@SanMar perdon estaba desde el movil y sin querer di solucion en un de los reportes y ya no veo tu ultimo mensaje que enviaste, donde me dedcias que tenia rootkit (dicho de paso se me olvido escanear por rootkit, siempre lo hago)
Hola
Me estaba dando un error el script y para que no te de error a ti lo oculte.
Ahora estoy yo desde el móvil en un rato lo arreglo y te aviso.
Salu2
Hola @victor_TeReparoLaPC
No es un falso positivo el Sistema tiene un Rootkits.
Sigue estos pasos:
1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.
- Descarga DelFix en el escritorio de Windows.
- Clic Derecho, “Ejecutar como Administrador”.
- En la ventana principal, marca solamente la casilla “Create Registry Backup”.
- Clic en Run.
Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…
2.- Desactiva Temporalmente tu antivirus.
3.- Abre un nuevo archivo Notepad y copia y pega este contenido:
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-470037617-1738153215-1971209628-1001\...\MountPoints2: {0a80e7ee-d436-11e4-9e15-001d928483bf} - L:\setup.exe
roupPolicy: Restriction ? <==== ATTENTION
Task: {2B5404FC-E330-4390-945D-649BC660D11A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2B5404FC-E330-4390-945D-649BC660D11A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {9CE504EB-FAC5-4355-9DC4-FB692664A68A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {9CE504EB-FAC5-4355-9DC4-FB692664A68A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {A44702B2-0CCD-4924-9BA4-1B2F50BC06F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {A44702B2-0CCD-4924-9BA4-1B2F50BC06F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {A44702B2-0CCD-4924-9BA4-1B2F50BC06F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {D9498885-006B-4C1A-92CB-A391226D2E88} - System32\Tasks\{E2711D8C-B367-4A6F-A88C-1490E92BD75E} => C:\Windows\system32\pcalua.exe -a C:\Users\Mati\Downloads\WinSetupFromUSB_0-2-3.exe -d C:\Users\Mati\Downloads
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{31B4C276-2391-4127-B9EB-023319F16CC8}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{B09639EE-19D8-4AFD-B48F-9EBBB6D642FD}: [DhcpNameServer] 186.130.128.250 186.130.129.250
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-470037617-1738153215-1971209628-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-470037617-1738153215-1971209628-1001 -> ${searchCLSID} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
StartMenuInternet: FIREFOX.EXE - firefox.exe
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oggekmchebjhcebioohbjaogddbmijcc] - C:\Users\Mati\AppData\Roaming\Chrome Extensions\Pick-your-Color_v1.0.2.crx [2017-09-15]
HKLM\SYSTEM\CurrentControlSet\Services\458276B498F951AA <==== ATTENTION (Rootkit!)
S2 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 aswbdisk; no ImagePath
S3 cpuz138; \??\C:\Users\Mati\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-06-19 11:47 - 2019-06-19 11:47 - 000000000 ____D C:\Users\Mati\AppData\Local\mbamtray
2019-06-19 11:47 - 2019-06-19 11:47 - 000000000 ____D C:\Users\Mati\AppData\Local\mbam
2016-10-26 21:05 - 2018-11-02 17:00 - 000461837 _____ () C:\Users\Mati\AppData\Roaming\downloads.json
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127]
FirewallRules: [TCP Query User{A3FF1B8C-506F-4E11-BC01-DE7C6408F18D}C:1\google\chrome\application\chrome.exe] => (Allow) C:1\google\chrome\application\chrome.exe No File
FirewallRules: [UDP Query User{EC186D4D-CF14-400B-A36B-015C56243180}C:1\google\chrome\application\chrome.exe] => (Allow) C:1\google\chrome\application\chrome.exe No File
FirewallRules: [TCP Query User{3101A9A7-F2D7-4D45-91D2-41FA2DB437A6}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
FirewallRules: [UDP Query User{D826AA80-8CFB-4A53-8848-7A6B1A06BF11}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
FirewallRules: [TCP Query User{C83D3E32-0452-4F76-8CA0-BDE974177B46}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
FirewallRules: [UDP Query User{9E59507C-E4D4-47EA-ADA9-C73F3FA2137D}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
- Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
- Ejecutas Frst.exe.
- Presionas el botón Fix y aguardas a que termine.
- La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
- Lo pegas en tu próxima respuesta.
Cualquier error o cuelgue o problema que tengas no insistas, vienes y lo comentas.
El equipo ademas tiene el siguiente error:
Error: (06/19/2019 05:49:39 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: No se pudo crear el punto de restauración (proceso = C:\Users\Mati\Desktop\WIN7-7.125.307.2019\setup.exe ; descripción = Eliminado Realtek Ethernet Controller Driver; error = 0x80042308).
Revisa en el Administrador de Dispositivos si encuentras ese driver que te marque en negrita.
Nos comentas.
