AC454E890734915A658EB898C95970531D43C19461BE6562B ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
09:46:49.0731 0x151c  percsas3i - ok
09:46:52.0396 0x151c  [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:46:52.0787 0x151c  PerfHost - ok
09:46:52.0919 0x151c  [ 33FCE7B8E1DEA9912839211311243826, 9715607854EE95DFC0DF134C0B04FE5CA5B885B1914BD5F442B589626661D8F3 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
09:46:52.0984 0x151c  PhoneSvc - ok
09:46:53.0021 0x151c  [ 3DDE1389F1442AFCAD0C8D05A336E903, 012FDDE31DBBDD6FA2BA5BD90718A38A74AFFCE3360D9D112837490117F06639 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
09:46:53.0034 0x151c  PimIndexMaintenanceSvc - ok
09:46:53.0125 0x151c  [ 51590D5C3EC9E9625E45049F25034313, 3235C6A531EAB8605A71C117EB38F86015B19BFC024B2116649472FC2A640D65 ] PktMon          C:\Windows\system32\drivers\PktMon.sys
09:46:53.0134 0x151c  PktMon - ok
09:46:53.0173 0x151c  [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla             C:\Windows\system32\pla.dll
09:46:53.0415 0x151c  pla - ok
09:46:53.0444 0x151c  [ 88518DAB0F204861A00EEB60A2F67055, DA34F158E527D1F6276F8FEF7D151C929199D76279B326D2721C492EB637F7ED ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:46:53.0454 0x151c  PlugPlay - ok

Arcanine · 9 Febrero, 2021 03:02

TDS Killer (parte3)