Salu2
Mañana luego del trabajo realizare los pasos, ya ire a dormir son las 1:20 AM, en cuanto a esto : C:\Users\Mati\Desktop\WIN7-7.125.307.2019\setup.exe ; descripción = Eliminado Realtek Ethernet Controller Driver ; error = 0x80042308). Es el driver oficial de mi tarjeta ethernet Onboard fue para intentar reinstalar el driver pero no ayudo y esa carpeta estaba en el escritotio y fue borrada. Saludos y gracias por la ayuda.
Hola:
Perfecto, esperamos el reporte 
Salu2
Hola @SanMar aca dejo el reporte del fix. El problema continua. 
Fix result of Farbar Recovery Scan Tool (x64) Version: 19-06-2019
Ran by Mati (20-06-2019 15:53:59) Run:1
Running from C:\Users\Mati\Desktop
Loaded Profiles: Mati (Available Profiles: Mati)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-470037617-1738153215-1971209628-1001\...\MountPoints2: {0a80e7ee-d436-11e4-9e15-001d928483bf} - L:\setup.exe
roupPolicy: Restriction ? <==== ATTENTION
Task: {2B5404FC-E330-4390-945D-649BC660D11A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2B5404FC-E330-4390-945D-649BC660D11A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {9CE504EB-FAC5-4355-9DC4-FB692664A68A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {9CE504EB-FAC5-4355-9DC4-FB692664A68A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {A44702B2-0CCD-4924-9BA4-1B2F50BC06F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {A44702B2-0CCD-4924-9BA4-1B2F50BC06F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {A44702B2-0CCD-4924-9BA4-1B2F50BC06F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {D9498885-006B-4C1A-92CB-A391226D2E88} - System32\Tasks\{E2711D8C-B367-4A6F-A88C-1490E92BD75E} => C:\Windows\system32\pcalua.exe -a C:\Users\Mati\Downloads\WinSetupFromUSB_0-2-3.exe -d C:\Users\Mati\Downloads
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{31B4C276-2391-4127-B9EB-023319F16CC8}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{B09639EE-19D8-4AFD-B48F-9EBBB6D642FD}: [DhcpNameServer] 186.130.128.250 186.130.129.250
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-470037617-1738153215-1971209628-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-470037617-1738153215-1971209628-1001 -> ${searchCLSID} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
StartMenuInternet: FIREFOX.EXE - firefox.exe
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oggekmchebjhcebioohbjaogddbmijcc] - C:\Users\Mati\AppData\Roaming\Chrome Extensions\Pick-your-Color_v1.0.2.crx [2017-09-15]
HKLM\SYSTEM\CurrentControlSet\Services\458276B498F951AA <==== ATTENTION (Rootkit!)
S2 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 aswbdisk; no ImagePath
S3 cpuz138; \??\C:\Users\Mati\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-06-19 11:47 - 2019-06-19 11:47 - 000000000 ____D C:\Users\Mati\AppData\Local\mbamtray
2019-06-19 11:47 - 2019-06-19 11:47 - 000000000 ____D C:\Users\Mati\AppData\Local\mbam
2016-10-26 21:05 - 2018-11-02 17:00 - 000461837 _____ () C:\Users\Mati\AppData\Roaming\downloads.json
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Men� de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Men� de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127]
FirewallRules: [TCP Query User{A3FF1B8C-506F-4E11-BC01-DE7C6408F18D}C:1\google\chrome\application\chrome.exe] => (Allow) C:1\google\chrome\application\chrome.exe No File
FirewallRules: [UDP Query User{EC186D4D-CF14-400B-A36B-015C56243180}C:1\google\chrome\application\chrome.exe] => (Allow) C:1\google\chrome\application\chrome.exe No File
FirewallRules: [TCP Query User{3101A9A7-F2D7-4D45-91D2-41FA2DB437A6}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
FirewallRules: [UDP Query User{D826AA80-8CFB-4A53-8848-7A6B1A06BF11}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
FirewallRules: [TCP Query User{C83D3E32-0452-4F76-8CA0-BDE974177B46}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
FirewallRules: [UDP Query User{9E59507C-E4D4-47EA-ADA9-C73F3FA2137D}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
HKU\S-1-5-21-470037617-1738153215-1971209628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a80e7ee-d436-11e4-9e15-001d928483bf} => removed successfully
HKLM\Software\Classes\CLSID\{0a80e7ee-d436-11e4-9e15-001d928483bf} => not found
roupPolicy: Restriction ? <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B5404FC-E330-4390-945D-649BC660D11A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B5404FC-E330-4390-945D-649BC660D11A}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B5404FC-E330-4390-945D-649BC660D11A}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CE504EB-FAC5-4355-9DC4-FB692664A68A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CE504EB-FAC5-4355-9DC4-FB692664A68A}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CE504EB-FAC5-4355-9DC4-FB692664A68A}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A44702B2-0CCD-4924-9BA4-1B2F50BC06F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A44702B2-0CCD-4924-9BA4-1B2F50BC06F7}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A44702B2-0CCD-4924-9BA4-1B2F50BC06F7}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A44702B2-0CCD-4924-9BA4-1B2F50BC06F7}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9498885-006B-4C1A-92CB-A391226D2E88}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9498885-006B-4C1A-92CB-A391226D2E88}" => removed successfully