09:46:53.0490 0x151c  [ 8D8575D069381877BAED88D2FC98EC11, 0C0C05CD071BADD691C99CB08EF6CEEB1DF9B0F011F4499C22BBE4636E7521A3 ] pmem            C:\Windows\system32\drivers\pmem.sys
09:46:53.0520 0x151c  pmem - ok
09:46:53.0523 0x151c  [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM          C:\Windows\System32\drivers\pnpmem.sys
09:46:53.0583 0x151c  PNPMEM - ok
09:46:53.0649 0x151c  [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:46:53.0674 0x151c  PNRPAutoReg - ok
09:46:53.0784 0x151c  [ 758A4D17948667B7969565C8F53B51E8, EF0349C8B5B8EAC890B5D11C93E08C6B79017D3464C3DA93D202E251090F9971 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:46:53.0809 0x151c  PNRPsvc - ok
09:46:53.0947 0x151c  [ D3A3E00336BBFF8408D33ACB4F2A6FAF, 4CBDCDB3A67E6B546298244373D4664B0824DF3E1196FB9DB5C521F4865FEB71 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:46:54.0023 0x151c  PolicyAgent - ok
09:46:54.0063 0x151c  [ 562B9409AA8777204E78C629647344EC, 65C33D25E0C00731D7DEF3F127523AA5178133481915287F3267A52C74577572 ] portcfg         C:\Windows\System32\drivers\portcfg.sys
09:46:54.0113 0x151c  portcfg - ok
09:46:54.0142 0x151c  [ 8A2AFF98B3647DCF4F228870F8E0D766, 3BBA7D8716D9F09EAD591472266150D56BB17C82ACF2D06DEFA3942B7A24D9B9 ] Power           C:\Windows\system32\umpo.dll
09:46:54.0175 0x151c  Power - ok
09:46:54.0251 0x151c  [ 65B01153E034F71D84CAACD2842F1FFE, 71BD298DEB3E176E144372B6D387310CBE1C26CDF6432701EF51FD9C19C1DE3D ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
09:46:54.0360 0x151c  PptpMiniport - ok
09:46:54.0609 0x151c  [ 7630EE22552ADFA92B2BB53B4818C04C, 886437A58B039D5E88882C6498F08B2C60726422F8163A4E66A5933D5F4DC8E3 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
09:46:54.0759 0x151c  PrintNotify - ok
09:46:54.0793 0x151c  [ B1F462C619CF0CCFB86537B3813BBD60, 56E40C7008271A28E518CF4273930E8C7ABCE4E7AA536617BD778F292D68411F ] PrintWorkflowUserSvc C:\Windows\System32\PrintWorkflowService.dll
09:46:54.0811 0x151c  PrintWorkflowUserSvc - ok
09:46:54.0845 0x151c  [ DB9D5BB0768720D3BDB58408D7553EE2, 7D17BB869F113A2CD1F1C0B95B569BA4F503E2EF074382B6D7A1830390630497 ] Processor       C:\Windows\System32\drivers\processr.sys
09:46:54.0855 0x151c  Processor - ok
09:46:54.0877 0x151c  [ 3D97F085F67C8117B7C11B5919D0EDD5, 0D67E5F7F950381F7A593D06FEB8B0E200CBCFA60CB5A9101621615B797C0848 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:46:54.0936 0x151c  ProfSvc - ok
09:46:54.0944 0x151c  [ 71CBE5410A589E4CBEF156ED1BADFC99, 0B79FB6967AB1DCA8698AE5264B9E4F509FA6C22CDE4D1FDC0211539137AC583 ] Psched          C:\Windows\system32\drivers\pacer.sys
09:46:54.0951 0x151c  Psched - ok
09:46:54.0964 0x151c  [ 7766842D7C5FE09B109AE1C8A5FF6F2D, BC7FF1537F3EB4377F5D9BD629299773A671FCDC722817565B7ED38548C3CA21 ] PushToInstall   C:\Windows\system32\PushToInstall.dll
09:46:55.0003 0x151c  PushToInstall - ok
09:46:55.0037 0x151c  [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE           C:\Windows\system32\qwave.dll
09:46:55.0058 0x151c  QWAVE - ok
09:46:55.0084 0x151c  [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:46:55.0163 0x151c  QWAVEdrv - ok
09:46:55.0204 0x151c  [ 9D377A5872A0A7A33E258FFCBDB3F25F, D461798C6348C5D96EA002E4A1AC588B87A1A9B01AD84AB1FA6D9C6393616892 ] Ramdisk         C:\Windows\system32\DRIVERS\ramdisk.sys
09:46:55.0239 0x151c  Ramdisk - ok
09:46:55.0240 0x151c  RAMDiskVE - ok
09:46:55.0290 0x151c  [ 9E249094756C5EB2ADB59C3F0F4E0D9E, 3DD929CDFCBC7258AD84C873DA3FBD0E82D412BAC0361F5DCB32BB65588EC893 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:46:55.0336 0x151c  RasAcd - ok
09:46:55.0369 0x151c  [ 6ED136AF3934F84289A99CC0A0CB1158, 96B14D141A76CA53A37D589355DACD3B31F26EAD30161409F5FCEBA1C1F4BC7B ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
09:46:55.0409 0x151c  RasAgileVpn - ok
09:46:55.0495 0x151c  [ CDEE1DAD843C354A0515D71C89D2741F, BF04BD9885CE53355343F7C8CE3092A7AE432BB8CBAC2C3223BA9E2A39BC00FB ] RasAuto         C:\Windows\System32\rasauto.dll
09:46:55.0532 0x151c  RasAuto - ok
09:46:55.0569 0x151c  [ 465A53951DD456C86698EEE0191C111B, 8EDDA140852431ED315E23605DBD4331DB721DE01B7B86DCBC5B9934173EDE8C ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
09:46:55.0641 0x151c  Rasl2tp - ok
09:46:55.0695 0x151c  [ BA5D65F1D7798B1D3DA70BC19DB6AF2C, CD06C8DCFAF289B8821DFC16CF1926151DC2C92992AF6CFF22C4351150580EAF ] RasMan          C:\Windows\System32\rasmans.dll
09:46:55.0783 0x151c  RasMan - ok
09:46:55.0821 0x151c  [ E250ADBB0C3E564BAF7CBBA4BAFE0A60, 83B6ABFC0C5700089EA967939564EF5FA2F5C40D2CA378D427CE59FFACD99D71 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:46:55.0835 0x151c  RasPppoe - ok
09:46:55.0878 0x151c  [ 8CEFAAE1407C34CAB74577B7E1CCFDA8, 6A20174A9BCE9AFD9BE2D5F18FA4453766EC6463E8A97D8B00483A53A4000875 ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
09:46:55.0899 0x151c  RasSstp - ok
09:46:55.0942 0x151c  [ B11D62CA7CBC31ABFF141E278AC69B57, 24B7C4BB93CC5A1A105A29460F19775DB017520ECAA5136CA55EF408E1239B68 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:46:55.0959 0x151c  rdbss - ok
09:46:56.0089 0x151c  [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
09:46:56.0184 0x151c  rdpbus - ok
09:46:56.0252 0x151c  [ 5C322D590CEBCAF2F333EBE70E178AB4, 9A31AA9C179FF4D4EE4128B3E28D1921709EB2AFA0A6B9CB5A2703B4DE4CBFCF ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:46:56.0261 0x151c  RDPDR - ok
09:46:56.0288 0x151c  [ B3C2433FC1E532D927A3871385610FBC, 7DE51633A3E59FFC0769D46BF44D8E39847333EA7581E49F148646F3CD24D4AA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:46:56.0301 0x151c  RdpVideoMiniport - ok
09:46:56.0391 0x151c  [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:46:56.0420 0x151c  rdyboost - ok
09:46:56.0475 0x151c  [ 57736A8A8E492F393060C683A8CA1B69, 73E49BE4C6DB192073C42233F8CDFA01A7DC629806B824EAAC1557935083F43A ] ReFS            C:\Windows\system32\drivers\ReFS.sys
09:46:56.0567 0x151c  ReFS - ok
09:46:56.0676 0x151c  [ B193441867F5CF0F06798A4A2F15E17F, 8FD6A0A6442424630655EA07841B4601716D867D53B91E8BB7ECE51336642630 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
09:46:56.0712 0x151c  ReFSv1 - ok
09:46:56.0834 0x151c  [ 36389FCD6FCF5956B037DFA7208DEEFE, 78693C0032D3037EE1969778B55FC2249D5565D0AFE7ADACE5F783135C675A3E ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:46:56.0879 0x151c  RemoteAccess - ok
09:46:56.0982 0x151c  [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:46:57.0016 0x151c  RemoteRegistry - ok
09:46:57.0082 0x151c  [ 5E1E8C86D95D927FA1A4386063DAB0A5, F924C9A5D1BE07E593856A501A604CEC6A1DD6A0EBE2DF8A84F41DAAFF67D7CE ] RetailDemo      C:\Windows\system32\RDXService.dll
09:46:57.0113 0x151c  RetailDemo - ok
09:46:57.0152 0x151c  [ 498C3D4D44382A96812A0E0FF28D575B, 23CB784547268CF775636B07CAC4C00B962FD10A7F9144D5D5886A9166919BBA ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
09:46:57.0157 0x151c  Revoflt - ok
09:46:57.0185 0x151c  [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
09:46:57.0205 0x151c  RFCOMM - ok
09:46:57.0218 0x151c  [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy         C:\Windows\System32\drivers\rhproxy.sys
09:46:57.0302 0x151c  rhproxy - ok
09:46:57.0334 0x151c  [ ED03402939D0815CE4F29F9DCDF8D667, 79C19A4897914B1CC5ED79BEB6B47ECC1330AAA4C6F44F6B9D5D9B31D91A7EF0 ] RmSvc           C:\Windows\System32\RMapi.dll
09:46:57.0349 0x151c  RmSvc - ok
09:46:57.0400 0x151c  [ 95D3735131A6D9BE8A3631A935B946CA, F9814D2C0E1195A4C799DCA953C6DE3B161878779BE4235735E691175C3CE97F ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:46:57.0411 0x151c  RpcEptMapper - ok
09:46:57.0518 0x151c  [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator      C:\Windows\system32\locator.exe
09:46:57.0534 0x151c  RpcLocator - ok
09:46:57.0565 0x151c  [ 62E6F8ED10F2864DCCD5793C9E899EC8, 29405230E68E4BD26CA9E115D25A4BBCF6C69007A9066AF0550D5A8CAF451FF1 ] RpcSs           C:\Windows\system32\rpcss.dll
09:46:57.0608 0x151c  RpcSs - ok
09:46:57.0631 0x151c  [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr          C:\Windows\system32\drivers\rspndr.sys
09:46:57.0669 0x151c  rspndr - ok
09:46:57.0920 0x151c  [ 9FD553EC630283D118812F2FDE0EBDDE, 6EF2E531AE7A8A636FDED68EA679BCCF692758D905BEC35053A240131ADA3463 ] RtlWlanu        C:\Windows\System32\drivers\rtwlanu.sys
09:46:58.0216 0x151c  RtlWlanu - ok
09:46:58.0247 0x151c  [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
09:46:58.0277 0x151c  s3cap - ok
09:46:58.0315 0x151c  [ A6236E9A991C5B4E450AA6F25A460BCC, D70219DBE8CDA2F93972EA4574AA47E57B61480EF31C69510A8FAF681B0BFF46 ] SamSs           C:\Windows\system32\lsass.exe
09:46:58.0322 0x151c  SamSs - ok
09:46:58.0361 0x151c  [ 14AC9857435A1D1C632816AA2B8E63F3, 2670CD9FEF92CD591B0A79D0DB7ADAD77030291C8CBC13F219CA70EF69BC7638 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:46:58.0368 0x151c  sbp2port - ok
09:46:58.0407 0x151c  [ 72A421484874573F4DD1C6191C37A0EA, BD5106C7FEA89B92430E8EAA210D8D4E630538480A23AB75FF447CA479EC20AE ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:46:58.0459 0x151c  SCardSvr - ok
09:46:58.0498 0x151c  [ DA48FDCB839A15953951EBD839AE2624, 82444640A3AD9CFC036500534EE909CCB8C2CC119A7B5F54DF824F854AD7E08E ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
09:46:58.0511 0x151c  ScDeviceEnum - ok
09:46:58.0554 0x151c  [ ADA29A94C3C187461CFB42052563ADB5, 1D51AA50E706F78473C19A5B73653BA81EA4D2454B55EBB0DD38837C474858E7 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:46:58.0564 0x151c  scfilter - ok
09:46:58.0637 0x151c  [ C736C5447CC2141560D79B990D82FE7D, 4D6B4D425ED7066A2EA3E3209F48C84E6074F9093F9B7E3A9BD16BB9D74056BC ] Schedule        C:\Windows\system32\schedsvc.dll
09:46:58.0668 0x151c  Schedule - ok
09:46:58.0706 0x151c  [ 14DD371343EFEC95013A273DEBCFE96F, A321C20A1221AC1F6D7BDEF9FAF0C6AE138353EF5F859EBF1ECF55A97414FBA3 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
09:46:58.0713 0x151c  scmbus - ok
09:46:58.0754 0x151c  [ 8445EF0312F43ED972F055F59065E2C1, 40DFFCE462031D22F7ADF0BD62D31960D66BE385DE3F2A40431196DE7B87436D ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:46:58.0770 0x151c  SCPolicySvc - ok
09:46:58.0794 0x151c  [ 42DCBBD0FC485387D9FD769A6452DFE2, 0128C7D0EECAD6603005086ADF10033674CF903419A7ED9C69392BE31B8297BC ] sdbus           C:\Windows\System32\drivers\sdbus.sys
09:46:58.0807 0x151c  sdbus - ok
09:46:58.0821 0x151c  [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd           C:\Windows\System32\drivers\SDFRd.sys
09:46:58.0826 0x151c  SDFRd - ok
09:46:58.0889 0x151c  [ B5505B3A77E98CD48546EE3A37F6E474, A76CD3458389634707025D4D1EBC4399B70987882A786B3FBFAC977982142301 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:46:59.0145 0x151c  SDRSVC - ok
09:46:59.0186 0x151c  [ 8B4B79B8B5CB5F83092487200FE173E2, 2466CC86C390417498EF3EF881E40B814E4E25B451AA1874683059B4273925F3 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
09:46:59.0220 0x151c  sdstor - ok
09:46:59.0272 0x151c  [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon        C:\Windows\system32\seclogon.dll
09:46:59.0282 0x151c  seclogon - ok
09:46:59.0351 0x151c  [ 291F9B01E345C70EF390EDE08CDACCEE, DA04FB5CF7E65D7EA011362E8BFEC80BFF7F02C3B70B351FDD9C4C33AC124B04 ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
09:46:59.0461 0x151c  SecurityHealthService - ok
09:46:59.0600 0x151c  [ 10FCA5CAE37D6E7E6E95A7334EF6FFF1, E943394D5286B280E916D19DEBF44219C474C86BD413944C9300A8808BF775EB ] SEMgrSvc        C:\Windows\system32\SEMgrSvc.dll
09:46:59.0659 0x151c  SEMgrSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:47:00.0024 0x151c  Detect skipped due to KSN trusted
09:47:00.0024 0x151c  SEMgrSvc - ok
09:47:00.0085 0x151c  [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS            C:\Windows\System32\sens.dll
09:47:00.0118 0x151c  SENS - ok
09:47:00.0222 0x151c  Sense - ok
09:47:00.0503 0x151c  [ 38339304CB5D1154A10699A526ABDF4F, B7027BFF6DBFC68315CCE2B6E8F4A5854A94C388D7AF71FE4F59B58F43C742C1 ] SensorDataService C:\Windows\System32\SensorDataService.exe
09:47:00.0549 0x151c  SensorDataService - ok
09:47:00.0636 0x151c  [ 207FA2E4C1C74D930C61F01E3DD8EAD6, FD98FF3DF2A33E4893D0E8E8E48F88DEC42443B9CDA289EA755D53471988488A ] SensorService   C:\Windows\system32\SensorService.dll
09:47:00.0672 0x151c  SensorService - ok
09:47:00.0759 0x151c  [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:47:01.0248 0x151c  SensrSvc - ok
09:47:01.0299 0x151c  [ 22068CA363EAF69A8EF6EBBBD580A8E8, 45F87C7D04B8F20290BBA8517BACE138D1E2112A268CCFFC2DFC407A81C0A197 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
09:47:01.0308 0x151c  SerCx - ok
09:47:01.0351 0x151c  [ A5E6D99D319610030C3CA982DCAA3624, 8F1BCEDC5FEA5AF0260B573EE171E1D895EBAB5A51BEA1F84D3043F6612050A9 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
09:47:01.0358 0x151c  SerCx2 - ok
09:47:01.0372 0x151c  [ 7A289A4FFAA43D81F091A302512059A6, 9A4EC5EAF65ECB6518C462E837EB76286F1BA7A8C9E26DC46586DC4F189BD1B7 ] Serenum         C:\Windows\System32\drivers\serenum.sys
09:47:01.0390 0x151c  Serenum - ok
09:47:01.0447 0x151c  [ DCE5D050F3B06D30985EE126257DEEB6, 024C1F9FBEFDCBC174733A5C97B121A6D7AD30E836C1820054BCB45F99FB4373 ] Serial          C:\Windows\System32\drivers\serial.sys
09:47:01.0460 0x151c  Serial - ok
09:47:01.0478 0x151c  [ B13F5A8574F0B71B2E4C84B171C28724, C812F61726BDFEFFE468DFA3491E5F465D22835C54E3559E04B452940C0EEEEE ] sermouse        C:\Windows\System32\drivers\sermouse.sys
09:47:01.0496 0x151c  sermouse - ok
09:47:01.0810 0x151c  [ 4856CC4E3433A8FD246E8978A02653FA, E3B6E15917C86EC95E9BB0EB206F17DD277CEEE1B00854A791BB23C7F6C06E2E ] SessionEnv      C:\Windows\system32\sessenv.dll
09:47:01.0902 0x151c  SessionEnv - ok
09:47:01.0923 0x151c  [ AD1B790A42984A825068B849A88AD322, 63881202D6D900656F50A0E40CB743D0769C2AD9810FE96387E9DAF2BC89E4C5 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
09:47:01.0956 0x151c  sfloppy - ok
09:47:01.0982 0x151c  [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent       C:\Windows\system32\drivers\SgrmAgent.sys
09:47:01.0998 0x151c  SgrmAgent - ok
09:47:02.0077 0x151c  [ ADCB1547604916F9E84AC9F436BF89FF, 29DBF6E36C4CF437B4E4563FF466FCB53EAB8FD49363398D5D399EDDBEC10AC0 ] SgrmBroker      C:\Windows\system32\SgrmBroker.exe
09:47:02.0098 0x151c  SgrmBroker - ok
09:47:02.0256 0x151c  [ 695E536B9372B209473FC3B29343DB27, EFD82274D4555457A44E8A9C7FC2A767075196218FD62790D9DEEED1732B2A86 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:47:02.0304 0x151c  SharedAccess - ok
09:47:02.0366 0x151c  [ E2D2F7C700B870E69942E064865A21B9, C8CBD40A7AF8CE2CA6DAF640FF866E2BE42E5CFA618E2E2DA0EE2B96969648F0 ] SharedRealitySvc C:\Windows\System32\SharedRealitySvc.dll
09:47:02.0425 0x151c  SharedRealitySvc - ok
09:47:02.0514 0x151c  [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:47:02.0529 0x151c  ShellHWDetection - ok
09:47:02.0664 0x151c  [ 6B86EBDF20633BED3969180255953E09, F18C45C7C67AF9E9E2EC37C3C79CF7435CCC30BF2D9DE61EF7A33A60200F78FC ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
09:47:02.0703 0x151c  shpamsvc - ok
09:47:02.0747 0x151c  [ 9AB1BADC5A324DA39186B81BC6CE6E2E, 567710C90BD71600A31A3408DB065B43C844DCFD12045FDE04CD59D932DC8353 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:47:02.0764 0x151c  SiSRaid2 - ok
09:47:02.0808 0x151c  [ 60213AF297023C005453E1CBF7CB6FE7, 718C833E5EDFE642F3B254515E29641BF2D8E56E22F6B795024BF64721AB874E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:47:02.0818 0x151c  SiSRaid4 - ok
09:47:02.0932 0x151c  [ 196A46BA842A219EC6DE7B7B7D9AAB7E, 4EF7BE37F92557C8B0D30999541F284CC4A3E8FD98E0D78146F9F00D54E11BB9 ] SmartSAMD       C:\Windows\system32\drivers\SmartSAMD.sys
09:47:02.0940 0x151c  SmartSAMD - ok
09:47:03.0056 0x151c  [ FF75E3F42E77904238AED44E4E03BAEF, 535013A9E3324198E1016963EBF306F3D34583F7031EE753EC6095B15E2D492C ] smbdirect       C:\Windows\system32\DRIVERS\smbdirect.sys
09:47:03.0191 0x151c  smbdirect - ok
09:47:03.0221 0x151c  [ ABE0BC275C8A19EEE06B94DD2EAC572E, 13534ED002D2CB6CDA138D925618774DB9FD60D9BD1B7E0499A23D904AE0F8FA ] smphost         C:\Windows\System32\smphost.dll
09:47:03.0228 0x151c  smphost - ok
09:47:03.0329 0x151c  [ 4E3C693505FDCC0D33DB214699A9EAE6, 1C873640728B4585CC8D2AE92AF4745BD090E38365C8B212CB5E1C8A8482C0A5 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
09:47:03.0354 0x151c  SmsRouter - ok
09:47:03.0528 0x151c  [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:47:03.0536 0x151c  SNMPTRAP - ok
09:47:03.0575 0x151c  [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser     C:\Windows\system32\drivers\spaceparser.sys
09:47:03.0583 0x151c  spaceparser - ok
09:47:03.0608 0x151c  [ 422A7B5E41AD97859AB5E809C179AA8E, FD75C737ACC4DDFE097997722FD50667AFA8D53739FBEF13252F96824FF279ED ] spaceport       C:\Windows\system32\drivers\spaceport.sys
09:47:03.0637 0x151c  spaceport - ok
09:47:03.0687 0x151c  [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
09:47:03.0694 0x151c  SpatialGraphFilter - ok
09:47:03.0707 0x151c  [ B6029A86D8DE5AE85E01506E0222A491, E8A7BB7D299B457EF9E3E32893E5DCF3DEE1704B9E02A0583439941CA6E1C9AD ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
09:47:03.0714 0x151c  SpbCx - ok
09:47:03.0783 0x151c  [ 18581DEA4C3F92993862605BF2CB537E, 85C48785E9B56B51F6F9DA63024C60409E8674EE76D369126FB4AA803501A83D ] spectrum        C:\Windows\system32\spectrum.exe
09:47:03.0812 0x151c  spectrum - ok
09:47:04.0010 0x151c  [ C98A3A0395AE60D108CBED7ACEBC0531, 00AC7E58DFC2F6757C0C2268EB441E4E8FB317427840971A1049011CD2888A35 ] Spooler         C:\Windows\System32\spoolsv.exe
09:47:04.0077 0x151c  Spooler - ok
09:47:04.0284 0x151c  [ ECA1C32C297E36CB925173CF7223168A, 51459A8DF8318B7C7505A107A34C6E008727501F61D122724EDDEEAFC465DF83 ] sppsvc          C:\Windows\system32\sppsvc.exe
09:47:04.0392 0x151c  sppsvc - ok
09:47:04.0439 0x151c  [ 6218EB03BF54117AA39ACF07E3973C59, A43E5AD1D2920A0ECA734835C83C96117F27F2880F8FF9E2088CB8C9447B5AF4 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:47:04.0477 0x151c  srv2 - ok
09:47:04.0507 0x151c  [ 2BDF4469E8D403074F77F313446B4180, 7FD41503C2DB1E8A03B6AE74C2DC31592CD63200166E04F54E3B67633A542DD6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:47:04.0523 0x151c  srvnet - ok
09:47:04.0589 0x151c  [ 0F5B38965C97B07EDBE51ACCE49AE0E2, 4EC1C3FB4EF89249553620F0DC87D43358AED7AAF6860CFD739381F1C8A9B9B9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:47:04.0633 0x151c  SSDPSRV - ok
09:47:04.0723 0x151c  [ 9FFECD197D09FF33B00D5E5B78A48146, 79C03E83B42E3C0402680B47A2493C3C506E2D212062859BD7C4EBACA46F3AD5 ] ssh-agent       C:\Windows\System32\OpenSSH\ssh-agent.exe
09:47:04.0813 0x151c  ssh-agent - ok
09:47:04.0864 0x151c  [ 2775EF3E0E76D9A44AB60D6143FA92A5, EDAE87919A509204967AFD9500021DCAE4EE9DC2D89DEF7960D5DDB1A594C9D3 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:47:04.0905 0x151c  SstpSvc - ok
09:47:04.0966 0x151c  [ 3F57CB384B925FF1C5B307823D658DD5, 14BCE9A3209C5B26D3DBA40E706D283FF1351B20B263BE7452FF254604396DC7 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
09:47:04.0974 0x151c  ssudmdm - ok
09:47:05.0143 0x151c  [ 46826B02C346D48A62FF11882AF662BB, DE8FAD3E99D0E90CE8ABA15D604CF1E80F16C9E4B92F1A41A63D56CF7D96A414 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
09:47:05.0285 0x151c  ss_conn_service - ok
09:47:05.0427 0x151c  [ 35B9F1B5C0ECED1BFC2AC1196E6914A2, F3B59AE17D2B449389B64F19F57EB98400583740DF6BBE8C69B331AB3EB23427 ] ss_conn_service2 C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
09:47:05.0469 0x151c  ss_conn_service2 - ok
09:47:05.0772 0x151c  [ A1E91D85480BC83131F0367CD392A4F1, FFD6D25803649DD8C70541DF68AB1F77E1803FF7FE489C4CF48DC1F4C9387E51 ] StateRepository C:\Windows\system32\windows.staterepository.dll
09:47:05.0920 0x151c  StateRepository - ok
09:47:06.0107 0x151c  [ 09DC471B4573F3D01D7E448B526AE70A, 766FD1E1D2F73DE202FB337F6A6A5BA0317772AAAA644E9103BB5DF438162F51 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:47:06.0129 0x151c  stexstor - ok
09:47:06.0485 0x151c  [ 27CCDFB300302826F5CCFF0678F20D80, 84816CB7033FDEDA560E03995C254577E5BB23E15C7C03FB68074C2E60F31B66 ] stisvc          C:\Windows\System32\wiaservc.dll
09:47:06.0560 0x151c  stisvc - ok
09:47:06.0702 0x151c  [ D6061B29DC26C01E7A2F2035F3E75484, 3AFFBE8FB1D13E26BF0066367B6523E6143E38CA418D6A6783E53CCCDB5B9D38 ] storahci        C:\Windows\system32\drivers\storahci.sys