C:\Windows\System32\Tasks\{E2711D8C-B367-4A6F-A88C-1490E92BD75E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E2711D8C-B367-4A6F-A88C-1490E92BD75E}" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{31B4C276-2391-4127-B9EB-023319F16CC8}\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B09639EE-19D8-4AFD-B48F-9EBBB6D642FD}\\DhcpNameServer" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\ielnksrch => not found
"HKU\S-1-5-21-470037617-1738153215-1971209628-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-470037617-1738153215-1971209628-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID} => removed successfully
HKLM\Software\Classes\CLSID\${searchCLSID} => not found
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oggekmchebjhcebioohbjaogddbmijcc => removed successfully
C:\Users\Mati\AppData\Roaming\Chrome Extensions\Pick-your-Color_v1.0.2.crx => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\458276B498F951AA <==== ATTENTION (Rootkit!) => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\MBAMService => removed successfully
MBAMService => service removed successfully
HKLM\System\CurrentControlSet\Services\andnetadb => removed successfully
andnetadb => service removed successfully
HKLM\System\CurrentControlSet\Services\AndNetDiag => removed successfully
AndNetDiag => service removed successfully
HKLM\System\CurrentControlSet\Services\ANDNetModem => removed successfully
ANDNetModem => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully
cpuz138 => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully
MBAMSwissArmy => service removed successfully
HKLM\System\CurrentControlSet\Services\usbbus => removed successfully
usbbus => service removed successfully
HKLM\System\CurrentControlSet\Services\UsbDiag => removed successfully
UsbDiag => service removed successfully
HKLM\System\CurrentControlSet\Services\USBModem => removed successfully
USBModem => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Users\Mati\AppData\Local\mbamtray => moved successfully
C:\Users\Mati\AppData\Local\mbam => moved successfully
C:\Users\Mati\AppData\Roaming\downloads.json => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully
"BVTFilter" => removed successfully
"BVTConsumer" => removed successfully
"C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Men� de aplicaciones de Chrome.lnk" => not found
"C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Men� de aplicaciones de Chrome.lnk" => not found
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully
C:\ProgramData\TEMP => ":1AAB2E68" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A3FF1B8C-506F-4E11-BC01-DE7C6408F18D}C:1\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EC186D4D-CF14-400B-A36B-015C56243180}C:1\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3101A9A7-F2D7-4D45-91D2-41FA2DB437A6}C:\program files (x86)\ares\ares.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D826AA80-8CFB-4A53-8848-7A6B1A06BF11}C:\program files (x86)\ares\ares.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C83D3E32-0452-4F76-8CA0-BDE974177B46}C:\program files (x86)\ares\ares.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E59507C-E4D4-47EA-ADA9-C73F3FA2137D}C:\program files (x86)\ares\ares.exe" => removed successfully
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local 2 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . :
Direcci¢n IPv6 . . . . . . . . . . : 2802:8000:642:f100:14a8:b439:c9e5:bad5
Direcci¢n IPv6 temporal. . . . . . : 2802:8000:642:f100:29c8:f9ac:9423:fafc
V¡nculo: direcci¢n IPv6 local. . . : fe80::14a8:b439:c9e5:bad5%19
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : fe80::e241:36ff:fe63:3c98%19
192.168.1.1
Adaptador de Ethernet Conexi¢n de rea local 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{B09639EE-19D8-4AFD-B48F-9EBBB6D642FD}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel Conexi¢n de rea local*:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{31B4C276-2391-4127-B9EB-023319F16CC8}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {508AB632-F1E5-4FC4-BF40-7CDC94BF58C7}.
Unable to cancel {7FCF11A2-8C33-4727-8D8D-B178B239062B}.
Unable to cancel {65DA741E-3B9E-4F27-A795-392A527A3E73}.
Unable to cancel {36BA1C89-C3EB-4CCC-B360-7631DA0D6AB2}.
Unable to cancel {215CA5C6-90CB-420D-A2C9-B38D178EB969}.
Unable to cancel {0FFE6098-4368-48B6-91C6-F8EA4ED5A88D}.
Unable to cancel {65B0DAF9-B248-4D05-B09C-DB369D2C3402}.
Unable to cancel {366BC974-62BF-4D0F-BC5B-C854546F8463}.
0 out of 8 jobs canceled.
========= End of CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-470037617-1738153215-1971209628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-470037617-1738153215-1971209628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11511464 B
Java, Flash, Steam htmlcache => 1252 B
Windows/system/drivers => 8981809 B
Edge => 0 B
Chrome => 11805848 B
Firefox => 7912152 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 9983036 B
LocalService => 0 B
NetworkService => 231593025 B
Mati => 18330876 B
RecycleBin => 223708858 B
EmptyTemp: => 507.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:54:44 ====Hola @victor_TeReparoLaPC
Lo imaginaba, ademas el Rootkit sigue allí.