09:47:06.0718 0x151c  storahci - ok
09:47:06.0751 0x151c  [ BC29C374F70367C2631EF4D41B59C608, 9254A5E6D879F4E22595D0A07B38BD1516C0362DEDC7CA00AF6F52F822AF4E2A ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:47:06.0758 0x151c  storflt - ok
09:47:06.0820 0x151c  [ 41220C3406D1C9B290F4E8A59347A591, 3AFBA71F80A8CE78DF7B5C37EBDF6492C2315A0CC6A785840D19DE8C9A6BE382 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
09:47:06.0828 0x151c  stornvme - ok
09:47:06.0855 0x151c  [ 995F082126674C6D1423E29FBCEA9F39, E86386156F982B59C00991D40A6E1862CA322F151BF965B14572D13AA207D614 ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
09:47:06.0861 0x151c  storqosflt - ok
09:47:07.0198 0x151c  [ D6308596C66032B473598DA230BBADE2, C6DAE8F3ECCE0AF3BDE02E55EE208A470DF2C094524BDFB248B6989EA4D0D8AC ] StorSvc         C:\Windows\system32\storsvc.dll
09:47:07.0346 0x151c  StorSvc - ok
09:47:07.0405 0x151c  [ 4F09426C0BB18A1C5C3B77483991AA8E, 11C8958D536E9F381386D8B2292A1C1B7ED137E4AE3E88B3D1FB9F5DD66A5425 ] storufs         C:\Windows\system32\drivers\storufs.sys
09:47:07.0412 0x151c  storufs - ok
09:47:07.0475 0x151c  [ 0A13C67C267BFA1A0D1FE72A9D65BD5F, B44327F3134FA0166ED9E31BC724120B642AE5E96CEFF599867F03463ABB1406 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:47:07.0498 0x151c  storvsc - ok
09:47:07.0715 0x151c  [ F277E78E2A945D450DACA8AEABFB13A1, C9AD660FB53BA3A5A41CB5B801A150B6BD07525C5BA06AE703B92A227EE8F39B ] SU10Guard       C:\Program Files (x86)\StopUpdates10\SU10Guard.exe
09:47:07.0721 0x151c  SU10Guard - ok
09:47:07.0753 0x151c  [ D73F83E795F3BC100C21EDA2BD6DE307, 0DC828C46E057ADA9934424BF00067B17EEB8E0108CE1E309C8DEA4CC42448BA ] svsvc           C:\Windows\system32\svsvc.dll
09:47:07.0795 0x151c  svsvc - ok
09:47:08.0494 0x151c  [ 0547BB19EFA07BEF0F679A054EB5CFEC, D618F57B78B3FFEC29E8C4472E0AA72EF1CA0C83DE968373B818ABA4D9747E2D ] swenum          C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
09:47:08.0500 0x151c  swenum - ok
09:47:08.0599 0x151c  [ B17F6115D4ACD4BE197587CCDAF1A855, 96AF73089C14C0E2DE58ED8D1D76942562C70A00807CF5EB86CC4B1C120D0886 ] swprv           C:\Windows\System32\swprv.dll
09:47:08.0675 0x151c  swprv - ok
09:47:08.0793 0x151c  [ 39DA98A21DF2129DB71B58786F37FE16, C395FD230A9295500C0A8675D67791E9CE8A33B7B7633BE459AC55C0F33C1500 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
09:47:08.0880 0x151c  Synth3dVsc - ok
09:47:08.0949 0x151c  [ 79F5391D4DE523D814B1516766E30131, 362E6845CAE723A886A4AF8762356AEA2F19783573B2BAB2056D8A1D3E2E1403 ] SysMain         C:\Windows\system32\sysmain.dll
09:47:08.0976 0x151c  SysMain - ok
09:47:09.0006 0x151c  [ 7787C9D459D5975D225C94B4450D6D63, 812618A679354712F137E70DE8F51C689987A5D69242B8DCD4A32E5EDAD0A18B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
09:47:09.0068 0x151c  SystemEventsBroker - ok
09:47:09.0181 0x151c  [ E2F4F8D0984BD41CB5D7288533819721, 7DE2195CCB7491BC065B621F050DCB5B4D6FAAEB94AF7758C7234195CF682B65 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:47:09.0212 0x151c  TabletInputService - ok
09:47:09.0253 0x151c  [ 20CEAECE4ECDEBC89C82F1998696D596, 439559DE34BE096824CB70A97524E843CE2802092A9C882167F4CB08FE9664A7 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:47:09.0268 0x151c  TapiSrv - ok
09:47:09.0415 0x151c  [ 90E007586FE34A9CD3E9D7DDFE21FF7D, B2E2B5836F1F376860F0E49A142748E0223A5726BAAAAD97E7B94583782A8E10 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:47:09.0498 0x151c  Tcpip - ok
09:47:09.0571 0x151c  [ 90E007586FE34A9CD3E9D7DDFE21FF7D, B2E2B5836F1F376860F0E49A142748E0223A5726BAAAAD97E7B94583782A8E10 ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
09:47:09.0613 0x151c  Tcpip6 - ok
09:47:09.0634 0x151c  [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:47:09.0650 0x151c  tcpipreg - ok
09:47:09.0683 0x151c  [ 9C4C6E0C590F789CECB7A6D437E5A284, 6516ED3DF480BA6071C8D97EFC0A7E2C78182BC7546B7DBEFCD010E9F3CC9500 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:47:09.0702 0x151c  tdx - ok
09:47:10.0055 0x151c  [ 3DE1FA5A5E4D2419E73EAF584021CBEA, 69CED8E4727839625D5B08CCDD1D99DE0E6B75A34A9135C3955CDC41CF391806 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
09:47:10.0198 0x151c  TeamViewer - ok
09:47:10.0231 0x151c  [ D16E24D3B8E2F298305DA690EE9D4941, B81EECF81287516BA5CA83F02E3178E93C170919CD7AD9E84C2916B1E9BFC87A ] Telemetry       C:\Windows\system32\drivers\IntelTA.sys
09:47:10.0235 0x151c  Telemetry - ok
09:47:10.0265 0x151c  [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
09:47:10.0270 0x151c  terminpt - ok
09:47:10.0408 0x151c  [ 780512970B44C32A56044AEFF90BF838, 0AD0D87284D8C29F6DEEA82951F4EECE7EC94C58BBABBE1CF8DF75EE5AA47D1B ] TermService     C:\Windows\System32\termsrv.dll
09:47:10.0444 0x151c  TermService - ok
09:47:10.0512 0x151c  [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes          C:\Windows\system32\themeservice.dll
09:47:10.0553 0x151c  Themes - ok
09:47:10.0650 0x151c  [ 7005BF7DC5F068712F4A4A1DDD5C4719, 2B871B446CD18D9F8461E5E7C56C2FD3530F06FDED609B8E5A145348C27CB53F ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
09:47:10.0693 0x151c  TieringEngineService - ok
09:47:10.0735 0x151c  [ 00BF066E823540D5D54A3503E8CDA4EA, BB238D76B4B95614D489810CC66DDD49B6930722C530112CFC7EEAFE2D99DA71 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
09:47:10.0760 0x151c  TimeBrokerSvc - ok
09:47:10.0873 0x151c  [ 16A52376ADD9C2F2BFABEC2862B0B5EC, 19AFE782C22222E4ED70ECA08131C1AE34C20072A3E07A47E69263329601DDEC ] TokenBroker     C:\Windows\System32\TokenBroker.dll
09:47:10.0912 0x151c  TokenBroker - ok
09:47:10.0942 0x151c  [ 6AFCD9744087C1FA4840FEE2A7AEFD60, 75CAA5058D214B0904C158266730E662F84A223D8EABA717E116A5CD86F9DE86 ] TPM             C:\Windows\System32\drivers\tpm.sys
09:47:10.0951 0x151c  TPM - ok
09:47:11.0061 0x151c  [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks          C:\Windows\System32\trkwks.dll
09:47:11.0116 0x151c  TrkWks - ok
09:47:11.0179 0x151c  [ 6914359F7B2B19E7DD118C7D1AD73148, 62AD2A1BC45980F985EC6ED94568484BD58833591C836545D0AA167A2E98CDFD ] TroubleshootingSvc C:\Windows\system32\MitigationClient.dll
09:47:11.0207 0x151c  TroubleshootingSvc - ok
09:47:11.0276 0x151c  [ BB7A465630A059E1C9769776AC387CB3, 44F2804B8F74998A7566A2F8838A5FBE56791EB5046F46FE2353F1C58DBE991D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:47:11.0290 0x151c  TrustedInstaller - ok
09:47:11.0346 0x151c  [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:47:11.0361 0x151c  TsUsbFlt - ok
09:47:11.0365 0x151c  [ BF1D6924E7949102DA6F14F7EFE8D2D5, EA6AE80568B8FEB5EAE213EC8222AD72FFD99D80321D7F2A52C1B42A88F583AD ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
09:47:11.0376 0x151c  TsUsbGD - ok
09:47:11.0412 0x151c  [ 5600A496F7E579E64E5C63E566EDD71C, 9292DAE4FAEABFB97B0E78F846A154782CF6B14629D8A8D4691FE50B4DCFB481 ] tsusbhub        C:\Windows\System32\drivers\tsusbhub.sys
09:47:11.0480 0x151c  tsusbhub - ok
09:47:11.0497 0x151c  [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel          C:\Windows\system32\drivers\tunnel.sys
09:47:11.0540 0x151c  tunnel - ok
09:47:11.0652 0x151c  [ E321D883A0A53C9982A12D29DCBF4BB3, C80048018BBFC4970B30521B4323F5481E4BF1BE3E26BFA6B6FAB1225AB2C118 ] tvnserver       C:\Program Files (x86)\TightVNC\tvnserver.exe
09:47:11.0676 0x151c  tvnserver - ok
09:47:11.0716 0x151c  [ 70E0D5256F4A7B893EF070A32C05E1A6, 583F541B895B7E952B19975D0866A469911542D982A999B45B5BF835EB5FFA60 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
09:47:11.0732 0x151c  tzautoupdate - ok
09:47:11.0788 0x151c  [ BD806DA5C342A0074B8A1DAFB6216973, 0EEC7DBD83061DB34EA3FA48D334BB734FB2EA3D00F38548B38C3544A693B690 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
09:47:11.0798 0x151c  UASPStor - ok
09:47:11.0823 0x151c  [ 388FE883FE8D9D307398715C508B96F4, C101A6362E6101DEC559798045CAD7A950C965693F008A4B14EE23F75796CB22 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
09:47:11.0894 0x151c  UcmCx0101 - ok
09:47:11.0966 0x151c  [ 5C100BA18C44C4F8D36211284B5F4C1D, 23853223F434BC3BCCEC7FB1BC1F974E87E7032B41CB588BBD1B44C30952FECD ] UcmCxUcsiNvppc  C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_61e9a7eac960089c\UcmCxUcsiNvppc.sys
09:47:12.0038 0x151c  UcmCxUcsiNvppc - ok
09:47:12.0109 0x151c  [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
09:47:12.0254 0x151c  UcmTcpciCx0101 - ok
09:47:12.0257 0x151c  [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys
09:47:12.0308 0x151c  UcmUcsiAcpiClient - ok
09:47:12.0312 0x151c  [ 5BD491637E55F98BB5BE3FC20412A8DF, 457587013CA9DE11D8EDB7A1227C6DE43EDFB6ABB3C4E461C6AB155BA27604CA ] UcmUcsiCx0101   C:\Windows\system32\Drivers\UcmUcsiCx.sys
09:47:12.0321 0x151c  UcmUcsiCx0101 - ok
09:47:12.0414 0x151c  [ D6BEDCCB2E48589944EDC675D335677E, 2F5A5BA7AEC40C1A440C8DFF81DCE5AB0BDF9CC70ADDE48F8B652665B61F9915 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
09:47:12.0423 0x151c  Ucx01000 - ok
09:47:12.0451 0x151c  [ 6861422B7FFADDEAAA64A0539C910178, 4F8193C0A3525B78CA3CAF4731AE997A214F3DF180F0A3ADCEB2D31D3217850C ] UdeCx           C:\Windows\system32\drivers\udecx.sys
09:47:12.0476 0x151c  UdeCx - ok
09:47:12.0516 0x151c  [ 26D2727935221EFB0063B43A74B375BE, AB809F7EDC5C8A6EEE9610477A79131EA6C3D1BDD3D837B56B6AFF3572923DB7 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:47:12.0542 0x151c  udfs - ok
09:47:12.0644 0x151c  [ 0814C1F18311B475FC483AFB3E990CC8, B8744102B7F9717FA6767417BB27908DFEAEB060D2E627CE743B95C506901E4C ] UdkUserSvc      C:\Windows\System32\windowsudk.shellcommon.dll
09:47:12.0782 0x151c  UdkUserSvc - ok
09:47:12.0854 0x151c  [ 264C183C222EF95D4C64DFA8BA5F0479, 3EF244E91851E03BE77DE49FA7E36769DE287B0CB732CD0140C39FE5118D80B9 ] UEFI            C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys
09:47:12.0869 0x151c  UEFI - ok
09:47:12.0906 0x151c  [ 18829AAD996E5A6A9F9B347318200385, 9000E15B7ABA7E7407FDE2A6EC025E50FCF838ADD66A9620DB15A3868FFD9F0B ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
09:47:12.0921 0x151c  UevAgentDriver - ok
09:47:13.0027 0x151c  [ B7688D8AFB3EE870E95DFB6D86A2712C, 04784CBB65E3810A3246801DCD8ABAA40D02FC0F2C1F967A203DF3DFC6298767 ] UevAgentService C:\Windows\system32\AgentService.exe
09:47:13.0189 0x151c  UevAgentService - ok
09:47:13.0247 0x151c  [ 2B0EE2E39302B66CDCE384CB5522F3A5, 4B04EA7FCF8A719EA90E3CB2F35C606200727F87ABF7124310DC0D7226C337C3 ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
09:47:13.0262 0x151c  Ufx01000 - ok
09:47:13.0309 0x151c  [ EEEECAFD642DB20A8470090C2ACAA6AC, 70FEAD3371792160701D47A808FC78786766E4C7CA7C5ED8DA356BFC991A275A ] UfxChipidea     C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys
09:47:13.0319 0x151c  UfxChipidea - ok
09:47:13.0384 0x151c  [ 2E288D3121BB244C11A22110B29FFA36, C3B9808903EE4FEB785D3DCD368423B633C2338816AE630E7A32FAC21A62B716 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
09:47:13.0403 0x151c  ufxsynopsys - ok
09:47:13.0422 0x151c  [ 9B0690F3C24A5131EC75D433CB926E7F, F68B9296D1666E8A1E06F38F41D54709DFBAE8939E91036D2E47C38744583E21 ] UimBus          C:\Windows\System32\drivers\uimbus.sys
09:47:13.0429 0x151c  UimBus - ok
09:47:13.0468 0x151c  [ 83C25BBB600319541F63E48ED2D7B8D7, 9D2AAFE6A148E2C108B23EEA6D68E8A7A0B5B5CF60ADD5DB51F5FE466067CBC2 ] Uim_DEVIM       C:\Windows\System32\drivers\uimdevim.sys
09:47:13.0473 0x151c  Uim_DEVIM - ok
09:47:13.0525 0x151c  [ E0E764F688DCACBA011BAEB2017B903F, 7802DCDA6F49494245EC9304AECED7BB2E90908BED25A4D47F1FF4615B03DED0 ] umbus           C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
09:47:13.0535 0x151c  umbus - ok
09:47:13.0559 0x151c  [ 493AF687E60E144F59E3F5B7E27AA39B, 3062B25A7747BC417E1D498DB1B11C9631D80F57E4A048101EF5AA26206AE838 ] UmPass          C:\Windows\System32\drivers\umpass.sys
09:47:13.0643 0x151c  UmPass - ok
09:47:13.0781 0x151c  [ 28A7C9E5B95D10B6FFD7E4046B6F4943, 68E84068FC5A895D144C1B470AA0769E52045992DAA6FE95BE6C32FDEB054A84 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:47:13.0808 0x151c  UmRdpService - ok
09:47:13.0887 0x151c  [ 4AB4C17352889F339B5CFF7B46F745E6, 15DFAC383101846D4055E15CF123707EA1C74FC6B244CF6FFA5EB37A9F1D2787 ] UnistoreSvc     C:\Windows\System32\unistore.dll
09:47:13.0955 0x151c  UnistoreSvc - ok
09:47:14.0033 0x151c  [ E648E8CBE88C95FCF61B40085B65E891, 980425AC1539E2FB2E599BD7DDB130FB31B2546F6D529469B62F0309D3356CB0 ] upnphost        C:\Windows\System32\upnphost.dll
09:47:14.0131 0x151c  upnphost - ok
09:47:14.0183 0x151c  [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea     C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
09:47:14.0190 0x151c  UrsChipidea - ok
09:47:14.0224 0x151c  [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
09:47:14.0234 0x151c  UrsCx01000 - ok
09:47:14.0239 0x151c  [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys     C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
09:47:14.0245 0x151c  UrsSynopsys - ok
09:47:14.0276 0x151c  [ F9CDAA90C1E5E356067A88F68B2FF198, 23E2BE5B0897BD9E03EF5396A27F63635B7F40F1DD4C3D88B80030C19A0BAF96 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:47:14.0286 0x151c  usbaudio - ok
09:47:14.0317 0x151c  [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2       C:\Windows\System32\drivers\usbaudio2.sys
09:47:14.0327 0x151c  usbaudio2 - ok
09:47:14.0379 0x151c  [ 11725431DC923A3474DCD827132EE250, 450E4A25BA6FBA63699784F7FFC3820CF0524169210D5404944A0C2FC56549E7 ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
09:47:14.0401 0x151c  usbccgp - ok
09:47:14.0408 0x151c  [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
09:47:14.0443 0x151c  usbcir - ok
09:47:14.0458 0x151c  [ D1E576C8A94A27D896B56F923ED4E4D6, 3AE5ED5EAFBC52028D082D3EC04B526EF60F5D74BBC79DD210A22D9238C61262 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
09:47:14.0465 0x151c  usbehci - ok
09:47:14.0498 0x151c  [ 804C51B11057869624D9292040B45E56, 42404EC0F658121F6553B7DAA3511ED512B7F4B336C2032BA85CD91E8879EEAE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
09:47:14.0551 0x151c  usbhub - ok
09:47:14.0589 0x151c  [ 4AB704FD17CA7D6BAD6A442ADED6AE38, 2B902FDB35CD85DC47B5137AC91FEB14ACA097E294884D53FAD9DE3B24BF2128 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
09:47:14.0605 0x151c  USBHUB3 - ok
09:47:14.0686 0x151c  [ 4E8C3BD185042836203F3AA26B1DE6BC, 8E2B1A8E3F8E1F88E73AE2A34B1726B5C5F6753BAE3FAB1E7CC82C53FF7EE891 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
09:47:14.0716 0x151c  usbohci - ok
09:47:14.0805 0x151c  [ E7D67614480D6365CA96FA6919F6CFF0, 7AC5FAC0D8E0A86CBD67407EA9EF95C6A2CBAA397EB959E074B6D87E85CEBD0A ] usbprint        C:\Windows\System32\drivers\usbprint.sys
09:47:14.0876 0x151c  usbprint - ok
09:47:14.0906 0x151c  [ C1213195609925F6422E2BA69ED6F221, C75DE7DA8C2EF42A98115BA42844C5D1C0798987A48945AF689760DDFAAC8916 ] usbser          C:\Windows\System32\drivers\usbser.sys
09:47:14.0961 0x151c  usbser - ok
09:47:15.0049 0x151c  [ D4ECAFDBBB8312B665D3787966294C3F, 0C479303A8F5B400BCBEE32266F0EDC17C70BBEB988545C812A632D8D2DD60E6 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
09:47:15.0066 0x151c  USBSTOR - ok
09:47:15.0092 0x151c  [ 3D45E616CC66D475E7261875344622F1, 3D602EA3F0A83F8FA7B9FED579B21881BB92272307634B24E0423A9A482D2CD6 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
09:47:15.0152 0x151c  usbuhci - ok
09:47:15.0201 0x151c  [ 53E7D75D50FF339A68B162E01CE7DF3B, DDFE38B7061B0F210E61A112A2832502332C1277584301F7A986A23DEBBD073D ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
09:47:15.0221 0x151c  USBXHCI - ok
09:47:15.0321 0x151c  [ 12DB5302310C244632A997D52DFAB2C6, D035B96CB61CE2BDA341D872CD4BB6093BBB260BEFABCDEE486048D0CCD0141A ] UserDataSvc     C:\Windows\System32\userdataservice.dll
09:47:15.0361 0x151c  UserDataSvc - ok
09:47:15.0464 0x151c  [ C520EE8DF59EF2D8214F1BF2958B5C8F, 25E0FD113A5CA2A07E7C7FB0E1F9FC94EEF561AEB8098D2816CDA88FB0489C25 ] UserManager     C:\Windows\System32\usermgr.dll
09:47:15.0504 0x151c  UserManager - ok
09:47:15.0563 0x151c  [ E325712455EF156ECB559D0687A64F4A, D52D5BDD3DBE8F70AB4AF57C6092A9D55A0DF8D15C6AACA3617F4701DC804F20 ] UsoSvc          C:\Windows\system32\usosvc.dll
09:47:15.0596 0x151c  UsoSvc - ok
09:47:15.0680 0x151c  [ EF5B200C6009FDAA6693A7DB7A1A10D0, C23E169D28539A3AAD2EFA4DA8EF2C93F0C471530A2716F309075B173F926F2A ] VacSvc          C:\Windows\System32\vac.dll
09:47:15.0701 0x151c  VacSvc - ok
09:47:15.0768 0x151c  [ A6236E9A991C5B4E450AA6F25A460BCC, D70219DBE8CDA2F93972EA4574AA47E57B61480EF31C69510A8FAF681B0BFF46 ] VaultSvc        C:\Windows\system32\lsass.exe
09:47:15.0774 0x151c  VaultSvc - ok
09:47:15.0808 0x151c  [ 661233B58190B487682839F1559A7962, 2BE132106C26A9073B6E9CB646E6A2C003558B8924ED0BDC3A0533FC98E03BF4 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:47:15.0815 0x151c  vdrvroot - ok
09:47:15.0934 0x151c  [ 8845765B4D416FD2835C27C58A15E99E, 8A0AA93F17FEE2C816D57ADB6B6BE38D195D87A3CDCFBDDB78E0AF0D5452BC5E ] vds             C:\Windows\System32\vds.exe
09:47:15.0976 0x151c  vds - ok
09:47:16.0029 0x151c  [ 46684A95E908F0A6A2355AA46A3B2A77, A25DFDA0572EF014905619DF21427518EA5C01CFB13B9927ADA305B29DBBFEFE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
09:47:16.0041 0x151c  VerifierExt - ok
09:47:16.0075 0x151c  [ 4FDDC2D1746FFB8BC7F16C6E4B8BEF6C, 8564B7D68FA6740FC6C0FBE012AF74FD3CD1390BB6520177A3E95D5DEB03ABFC ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
09:47:16.0093 0x151c  vhdmp - ok
09:47:16.0119 0x151c  [ 7F2F04A354582D3D34F5B2B4EFF07189, 98188182D328414832D06E957601A997AD2B2B0F088B089181EDE8FAB0AF733C ] vhf             C:\Windows\System32\drivers\vhf.sys
09:47:16.0166 0x151c  vhf - ok
09:47:16.0290 0x151c  [ 8127F00C5A0B911A5969E57AC0016B7E, BAEF152D8717147BE10767798E4E2CC018C2E21EA0FBA0BC251A23E35A1E95C5 ] Vid             C:\Windows\System32\drivers\Vid.sys
09:47:16.0314 0x151c  Vid - ok
09:47:16.0365 0x151c  [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender   C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
09:47:16.0406 0x151c  VirtualRender - ok
09:47:16.0423 0x151c  [ FEDA399F270BCFDA56F059618300AEA5, 2C50A72A7A2048D630E2F45F1E7B3A7B70952C5B37C28821C8DC0226C71E4747 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:47:16.0432 0x151c  vmbus - ok
09:47:16.0464 0x151c  [ C29F63BB3B99B3F2030113160A741684, 43DF7A6DD305D1696D28A54E12B75AE041B075E789DB5D0C8DDF250E75585AA1 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
09:47:16.0473 0x151c  VMBusHID - ok
09:47:16.0497 0x151c  [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid           C:\Windows\System32\drivers\vmgid.sys
09:47:16.0504 0x151c  vmgid - ok
09:47:16.0642 0x151c  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicguestinterface C:\Windows\System32\icsvc.dll
09:47:16.0652 0x151c  vmicguestinterface - ok
09:47:16.0658 0x151c  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicheartbeat   C:\Windows\System32\icsvc.dll
09:47:16.0666 0x151c  vmicheartbeat - ok
09:47:16.0672 0x151c  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmickvpexchange C:\Windows\System32\icsvc.dll
09:47:16.0681 0x151c  vmickvpexchange - ok
09:47:16.0762 0x151c  [ 518D84A37E7F1A298C8888FF08B3B0DE, A8B9515704B1B17112BFC03E27251833AE9A580079963DE9B71B5202004060BD ] vmicrdv         C:\Windows\System32\icsvcext.dll
09:47:16.0788 0x151c  vmicrdv - ok
09:47:16.0795 0x151c  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicshutdown    C:\Windows\System32\icsvc.dll
09:47:16.0804 0x151c  vmicshutdown - ok
09:47:16.0862 0x151c  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmictimesync    C:\Windows\System32\icsvc.dll
09:47:16.0870 0x151c  vmictimesync - ok
09:47:16.0876 0x151c  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicvmsession   C:\Windows\System32\icsvc.dll
09:47:16.0885 0x151c  vmicvmsession - ok
09:47:16.0891 0x151c  [ 518D84A37E7F1A298C8888FF08B3B0DE, A8B9515704B1B17112BFC03E27251833AE9A580079963DE9B71B5202004060BD ] vmicvss         C:\Windows\System32\icsvcext.dll
09:47:16.0902 0x151c  vmicvss - ok
09:47:16.0935 0x151c  [ E2718261094D38471C7E2F3A44736535, D8A4263FFCC8923201C7D9A41ABADA6BF63F32F5581E8570EEA95BE7DDAF85E2 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:47:16.0949 0x151c  volmgr - ok
09:47:17.0013 0x151c  [ 796F1C83861C02A97571D0EDAB490B70, 71CE8D930AE82C2B2628CBF3BB3AE1A8CF039BD702BDE912D499FCF45332F5A6 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