1.- Descarga, instala y ejecuta de acuerdo a su Manual TDSKiller.
2.- Luego de reiniciar descarga FSS.exe a tu escritorio.
Ejecuta FSS.exe (Presiona clic derecho y seleccionas Ejecutar como administrador)
Marca todas las opciones:
- Internet Services.
- Windows Firewall
- System Restore.
- Security Center/Action Center.
- Windows Update.
- Windows Defender.
Presiona el botón Scan y esperá a que termine su trabajo.
Se abrirá un Bloc de notas. Copia y pega el contenido en tu próxima respuesta.
Esperamos ambos reportes.
Salu2.
El problema continua
16:53:08.0907 0x07fc TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
16:53:13.0485 0x07fc ============================================================
16:53:13.0485 0x07fc Current date / time: 2019/06/20 16:53:13.0485
16:53:13.0485 0x07fc SystemInfo:
16:53:13.0485 0x07fc
16:53:13.0485 0x07fc OS Version: 6.1.7601 ServicePack: 1.0
16:53:13.0485 0x07fc Product type: Workstation
16:53:13.0485 0x07fc ComputerName: MATI-PC
16:53:13.0485 0x07fc UserName: Mati
16:53:13.0485 0x07fc Windows directory: C:\Windows
16:53:13.0485 0x07fc System windows directory: C:\Windows
16:53:13.0485 0x07fc Running under WOW64
16:53:13.0485 0x07fc Processor architecture: Intel x64
16:53:13.0485 0x07fc Number of processors: 4
16:53:13.0485 0x07fc Page size: 0x1000
16:53:13.0485 0x07fc Boot type: Normal boot
16:53:13.0485 0x07fc CodeIntegrityOptions = 0x00000001
16:53:13.0485 0x07fc ============================================================
16:53:15.0188 0x07fc KLMD registered as C:\Windows\system32\drivers\22267614.sys
16:53:15.0188 0x07fc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.24150, osProperties = 0x1
16:53:15.0375 0x07fc System UUID: {2DBD5F72-AF29-BFAE-C971-0609320C6D0A}
16:53:15.0579 0x07fc Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:19.0860 0x07fc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x7E2CB, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000040
16:53:19.0875 0x07fc ============================================================
16:53:19.0875 0x07fc \Device\Harddisk1\DR1:
16:53:19.0875 0x07fc MBR partitions:
16:53:19.0875 0x07fc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:53:19.0875 0x07fc \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xBF74000
16:53:19.0875 0x07fc \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xBFA6800, BlocksNum 0x19487800
16:53:19.0875 0x07fc \Device\Harddisk0\DR0:
16:53:19.0875 0x07fc MBR partitions:
16:53:19.0875 0x07fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:53:19.0875 0x07fc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x80B6000
16:53:19.0875 0x07fc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x80E8B5E, BlocksNum 0x188A025B
16:53:19.0875 0x07fc \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x20988DB9, BlocksNum 0x199FBE88
16:53:19.0875 0x07fc ============================================================
16:53:19.0891 0x07fc C: <-> \Device\Harddisk1\DR1\Partition2
16:53:19.0922 0x07fc D: <-> \Device\Harddisk1\DR1\Partition3
16:53:19.0954 0x07fc F: <-> \Device\Harddisk1\DR1\Partition1
16:53:19.0969 0x07fc G: <-> \Device\Harddisk0\DR0\Partition2
16:53:20.0000 0x07fc H: <-> \Device\Harddisk0\DR0\Partition3
16:53:20.0032 0x07fc I: <-> \Device\Harddisk0\DR0\Partition4
16:53:20.0047 0x07fc E: <-> \Device\Harddisk0\DR0\Partition1
16:53:20.0047 0x07fc ============================================================
16:53:20.0047 0x07fc Initialize success
16:53:20.0047 0x07fc ============================================================
16:58:12.0612 0x0e1c ============================================================
16:58:12.0612 0x0e1c Scan started
16:58:12.0612 0x0e1c Mode: Manual;
16:58:12.0612 0x0e1c ============================================================
16:58:12.0612 0x0e1c KSN ping started
16:58:12.0893 0x0e1c KSN ping finished: true
16:58:13.0534 0x0e1c ================ Scan BIOS =================================
16:58:13.0534 0x0e1c BIOS info: vendor = American Megatrends Inc., version = V1.12, releaseDate = 12/30/2009
16:58:13.0534 0x0e1c Base board info: manufacturer = MICRO-STAR INTERNATIONAL CO.,LTD, product = P35 Platinum(MS-7345), version = 1.0
16:58:14.0643 0x0e1c [ 65F1156F4F53F236C874100A45D86D42, CCD03F2E50A8DE70F7C7A2858E260CF1A2F0BBB8833305C77E40FCDA53D9B9B7 ] BIOS
16:58:14.0643 0x0e1c BIOS - ok
16:58:14.0643 0x0e1c ================ Scan system memory ========================
16:58:14.0643 0x0e1c System memory - ok
16:58:14.0643 0x0e1c ================ Scan services =============================