Arcanine · 9 Febrero, 2021 03:03

TDS Killer (parte4 - final)

09:47:17.0024 0x151c  volmgrx - ok
09:47:17.0104 0x151c  [ 33D398981F1B198477EBD9F7D7430F1B, 16D6A20285F8777583C5AE4B7CC7CF9FD05316CF59142B80C2CCC9FF2DAB04AF ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:47:17.0124 0x151c  volsnap - ok
09:47:17.0150 0x151c  [ 770E710BEA3CCC595EE3703297B40D76, C03E3367B92307993BC169583CB298265FC1C35CF5973EC352C1E08FFCFD1928 ] volume          C:\Windows\system32\drivers\volume.sys
09:47:17.0155 0x151c  volume - ok
09:47:17.0225 0x151c  [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci            C:\Windows\system32\drivers\vpci.sys
09:47:17.0239 0x151c  vpci - ok
09:47:17.0337 0x151c  [ 1A4D9FAED669BC42E5A1CD8442729AB2, E70778AF6B0C9709CB8CEF655C6DD8B5A61CC70BFD35A43304C1308EA478C550 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:47:17.0348 0x151c  vsmraid - ok
09:47:17.0464 0x151c  [ 2A6BB06A14D810601F8CA02A98A3E16F, 0BA31F101507CD279108F7845AA7EF38B7ADC2E595921F6A1C09954A2315409D ] VSS             C:\Windows\system32\vssvc.exe
09:47:17.0525 0x151c  VSS - ok
09:47:17.0580 0x151c  [ 6E0092973E35BE6A1F5ED5CBDD202036, 33DAF53C81D5BAF9337192A84DF50C108BAE9B8A858081E2208939CCFF2622F8 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
09:47:17.0591 0x151c  VSTXRAID - ok
09:47:17.0652 0x151c  [ 7BC30ADCCC9BCF2B0A29A320A395EC3B, 373C85F659F07366649697823B4A8B14313F0042A7A04E932429D049D18C7646 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:47:17.0670 0x151c  vwifibus - ok
09:47:17.0686 0x151c  [ E52E3DD859D4095E314E3EC78F9AD4E4, 2ABE2311C9C429308BA0D6BC490AC1C9570ECBC83D9BEDC561E438B7BB4436B2 ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
09:47:17.0698 0x151c  vwififlt - ok
09:47:17.0733 0x151c  [ 39E78C9E9463C8D096021EA08682B5C3, 8E62D4CE0EE294B403AC2FC334C44D4AFFA3ACF07DF5E54645C271FFB0F27E40 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
09:47:17.0741 0x151c  vwifimp - ok
09:47:17.0835 0x151c  [ 3962EDE9E1B45F48436EBE1C936E218D, 4C215BBFF5A2CB97A39E4F3181060DBB720438B4BAB0381B0EA35212173D6D34 ] W32Time         C:\Windows\system32\w32time.dll
09:47:17.0869 0x151c  W32Time - ok
09:47:17.0969 0x151c  [ B1374B931EC545D6F91B6EC8FACD828F, 33E5E832474BE90F5292A12F8DADEED2DEAE0237388207A55A7F2068AA7BDF0A ] w3logsvc        C:\Windows\system32\inetsrv\w3logsvc.dll
09:47:17.0997 0x151c  w3logsvc - ok
09:47:18.0063 0x151c  [ 56E2194236CBA5D300EE83EA699109A1, C4D83D1A2DEBAF375CA119A6854E2158263AD8DEA5B30AB232ED942470D0EA8D ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
09:47:18.0112 0x151c  W3SVC - ok
09:47:18.0315 0x151c  [ 4064770B860EF19D55B9DAE32F1B300A, DCBF1B059DE1430307685AFCE79C5B93B1DD6DBDF22A89B26AA277CE00BBB2E5 ] WaaSMedicSvc    C:\Windows\system32\WaasMedicSvc.dll
09:47:18.0392 0x151c  WaaSMedicSvc - ok
09:47:18.0453 0x151c  [ 1F16C8283230EF1F1C4E135D1C2C859B, E4F672C7E58490F82F859CAEEDD57D8ABCC31DE62A42A956BEE47113D365BE35 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
09:47:18.0472 0x151c  WacomPen - ok
09:47:18.0524 0x151c  [ 65F43FB70FD3B051292E85531763628E, A6AF4F6CA981353337A65E3C07237B8FEE1CA8D46F4D949772B6FCD958B06EBA ] WalletService   C:\Windows\system32\WalletService.dll
09:47:18.0543 0x151c  WalletService - ok
09:47:18.0571 0x151c  [ 21AC026F8B820206798A3DD786C277FA, BFB2F808EA8DBF936C61DC43E0A84E32A69E6A3DC8A12AB3F75D91E63A89329C ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:47:18.0597 0x151c  wanarp - ok
09:47:18.0601 0x151c  [ 21AC026F8B820206798A3DD786C277FA, BFB2F808EA8DBF936C61DC43E0A84E32A69E6A3DC8A12AB3F75D91E63A89329C ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:47:18.0613 0x151c  wanarpv6 - ok
09:47:18.0690 0x151c  [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc      C:\Windows\System32\Windows.WARP.JITService.dll
09:47:18.0712 0x151c  WarpJITSvc - ok
09:47:18.0724 0x151c  [ 56E2194236CBA5D300EE83EA699109A1, C4D83D1A2DEBAF375CA119A6854E2158263AD8DEA5B30AB232ED942470D0EA8D ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
09:47:18.0740 0x151c  WAS - ok
09:47:18.0782 0x151c  [ 9CA1D999F01E0F8AEDDE2CFC187B2C0B, 5AE95F3F77AAED3067CBA39C5B2CD1790B949027E837B5AF580F2A8D4714FB68 ] wbengine        C:\Windows\system32\wbengine.exe
09:47:18.0822 0x151c  wbengine - ok
09:47:18.0928 0x151c  [ 95A860926377DB7C749FD381363E5F3D, 8A77EA20EB4640CBF243A479DFA8DE5ED4D2B7FC05043C10C9FFD85C71FDE9C1 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:47:18.0962 0x151c  WbioSrvc - ok
09:47:19.0024 0x151c  [ A6356145807BB9C5CE67C4C4754DE380, 09C73BE55A555501E359E7E27ECD2CC76C2C8B7EC41950EFC3E80E85ADA6385E ] wcifs           C:\Windows\system32\drivers\wcifs.sys
09:47:19.0037 0x151c  wcifs - ok
09:47:19.0134 0x151c  [ 2E5A66AB07AC6199B25A895EB8FA8867, 8312EAB3A0587E355EF83BEC477B8CE0A59226585E57EAF569263F5BDB3DBBB7 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
09:47:19.0200 0x151c  Wcmsvc - ok
09:47:19.0351 0x151c  [ 04C1AC3629DB555D2F4613FD05DE3576, 312E318190CF6B1D6C0A7DD85FFCBF188CB6C9AFC88E0C8F69804476A53713F2 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:47:19.0395 0x151c  wcncsvc - ok
09:47:19.0445 0x151c  [ 356B1367E6F162D27E61438B528E5590, EAFB2B30184C0BB71D11A079BACB7112C006FEFF8FD9444D17DBB9511E2367A5 ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
09:47:19.0586 0x151c  wcnfs - ok
09:47:19.0598 0x151c  [ 5925250BDDB94B0A5FA0E7FEED36C520, 0845344F7BFAA94AF90920A5346078E6261EEA3A1A77795DDA5B70B38609348B ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
09:47:19.0618 0x151c  WdBoot - ok
09:47:19.0696 0x151c  [ 47DCD64DED164A9148F83A9E7FC0E62C, 1BE1287FAD8F8E38B8D66E718150F4D3F6183091D06222D73633566289377E2D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:47:19.0720 0x151c  Wdf01000 - ok
09:47:19.0805 0x151c  [ C150CD7072592B0BCBB7DACFFC6904CD, 0F4D31410401CC564A5D1FCEF5ED2898DAFB7418C1B39D746E88451CC3518ACA ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
09:47:19.0830 0x151c  WdFilter - ok
09:47:19.0863 0x151c  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:47:19.0925 0x151c  WdiServiceHost - ok
09:47:19.0929 0x151c  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:47:19.0939 0x151c  WdiSystemHost - ok
09:47:19.0972 0x151c  [ 8B0F6CA6BA3331ED287435315BA69F8A, 2ADAC3F87AF84A1CD3B91CFA4D10384316BEBF66DEAC666691F7B865167113E8 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
09:47:20.0069 0x151c  wdiwifi - ok
09:47:20.0081 0x151c  [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\Windows\system32\drivers\WdmCompanionFilter.sys
09:47:20.0087 0x151c  WdmCompanionFilter - ok
09:47:20.0162 0x151c  [ C5552A3A54408AB9A0DC341E21F5EF67, 67838896B7E04EBBE2AA089F09913789A5E8C4B7E7436397135F1F68BB86F03A ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
09:47:20.0235 0x151c  WdNisDrv - ok
09:47:20.0443 0x151c  WdNisSvc - ok
09:47:20.0506 0x151c  [ 4A81FA6E29A3909FC620EC8B7AE0C8FF, 89F67C978A7F58FF1E51CE6DE17FE8FAF64A52A2E96BD188E911517AF1949275 ] WebClient       C:\Windows\System32\webclnt.dll
09:47:20.0518 0x151c  WebClient - ok
09:47:20.0596 0x151c  [ C2F1D4628C22E298F3A3A06B6DC97588, F8CF9237AC6B5B90D9D0B71C9EEAEB3C1E1CFF3362A9C0A2DEB5B14180254155 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:47:20.0657 0x151c  Wecsvc - ok
09:47:20.0686 0x151c  [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
09:47:20.0738 0x151c  WEPHOSTSVC - ok
09:47:20.0865 0x151c  [ 581F0C56ABE314018378E2DE22D50FBA, A92428643D1C99BBC13E7CD5C5E2D91464D3D77C585C86794BDB91C980815241 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:47:20.0896 0x151c  wercplsupport - ok
09:47:20.0978 0x151c  [ 8E76D090D17B91E870E4D91E397CBF91, EB41FA89B33BA72C9ADC21FD44CA3A8306C610B9F9F1940C2463B234AD8729D5 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:47:21.0007 0x151c  WerSvc - ok
09:47:21.0089 0x151c  [ 39B758E2093B9FB42A086BF4BB1B8BEC, 473C61E7F4D734AE9C4BD2E111C6DCE595E9EF167C001CEDC35E53213F2987F6 ] WFDSConMgrSvc   C:\Windows\System32\wfdsconmgrsvc.dll
09:47:21.0111 0x151c  WFDSConMgrSvc - ok
09:47:21.0155 0x151c  [ 6A6E3C123BF2016BDA96E8E92C08BAE1, A58D50106ECB599E32746DDAB35DB07063E895B64E5526DA405B0B1FBDDFB13A ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
09:47:21.0162 0x151c  WFPLWFS - ok
09:47:21.0231 0x151c  [ 7AE4D5A054C5EEF9EF9F42926B52FA47, A58CB62992AB846A31E197DF5161F50323D120DF73B7D33FE7D5F5B1AF209291 ] WiaRpc          C:\Windows\System32\wiarpc.dll
09:47:21.0255 0x151c  WiaRpc - ok
09:47:21.0309 0x151c  [ 58100AE414B011D141C31B7B9910366E, 2B46EA353D4CED8AF30C01DFED474673416F51279B63EB7D6460EFB9CA145370 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:47:21.0316 0x151c  WIMMount - ok
09:47:21.0319 0x151c  WinDefend - ok
09:47:21.0386 0x151c  [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
09:47:21.0392 0x151c  WindowsTrustedRT - ok
09:47:21.0442 0x151c  [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
09:47:21.0449 0x151c  WindowsTrustedRTProxy - ok
09:47:21.0558 0x151c  [ A2D07BB4089CA7BAD386A495CCA005A8, 894620855200F91E24A663A5C0238F229ADC7D706CD4C1F321FE463B377FFB8A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
09:47:21.0588 0x151c  WinHttpAutoProxySvc - ok
09:47:21.0650 0x151c  [ 0816C30E3395E667EFFFB92B4EA66A05, F6A9E7026AA60A6627680F232AE785EA9CF55FE970708E6E49151F601CC42FEE ] WinMad          C:\Windows\System32\drivers\winmad.sys
09:47:21.0672 0x151c  WinMad - ok
09:47:22.0179 0x151c  [ EFC55C07562911514148E83C90F7CC79, 5F91DEBE661ED16B0C4A253049E62617E222256E40E633C7F846571FD447E6C0 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:47:22.0262 0x151c  Winmgmt - ok
09:47:22.0316 0x151c  [ 6FA0E14B22A0585765077A8A4610768F, DF7D6CA240E877A2DB288D0D065CD0F1D86AED03A0045EC20BCDE5F9E2392531 ] WinNat          C:\Windows\system32\drivers\winnat.sys
09:47:22.0468 0x151c  WinNat - ok
09:47:22.0587 0x151c  [ 14CED71639BC01B3EA566FD5CE3E5F21, B95BF15FBC1C57C7AF44916377AF2F9CF70B6470153B0F3DA17B731B4B9776C0 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:47:22.0684 0x151c  WinRM - ok
09:47:22.0775 0x151c  [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
09:47:22.0793 0x151c  WINUSB - ok
09:47:22.0852 0x151c  [ F4C4FD42F8DD657157823DB617CC3A3D, D2A5ED039ED83010E0BB4BB1A69F9D142D42BE2C75E56CFCF3F157A735CB688E ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
09:47:22.0860 0x151c  WinVerbs - ok
09:47:22.0917 0x151c  [ AD4134554F3C3C025C534383EFAD3D0A, 9990E8265A95E053D76DD0C2EB8852EC8873FE0F5C9F782EAEDF54E5BB2E16F7 ] wisvc           C:\Windows\system32\flightsettings.dll
09:47:23.0035 0x151c  wisvc - ok
09:47:23.0204 0x151c  [ 4B7F5B1B2FD9927C12BF700E6FA31898, 40C6CDD5F760CBC207335B1648F78BB6EBCDE2164EAC7834F8D6A62675542E38 ] WlanSvc         C:\Windows\System32\wlansvc.dll
09:47:23.0343 0x151c  WlanSvc - ok
09:47:23.0460 0x151c  [ 48AE66A72ECA846D1A0216D4CE2955E6, 1885F8AC0F95A3B891833A07193819894E3F6E00790B51C0E55AA63D57BD3FB0 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
09:47:23.0589 0x151c  wlidsvc - ok
09:47:23.0772 0x151c  [ DB67CDBAACE4F4C7BED667070322B19D, 29A862177DD0C9BAC4145503E8A669A759492EF9B928D571E0D2A18330F45ACA ] wlpasvc         C:\Windows\System32\lpasvc.dll
09:47:23.0809 0x151c  wlpasvc - ok
09:47:23.0906 0x151c  [ 99AD1B60145B82CC3BB80F1CEAB470DC, EBF6C70713CFCB63DC77FE4C6B884D643F670489287A8969A317CEC1B23EFFED ] WManSvc         C:\Windows\system32\Windows.Management.Service.dll
09:47:23.0980 0x151c  WManSvc - ok
09:47:24.0101 0x151c  [ E4F25E6E790747073A09F9F8C997889C, 98455DD24AE076A2413EA599F83E0894F608C335F3FF2F3624A17E8EAF3B3C42 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
09:47:24.0117 0x151c  WmiAcpi - ok
09:47:24.0181 0x151c  [ 4D05488FEC7D3FB63248CA9652B48CBB, 5D51A62E14BE8F6A6894E8184CFD036EDAFC906D958E162FC9AC48462C6B2248 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:47:24.0252 0x151c  wmiApSrv - ok
09:47:24.0299 0x151c  WMPNetworkSvc - ok
09:47:24.0322 0x151c  [ 68022EB06DCFD1521802D94C8901AF15, 57C8A7D84BBACF87FEAB052D25FF3AED764AC0EE249E0FCF69183803A0D7B59E ] Wof             C:\Windows\system32\drivers\Wof.sys
09:47:24.0336 0x151c  Wof - ok
09:47:24.0448 0x151c  [ 81F1F5F02973F44749F0C2B449C6955E, BA122C63CA361E0C372B84C9A710746C10B2B89ECB04FA66714C6DC08D4666DD ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
09:47:24.0543 0x151c  workfolderssvc - ok
09:47:24.0672 0x151c  [ 4C0B08D60D54CB12B0CF0DD8EE52A1FF, 817BB4183A0C6B1B78480B6528128D53DA9E3508DEFC3863B33DC3CE5BB28346 ] WpcMonSvc       C:\Windows\System32\WpcDesktopMonSvc.dll
09:47:24.0729 0x151c  WpcMonSvc - ok
09:47:24.0769 0x151c  [ 02876C4F9F4EEC8AC30BBCFFE3447AB6, 0744CBBD9F2B867DF456E2B0E113897B654F07E1C96FCB32D4B4B57BE6A3BE81 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:47:24.0845 0x151c  WPDBusEnum - ok
09:47:24.0903 0x151c  [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
09:47:24.0914 0x151c  WpdUpFltr - ok
09:47:24.0968 0x151c  [ 040F7FA155A799B9F642DE9808234CB5, 808871E4211460A9273E6F8386FF764D504FAC183D74FE98AEED3911CD8CACE6 ] WpnService      C:\Windows\system32\WpnService.dll
09:47:24.0982 0x151c  WpnService - ok
09:47:25.0074 0x151c  [ B9401D6EC47178619E4E21701E3567BD, 53F6CE17E02A85E41327DA2D5FD299D5BAF2BD48DDE22DE6688D3EA410C75144 ] WpnUserService  C:\Windows\System32\WpnUserService.dll
09:47:25.0107 0x151c  WpnUserService - ok
09:47:25.0148 0x151c  [ 2B98DFC181823C8D8AA39C4CC577DE3E, DAFF7CE8868299AF5EFA844C2E1F84B7EE7E498B1AFF16965CE41C2E75B2F4E4 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:47:25.0228 0x151c  ws2ifsl - ok
09:47:25.0315 0x151c  [ E2BDC4D8D6090ED797FBD39FC097576F, 2BE313764D9830C9B4072A2CF98B4895A66BD83200A350D7ED7C8764AB2316D7 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:47:25.0326 0x151c  wscsvc - ok
09:47:25.0329 0x151c  WSearch - ok
09:47:25.0420 0x151c  [ 13CB7BF9A43F3EEAFDE423D324777165, 9FB27366BD0615D9A9CEC79DC676300C6AF32B7A8CE4CAFB5561586C23BA7125 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:47:25.0534 0x151c  wuauserv - ok
09:47:25.0585 0x151c  [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:47:25.0596 0x151c  WudfPf - ok
09:47:25.0618 0x151c  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
09:47:25.0753 0x151c  WUDFRd - ok
09:47:25.0767 0x151c  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
09:47:25.0786 0x151c  WUDFWpdFs - ok
09:47:25.0792 0x151c  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
09:47:25.0804 0x151c  WUDFWpdMtp - ok
09:47:25.0852 0x151c  [ C708E9C8D065490B34AE425B136029C6, 49571062489C83A0CB6C690595B51FF65CC763C9C337E8574BBBFC657FAC58FE ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:47:25.0996 0x151c  WwanSvc - ok
09:47:26.0042 0x151c  [ 5C7422C70CBD981C38D282EA264CF939, CCE1584461A6683515A766CA6061FBC53A03314328221761204E3ABBD398FCCF ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
09:47:26.0249 0x151c  XblAuthManager - ok
09:47:26.0376 0x151c  [ C9E2CB63271BA466EA761AA43AB075C7, 0A83D06D8DB0915E73E78CFC4ABE4A03909E5210A190A05CF6BF9FD54C3F9F9A ] XblGameSave     C:\Windows\System32\XblGameSave.dll
09:47:26.0416 0x151c  XblGameSave - ok
09:47:26.0542 0x151c  [ 552245E5B887693C606DCE882C8CC277, 3975C83BABD46051B43ECD28800BC4E6341307BD242A21EC23164BB8EDCF7FF8 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
09:47:26.0573 0x151c  xboxgip - ok
09:47:26.0599 0x151c  [ 4107565488585C924FEEE766F0EB6193, 87BA1A8CB0D3053B30426045CC126A1E0EBC968C2A266B3AF057B286CB12D9B5 ] XboxGipSvc      C:\Windows\System32\XboxGipSvc.dll
09:47:26.0609 0x151c  XboxGipSvc - ok
09:47:26.0799 0x151c  [ C324785371C549C9BD5C8A9C62C6B733, 3427DE5D89748BDF27533FF277A693200FA6E57AD9BEA075657774C0F23B78DE ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
09:47:26.0936 0x151c  XboxNetApiSvc - ok
09:47:26.0940 0x151c  [ 3951AE4A293847A96EB1DB451842CDC5, 5980BBBD0E7A19302806FA1941A3E178288C42C8C80B8A9EA5970E09005097D6 ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
09:47:26.0970 0x151c  xinputhid - ok
09:47:26.0980 0x151c  ================ Scan global ===============================
09:47:27.0352 0x151c  [ 522F9EFF8C957F906154B91A8DA698AE, FCB686BB58782506BA6A8C4F924B0872608249091C8FF9DD7129D0146ACC2BFE ] C:\Windows\system32\basesrv.dll
09:47:27.0396 0x151c  [ 19979E1729CFA0E56EB4CCCB198DFD05, 7F2A683F28877562409D810946DDCA2F069715CDFB249602251DFA50065FFF7A ] C:\Windows\system32\winsrv.dll
09:47:27.0429 0x151c  [ 1985068B049D1FFBB8D3F837393DF81F, B99151A18AAA83C0D6931245E6DA250346F1A61B0F8F058123E47D9BC5C12BE8 ] C:\Windows\system32\sxssrv.dll
09:47:27.0564 0x151c  [ C9998B1FBD08EC9E2F2914BA7718F297, 41E785FF78C698C860BE93F6F1F0A2369F8932D186D7D5E5BF97C0AF4C6C466C ] C:\Windows\system32\services.exe
09:47:27.0638 0x151c  [ Global ] - ok
09:47:27.0639 0x151c  ================ Scan MBR ==================================
09:47:27.0644 0x151c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:47:28.0054 0x151c  \Device\Harddisk0\DR0 - ok
09:47:28.0100 0x151c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:47:30.0434 0x151c  \Device\Harddisk1\DR1 - ok
09:47:30.0435 0x151c  ================ Scan VBR ==================================
09:47:30.0440 0x151c  [ 510E77BDE8EC4D5C9C47A955F1E81A79 ] \Device\Harddisk0\DR0\Partition1
09:47:30.0441 0x151c  \Device\Harddisk0\DR0\Partition1 - ok
09:47:30.0442 0x151c  [ 71AA64AFEE0BD3C6D5E087F6C55AC6D6 ] \Device\Harddisk0\DR0\Partition2
09:47:30.0443 0x151c  \Device\Harddisk0\DR0\Partition2 - ok
09:47:30.0481 0x151c  [ B65B28FA4BBF9BF41A05C68AD27E127F ] \Device\Harddisk1\DR1\Partition1
09:47:30.0484 0x151c  \Device\Harddisk1\DR1\Partition1 - ok
09:47:30.0484 0x151c  ================ Scan active images ========================
09:47:30.0484 0x151c  ================ Scan generic autorun ======================
09:47:30.0556 0x151c  [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\Windows\system32\SecurityHealthSystray.exe
09:47:30.0597 0x151c  SecurityHealth - ok
09:47:30.0684 0x151c  [ E321D883A0A53C9982A12D29DCBF4BB3, C80048018BBFC4970B30521B4323F5481E4BF1BE3E26BFA6B6FAB1225AB2C118 ] C:\Program Files (x86)\TightVNC\tvnserver.exe
09:47:30.0703 0x151c  tvncontrol - ok
09:47:33.0895 0x151c  OneDriveSetup - ok
09:47:33.0899 0x151c  OneDriveSetup - ok
09:47:34.0266 0x151c  [ CF1A1B2A6F227D5B06AB0B3C8B88618B, 1FD250A499B2912B1ACEC31A03CAA32F1B328F2861E1383E94F23386F724FB36 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:47:34.0292 0x151c  OneDrive - ok
09:47:34.0610 0x151c  [ 46A55F771AD7B009EDFD4FC99C531E07, 3E10A62AC842A6FC61184D9A26F6A19FBD36855038F3B818FB17ABB1025F4002 ] C:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
09:47:34.0736 0x151c  Opera Browser Assistant - ok
09:47:34.0961 0x151c  [ D06B5EC801DBC7B3781B5BBB1368377F, C895264B5052C57B37D4E685499E2BA86A85080412D3795AC1AA1673F0DF177C ] C:\Users\Admin\AppData\Roaming\uTorrent Web\utweb.exe
09:47:35.0189 0x151c  utweb - detected UnsignedFile.Multi.Generic ( 1 )
09:47:35.0384 0x151c  Detect skipped due to KSN trusted
09:47:35.0384 0x151c  utweb - ok
09:47:35.0566 0x151c  [ 7F5925F0E326791EF1F0F5177CDF0CD1, FF55EC893D969F3CB537C73DABAD9BEE373439715E1DB14F2F86F4B03AC2C304 ] C:\Program Files (x86)\Supercopier\SuperCopier4.exe
09:47:35.0649 0x151c  Supercopier4.exe - detected UnsignedFile.Multi.Generic ( 1 )
09:47:35.0798 0x151c  Detect skipped due to KSN trusted
09:47:35.0798 0x151c  Supercopier4.exe - ok
09:47:36.0233 0x151c  [ 1529C1D0F3058F84416656C798D53DE7, CFA42FCC5FF0F026CF62AC74C39B2C54895BA23C971D70520CFA0CB4C58218B0 ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
09:47:36.0389 0x151c  IDMan - detected UnsignedFile.Multi.Generic ( 1 )
09:47:36.0533 0x151c  Detect skipped due to KSN trusted
09:47:36.0533 0x151c  IDMan - ok
09:47:36.0534 0x151c  Waiting for KSN requests completion. In queue: 2
09:47:37.0806 0x151c  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x60100 ( disabled : updated )
09:47:37.0819 0x151c  Win FW state via NFP2: enabled ( trusted )
09:47:38.0136 0x151c  ============================================================
09:47:38.0136 0x151c  Scan finished
09:47:38.0136 0x151c  ============================================================
09:47:38.0141 0x0a9c  Detected object count: 0
09:47:38.0141 0x0a9c  Actual detected object count: 0
09:47:42.0896 0x2318  Deinitialize success