16:58:14.0784 0x0e1c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:58:14.0784 0x0e1c 1394ohci - ok
16:58:14.0846 0x0e1c [ BDFA7A13CC73B180BBDF1ABA280E1CF7, BF97E7DF4CF526BF37408CFE30106981842F20769FA949B8EFDBE37306BF929A ] 1634E677 C:\Windows\system32\drivers\1634E677.sys
16:58:14.0862 0x0e1c 1634E677 - ok
16:58:14.0940 0x0e1c [ DCA5495CA17AEB2F4FD8AC60812C3999, 20A3FC0349294584C340C76D674EE5CA37BA69C886DDA6886CBCCFA437A51BD8 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:58:14.0956 0x0e1c ACPI - ok
16:58:14.0971 0x0e1c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:58:14.0971 0x0e1c AcpiPmi - ok
16:58:15.0096 0x0e1c [ 696A8431DD22EDE385D7AB84E0EAF4C9, E5892B346904C7A392A0B1C8F4C9066BC535A2C70307123C8E1F2157353333F0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:58:15.0112 0x0e1c AdobeARMservice - ok
16:58:15.0237 0x0e1c [ 13521A1D38F1BECD6CC8086CFFC0C5EF, 2993A0088310F17643E58CB7DDBABB757450819B44AF92B78B5AA6CE681E97A2 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:58:15.0252 0x0e1c AdobeFlashPlayerUpdateSvc - ok
16:58:15.0299 0x0e1c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:58:15.0315 0x0e1c adp94xx - ok
16:58:15.0346 0x0e1c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:58:15.0362 0x0e1c adpahci - ok
16:58:15.0377 0x0e1c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:58:15.0377 0x0e1c adpu320 - ok
16:58:15.0409 0x0e1c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:58:15.0424 0x0e1c AeLookupSvc - ok
16:58:15.0502 0x0e1c [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
16:58:15.0518 0x0e1c AFD - ok
16:58:15.0549 0x0e1c [ 466BF4170DC41BB939F1F9AB8F97F8F5, 603BF9DA00AABF2CC9FA89865EBCF0CDAADB77D147D0B9FC30480DA7D8215C61 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:58:15.0549 0x0e1c agp440 - ok
16:58:15.0581 0x0e1c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:58:15.0581 0x0e1c ALG - ok
16:58:15.0596 0x0e1c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:58:15.0596 0x0e1c aliide - ok
16:58:15.0612 0x0e1c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:58:15.0627 0x0e1c amdide - ok
16:58:15.0627 0x0e1c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:58:15.0643 0x0e1c AmdK8 - ok
16:58:15.0643 0x0e1c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:58:15.0643 0x0e1c AmdPPM - ok
16:58:15.0659 0x0e1c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:58:15.0659 0x0e1c amdsata - ok
16:58:15.0690 0x0e1c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:58:15.0690 0x0e1c amdsbs - ok
16:58:15.0706 0x0e1c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:58:15.0706 0x0e1c amdxata - ok
16:58:15.0737 0x0e1c [ 204EEBF8D67B5C16F9AEB5174A8CEB90, C8F22829239CD7FE010AB577F9D41B39BFD61224B5AC510FF6D67F4A978A93F7 ] AppID C:\Windows\system32\drivers\appid.sys
16:58:15.0737 0x0e1c AppID - ok
16:58:15.0752 0x0e1c [ 53396A117500B9EE8D9E35B55F1870DF, A9B3AC8C0052A782EF9DA1F7FC8E6996D013137CBDEAB37EC3969F350B4F01E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:58:15.0752 0x0e1c AppIDSvc - ok
16:58:15.0784 0x0e1c [ D92C0D871FBA258CBF2126EABFE31447, 62E2C3CF0E3BB6A4C6AC101333728E447960B182C11F7B1900CA5C6E4B46D02C ] Appinfo C:\Windows\System32\appinfo.dll
16:58:15.0784 0x0e1c Appinfo - ok
16:58:15.0831 0x0e1c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:58:15.0831 0x0e1c AppMgmt - ok
16:58:15.0846 0x0e1c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:58:15.0862 0x0e1c arc - ok
16:58:15.0862 0x0e1c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:58:15.0877 0x0e1c arcsas - ok
16:58:15.0971 0x0e1c [ 2BE5C30079D9D06D756BBF0B8C4CC33F, 3C06F950ADE76519DF438322900416D66E5801003721FA8EB9DDD37EBF6CA218 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:58:15.0987 0x0e1c aspnet_state - ok
16:58:16.0034 0x0e1c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:58:16.0034 0x0e1c AsyncMac - ok
16:58:16.0049 0x0e1c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:58:16.0049 0x0e1c atapi - ok
16:58:16.0112 0x0e1c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:58:16.0143 0x0e1c AudioEndpointBuilder - ok
16:58:16.0159 0x0e1c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:58:16.0159 0x0e1c AudioSrv - ok
16:58:16.0190 0x0e1c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:58:16.0190 0x0e1c AxInstSV - ok
16:58:16.0221 0x0e1c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:58:16.0237 0x0e1c b06bdrv - ok
16:58:16.0284 0x0e1c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:58:16.0284 0x0e1c b57nd60a - ok
16:58:16.0299 0x0e1c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:58:16.0299 0x0e1c BDESVC - ok
16:58:16.0331 0x0e1c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:58:16.0331 0x0e1c Beep - ok
16:58:16.0393 0x0e1c [ E3ED6C06462FDDE33100F7E45E8F5213, 71AA528F8912106FDAD83175A7529CF94B5B19093D2C63C25FAC198587286F87 ] BFE C:\Windows\System32\bfe.dll
16:58:16.0409 0x0e1c BFE - ok
16:58:16.0471 0x0e1c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:58:16.0502 0x0e1c BITS - ok
16:58:16.0534 0x0e1c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:58:16.0534 0x0e1c blbdrive - ok
16:58:16.0581 0x0e1c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:58:16.0581 0x0e1c bowser - ok
16:58:16.0596 0x0e1c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:58:16.0596 0x0e1c BrFiltLo - ok
16:58:16.0612 0x0e1c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:58:16.0612 0x0e1c BrFiltUp - ok
16:58:16.0643 0x0e1c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:58:16.0659 0x0e1c Browser - ok
16:58:16.0674 0x0e1c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:58:16.0690 0x0e1c Brserid - ok
16:58:16.0737 0x0e1c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:58:16.0737 0x0e1c BrSerWdm - ok
16:58:16.0752 0x0e1c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:58:16.0752 0x0e1c BrUsbMdm - ok
16:58:16.0768 0x0e1c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:58:16.0768 0x0e1c BrUsbSer - ok
16:58:16.0768 0x0e1c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:58:16.0784 0x0e1c BTHMODEM - ok
16:58:16.0799 0x0e1c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:58:16.0799 0x0e1c bthserv - ok
16:58:16.0846 0x0e1c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:58:16.0846 0x0e1c cdfs - ok
16:58:16.0877 0x0e1c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:58:16.0877 0x0e1c cdrom - ok
16:58:16.0893 0x0e1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:58:16.0893 0x0e1c CertPropSvc - ok
16:58:16.0909 0x0e1c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:58:16.0909 0x0e1c circlass - ok
16:58:16.0987 0x0e1c [ B5D7A0638CA817BA7D8A4DFD3499BA2A, B20EDC88A37C87456102EFFCA5EDD6DC9EFDA4B2E03DD9611C06693D1E4BC526 ] CLFS C:\Windows\system32\CLFS.sys
16:58:17.0018 0x0e1c CLFS - ok
16:58:17.0065 0x0e1c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:58:17.0065 0x0e1c clr_optimization_v2.0.50727_32 - ok
16:58:17.0127 0x0e1c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:58:17.0143 0x0e1c clr_optimization_v2.0.50727_64 - ok
16:58:17.0190 0x0e1c [ E92174C5B9610D580C6BAAE75A4DB9C8, 03049649E81BDABBCF1F9A544C064B5ECFF2CB31CD5C8DB41FC598078B906936 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:58:17.0190 0x0e1c clr_optimization_v4.0.30319_32 - ok
16:58:17.0206 0x0e1c [ 578F1BA9228FA9C270B1A4DDCC77EB2F, A1057FC68625811E785B11B04E4EA7EE4F3EC805F72FC62D02BAEB5D5BFD2428 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:58:17.0206 0x0e1c clr_optimization_v4.0.30319_64 - ok
16:58:17.0237 0x0e1c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:58:17.0237 0x0e1c CmBatt - ok
16:58:17.0237 0x0e1c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:58:17.0237 0x0e1c cmdide - ok
16:58:17.0315 0x0e1c [ 9DE8D00626F01DBD1879A6655D7A752D, 7624FEAEC4FBB2FAC484DA295FB748136BB331032FC58B426A45802F55F5C24D ] CNG C:\Windows\system32\Drivers\cng.sys
16:58:17.0331 0x0e1c CNG - ok
16:58:17.0362 0x0e1c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:58:17.0362 0x0e1c Compbatt - ok
16:58:17.0377 0x0e1c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:58:17.0393 0x0e1c CompositeBus - ok
16:58:17.0393 0x0e1c COMSysApp - ok
16:58:17.0409 0x0e1c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:58:17.0409 0x0e1c crcdisk - ok
16:58:17.0440 0x0e1c [ EC0550300E899BD69BDB5937E684D348, 982E5FB213F6DE07F061D4FE201CA69D99572398ED41C953E0B3358C3FD9EBF6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:58:17.0440 0x0e1c CryptSvc - ok
16:58:17.0487 0x0e1c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:58:17.0502 0x0e1c CSC - ok
16:58:17.0534 0x0e1c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:58:17.0565 0x0e1c CscService - ok
16:58:17.0581 0x0e1c [ 4CE2D42E24914EE91BFFCD8D8485A1BB, 64A005A2B56CDEB00F43B56040DEB7E5995909E9E11AFB4535895A2C3F0A4648 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:58:17.0596 0x0e1c DcomLaunch - ok
16:58:17.0627 0x0e1c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:58:17.0627 0x0e1c defragsvc - ok
16:58:17.0659 0x0e1c [ 7D2D2284833760A82308CF09F7618E8B, A78F9369D4614D305D2F8E3CD2C697107781DD83A695022A192B2D8E1E21A05D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:58:17.0659 0x0e1c DfsC - ok