Arcanine · 9 Febrero, 2021 03:05

Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 8/2/21
Hora del análisis: 2:25
Archivo de registro: 42001326-69e7-11eb-a498-e0d55e8bc5ca.json

-Información del software-
Versión: 4.3.0.98
Versión de los componentes: 1.0.1157
Versión del paquete de actualización: 1.0.36823
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19041.450)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 308360
Amenazas detectadas: 5
Amenazas en cuarentena: 5
Tiempo transcurrido: 14 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 2
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, En cuarentena, 13146, 676881, 1.0.36823, , ame, , , 
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, En cuarentena, 13146, 676881, 1.0.36823, , ame, , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
PUP.Optional.BundleInstaller, C:\USERS\ADMIN\DOWNLOADS\ATUBE_CATCHER.EXE, En cuarentena, 150, 826880, 1.0.36823, , ame, , 062CBB666E843797AF6FE70298E558FF, FD69A6E79E0323F8F969D7C52B326DC22A2EBBF53C59FA30C176B7DD75CBA840
Generic.Trojan.Malicious.DDS, C:\USERS\ADMIN\DESKTOP\USB\AUTOCAD 2020\UNIVERSAL_AUTODESK_2020_KEYGEN_BY_XFORCE_V2.ZIP, En cuarentena, 1000002, 0, 1.0.36823, 4ECF6F254EFFA74436D1413B, dds, 01106420, C8BD3CA5CA8B370AFF761D6ABA5B729E, EE7B985ED34EB216B3960294AE6ED0B1AAD3D91412040118083A26FFD4F66F26
HackTool.Agent, C:\USERS\ADMIN\DESKTOP\USB\OPUS 2010 LICENCIA Y ACTIVADOR.RAR, En cuarentena, 55, 1570, 1.0.36823, ECE23D52B84CB5BF6EAD027B, dds, 01106420, 160819AFAD8DF8A3EBA623BE6D2100CE, 2E85547BE83D7FC26324A4846D9D878B35991AA5107111F879C52494525CA7C3

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Marr0n · 9 Febrero, 2021 20:02

Hola, buenas @Arcanine

No has ejecutado correctamente Malwarebytes. Aparte de que tampoco has enviado a cuarentena las infecciones detectadas.

Tampoco has desempeñado correctamente TDSKiller. Aparte de que tampoco has enviado a cuarentena las infecciones detectadas.

AdwareCleaner parece ser que sí. De todas formas, haz lo siguiente por favor:

EN BUSCA / ELIMINACIÓN DE MALWARE

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.

Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos y marcas todas las unidades de disco disponibles y las siguientes casillas:

Analizar objetos en memoria
Analizar configuración de inicio y registro
Analizar dentro de los archivos
Análisis en busca de rootkits

Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Descarga Adwcleaner en el escritorio.

Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
Si no encuentra nada, pulsa en Omitir Reparación.
El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
Para más información aquí te dejo su manual: Manual de Adwcleaner.

3) Descarga Ccleaner Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la Pestaña Limpiador dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Arcanine · 9 Febrero, 2021 21:40

El reporte de Adwcleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build:    01-20-2021
# Database: 2021-01-11.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-09-2021
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2428 octets] - [02/02/2021 10:05:03]
AdwCleaner[C00].txt - [2669 octets] - [02/02/2021 10:06:04]
AdwCleaner[S01].txt - [1527 octets] - [07/02/2021 18:40:20]
AdwCleaner[S02].txt - [1588 octets] - [09/02/2021 15:15:56]
AdwCleaner[S03].txt - [1649 octets] - [09/02/2021 15:23:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Pero malwarebytes nunca pudo hacer el analisis cada vez que lo intente solo se quedaba en blanco. De todas formas hice los movimientos con Adwcleaner y con Ccleaner

Marr0n · 10 Febrero, 2021 00:46

Respecto Ccleaner >> OK.

Respecto AdwCleaner >> descárgalo y ejecútalo tal como te dije. Ya que te debería de salir: 2021-01-26.1 (Cloud) en lugar de lo que te sale a ti que es: 2021-01-11.1 (Local)

Para ello asegúrate de utilizar la base de datos de la nube:

OK.

Inicia de nuevo el equipo desde el Modo Seguro – con funciones de Red, de Windows. Si no funcionasen los métodos que se explican en el anterior post, prueba estos otros. Más concretamente, primero el 3 (Seleccionando Red en lugar de Mínimo) y si no el 2 (también Red).

Una vez iniciado en este modo, realizas el Análisis Solicitado de Malwarebytes tal como te explique y traes el reporte.

P.D.: Si el quipo no te arrancase en Modo seguro (cosa que puede pasar), me lo dices e intentaremos arreglar el sistema para que arranque en Modo Seguro. Pues hay malwares que ya se encargaran de que no puedas iniciar en Modo Seguro.

Salu2.

Arcanine · 10 Febrero, 2021 02:49

Reporte de Adwcleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build:    01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-09-2021
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2428 octets] - [02/02/2021 10:05:03]
AdwCleaner[C00].txt - [2669 octets] - [02/02/2021 10:06:04]
AdwCleaner[S01].txt - [1527 octets] - [07/02/2021 18:40:20]
AdwCleaner[S02].txt - [1588 octets] - [09/02/2021 15:15:56]
AdwCleaner[S03].txt - [1649 octets] - [09/02/2021 15:23:23]
AdwCleaner[C03].txt - [1839 octets] - [09/02/2021 15:23:46]
AdwCleaner[S04].txt - [1771 octets] - [09/02/2021 19:15:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Pero el malwarebytes no quiere correr el analisis ni en modo seguro, que mas puedo hacer?

Marr0n · 10 Febrero, 2021 21:30

Hola @Arcanine

Respecto AdwCleaner >> OK, ahora sí que está bien ejecutado. He visto que lo has ejecutado muchísimas veces.

Pues muchas cosas se pueden hacer, tranquilo. Ahora te doy más instrucciones.

EN BUSCA / ELIMINACIÓN DE MALWARE

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente.

Inicia de nuevo el equipo desde el Modo Seguro – con funciones de Red, de Windows. Si no funcionasen los métodos que se explican en el anterior post, prueba estos otros. Más concretamente, primero el 3 (Seleccionando Red en lugar de Mínimo) y si no el 2 (también Red).

Una vez iniciado en este modo, empiezas haciendo todos los pasos que te pondré a continuación.

P.D.: Si el quipo no te arrancase en Modo seguro (cosa que puede pasar), me lo dices e intentaremos arreglar el sistema para que arranque en Modo Seguro. Pues hay malwares que ya se encargaran de que no puedas iniciar en Modo Seguro.

Realizas lo siguiente:

Descarga y ejecuta RKill, más concretamente debes de descargar la que está renombrada bajo el nombre de iExplore.exe. Para evitar el bloqueo de posibles malwares que pueda haber en tu equipo. Una vez que esta haya sido ejecutada, es muy importante no reiniciar el sistema hasta que te lo solicite yo o alguno de los programas de desinfección de los que estemos utilizando.

Me explico, por ejemplo: has iniciado la máquina en Modo Seguro con funciones de Red, has ejecutado Rkill y seguidamente realizas un Análisis con Malwarebytes. Este te detecta infecciones y te pide reiniciar la máquina para poder finalizar exitosamente su desinfección. Seguidamente, yo te he indicado que ejecutes por ejemplo el ESET Online Scanner, pues bien como no hemos acabado de desinfectar la máquina y estamos realizando el proceso de desinfección, y has tenido que reiniciar, ya que te lo ha pedido Malwarebytes pues debes de ejecutar nuevamente Rkill y después acto seguido el ESET ONline.

¿Me entiendes?

Si por ejemplo, incluso con Rkill, Malwarebytes AntiMalware o la herramienta que sea que te he pedido que utilices, ves que se bloquea y que al cabo de un buen rato no responde. Como por ejemplo lo que ya te ha pasado con el Malwarebytes AntiMalware, pues pasas a la siguiente y me informas de ello. Y así con todas. ¿OK? ¿Se entiende?

Realizas nuevamente el análisis que te pedí del Malwarebytes AntiMalware en:

Marr0n:

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.

Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos y marcas todas las unidades de disco disponibles y las siguientes casillas:

Analizar objetos en memoria

Analizar configuración de inicio y registro

Analizar dentro de los archivos

Análisis en busca de rootkits

Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.

Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.
Descarga Kasperky Virus Removal Tool Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y lo realizas tal y como se indica en su manual. En este caso no da reporte alguno, cuando finalice, presionas en la pestaña Report tal y como se indica en su manual y haces una captura de pantalla y la subes. ¿Como subir imágenes al Foro?

PRÓXIMA RESPUESTA

Pegas los reportes de Malwarebytes AntiMalware, Eset Online Scaner y Kasperky Virus Removal Tool (captura) y comentas como va el problema. También responde a las preguntas del apartado 1.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.