16:58:17.0721 0x0e1c [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:58:17.0721 0x0e1c dg_ssudbus - ok
16:58:17.0737 0x0e1c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:58:17.0752 0x0e1c Dhcp - ok
16:58:17.0846 0x0e1c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
16:58:17.0893 0x0e1c DiagTrack - ok
16:58:17.0924 0x0e1c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:58:17.0924 0x0e1c discache - ok
16:58:17.0940 0x0e1c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:58:17.0940 0x0e1c Disk - ok
16:58:17.0956 0x0e1c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:58:17.0956 0x0e1c dmvsc - ok
16:58:18.0002 0x0e1c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:58:18.0002 0x0e1c Dnscache - ok
16:58:18.0018 0x0e1c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:58:18.0034 0x0e1c dot3svc - ok
16:58:18.0049 0x0e1c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:58:18.0049 0x0e1c DPS - ok
16:58:18.0081 0x0e1c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:58:18.0081 0x0e1c drmkaud - ok
16:58:18.0159 0x0e1c [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:58:18.0190 0x0e1c DXGKrnl - ok
16:58:18.0206 0x0e1c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:58:18.0206 0x0e1c EapHost - ok
16:58:18.0315 0x0e1c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:58:18.0409 0x0e1c ebdrv - ok
16:58:18.0456 0x0e1c [ 979C12C081DFF8BFE24EEA2D68234BDA, A1358D520BBD2192AA8DBA09104D93462CDAE6A44A883CCDD8E215D732BA8A7F ] EFS C:\Windows\System32\lsass.exe
16:58:18.0456 0x0e1c EFS - ok
16:58:18.0502 0x0e1c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:58:18.0534 0x0e1c ehRecvr - ok
16:58:18.0534 0x0e1c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:58:18.0549 0x0e1c ehSched - ok
16:58:18.0596 0x0e1c [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
16:58:18.0596 0x0e1c ElbyCDIO - ok
16:58:18.0643 0x0e1c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:58:18.0659 0x0e1c elxstor - ok
16:58:18.0752 0x0e1c [ CE6854918FE6CD63C9F374FAB1D20BA7, EF582F9AF1DF041043472AD9EC1017AD7ED23AA0F5C43D28F7D258AB7318246A ] EpsonCustomerResearchParticipation C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
16:58:18.0784 0x0e1c EpsonCustomerResearchParticipation - ok
16:58:18.0831 0x0e1c [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
16:58:18.0831 0x0e1c EpsonScanSvc - ok
16:58:18.0909 0x0e1c [ 194E8100D57FC13BEF88129BAAD07E46, 745D24ADD99ED182FCCA30C6B85167484B74D3EFD631AF92AA57AAD73F474631 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
16:58:18.0909 0x0e1c EPSON_PM_RPCV4_04 - ok
16:58:18.0940 0x0e1c [ 9002EED07FD7FCFF6B8C5C06B454AC19, 0FCEF7D930316FF267841009DF83F29A7D9CD6ED710128F493EC15EC99D9ACD6 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:58:18.0940 0x0e1c ErrDev - ok
16:58:18.0987 0x0e1c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:58:19.0002 0x0e1c EventSystem - ok
16:58:19.0049 0x0e1c [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
16:58:19.0065 0x0e1c exfat - ok
16:58:19.0096 0x0e1c [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:58:19.0096 0x0e1c fastfat - ok
16:58:19.0127 0x0e1c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:58:19.0143 0x0e1c Fax - ok
16:58:19.0174 0x0e1c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:58:19.0174 0x0e1c fdc - ok
16:58:19.0190 0x0e1c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:58:19.0190 0x0e1c fdPHost - ok
16:58:19.0206 0x0e1c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:58:19.0206 0x0e1c FDResPub - ok
16:58:19.0237 0x0e1c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:58:19.0237 0x0e1c FileInfo - ok
16:58:19.0252 0x0e1c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:58:19.0252 0x0e1c Filetrace - ok
16:58:19.0268 0x0e1c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:58:19.0268 0x0e1c flpydisk - ok
16:58:19.0315 0x0e1c [ DC591A7A196E99EFB5A48D708CB989FD, 1C34C0A4AEEE977D290EF5E79C3B13B1F1F18E051F49815013D360F62458D82A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:58:19.0331 0x0e1c FltMgr - ok
16:58:19.0471 0x0e1c [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll
16:58:19.0518 0x0e1c FontCache - ok
16:58:19.0565 0x0e1c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:58:19.0565 0x0e1c FontCache3.0.0.0 - ok
16:58:19.0581 0x0e1c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:58:19.0581 0x0e1c FsDepends - ok
16:58:19.0612 0x0e1c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:58:19.0612 0x0e1c Fs_Rec - ok
16:58:19.0643 0x0e1c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:58:19.0643 0x0e1c fvevol - ok
16:58:19.0659 0x0e1c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:58:19.0659 0x0e1c gagp30kx - ok
16:58:19.0815 0x0e1c [ C92C54CBF0D83A0BC4A4B5CC84781319, 643C0D5017DF758D3AA128CB104FBB4B6F1C3A1EF1FDD672792C0D2502E2BA0A ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
16:58:19.0846 0x0e1c Garmin Device Interaction Service - ok
16:58:19.0909 0x0e1c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
16:58:19.0940 0x0e1c gpsvc - ok
16:58:19.0987 0x0e1c [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
16:58:19.0987 0x0e1c grmnusb - ok
16:58:20.0065 0x0e1c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:58:20.0065 0x0e1c gupdate - ok
16:58:20.0065 0x0e1c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:58:20.0065 0x0e1c gupdatem - ok
16:58:20.0096 0x0e1c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:58:20.0096 0x0e1c hcw85cir - ok
16:58:20.0127 0x0e1c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:58:20.0143 0x0e1c HdAudAddService - ok
16:58:20.0190 0x0e1c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:58:20.0190 0x0e1c HDAudBus - ok
16:58:20.0206 0x0e1c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:58:20.0206 0x0e1c HidBatt - ok
16:58:20.0221 0x0e1c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:58:20.0221 0x0e1c HidBth - ok
16:58:20.0237 0x0e1c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:58:20.0237 0x0e1c HidIr - ok
16:58:20.0268 0x0e1c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:58:20.0268 0x0e1c hidserv - ok
16:58:20.0299 0x0e1c [ 90D91013D16A15B22A4B4EB6D4140A5B, A13B013AB5F1839304699A8130A5DF8B4F76657E4132BF7EAFAEADBFFE3AB490 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:58:20.0299 0x0e1c HidUsb - ok
16:58:20.0315 0x0e1c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:58:20.0315 0x0e1c hkmsvc - ok
16:58:20.0346 0x0e1c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:58:20.0362 0x0e1c HomeGroupListener - ok
16:58:20.0393 0x0e1c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:58:20.0393 0x0e1c HomeGroupProvider - ok
16:58:20.0409 0x0e1c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:58:20.0424 0x0e1c HpSAMD - ok
16:58:20.0502 0x0e1c [ 93C367EA831FB39DEE3BA96539A187FB, 8B912152CA8B89B4429278F93163481BAA07E2D940EE61CE1B7AD178AB13E105 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:58:20.0518 0x0e1c HTTP - ok
16:58:20.0534 0x0e1c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:58:20.0534 0x0e1c hwpolicy - ok
16:58:20.0581 0x0e1c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:58:20.0581 0x0e1c i8042prt - ok
16:58:20.0612 0x0e1c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:58:20.0627 0x0e1c iaStorV - ok
16:58:20.0706 0x0e1c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:58:20.0737 0x0e1c idsvc - ok
16:58:20.0737 0x0e1c IEEtwCollectorService - ok
16:58:20.0752 0x0e1c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:58:20.0752 0x0e1c iirsp - ok
16:58:20.0815 0x0e1c [ 25AF7D5C819F19D7C97F4A9607F2609A, 70142B97F1087E20758AFECF5A7AB2EC1FDBBF68019A3BEC6C49F168650FEFC8 ] IKEEXT C:\Windows\System32\ikeext.dll
16:58:20.0846 0x0e1c IKEEXT - ok
16:58:20.0987 0x0e1c [ CC2521C1BE66E922196431B77F765178, 07106F575F715F761E01D3788053CBA6E53DD8390CE79BD4F6FC2BCDDC34C982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:58:21.0034 0x0e1c IntcAzAudAddService - ok
16:58:21.0065 0x0e1c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:58:21.0065 0x0e1c intelide - ok
16:58:21.0081 0x0e1c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:58:21.0081 0x0e1c intelppm - ok
16:58:21.0096 0x0e1c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:58:21.0112 0x0e1c IPBusEnum - ok
16:58:21.0127 0x0e1c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:58:21.0127 0x0e1c IpFilterDriver - ok
16:58:21.0159 0x0e1c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:58:21.0174 0x0e1c iphlpsvc - ok
16:58:21.0190 0x0e1c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:58:21.0190 0x0e1c IPMIDRV - ok
16:58:21.0206 0x0e1c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:58:21.0206 0x0e1c IPNAT - ok
16:58:21.0284 0x0e1c [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:58:21.0299 0x0e1c iPod Service - ok
16:58:21.0315 0x0e1c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:58:21.0315 0x0e1c IRENUM - ok
16:58:21.0331 0x0e1c [ 905E9D664F38B93B53FA05422165F5B5, 5B0D8869C73836378C234FAA407DE047F5F638D3E872B246A1AC74BE44BBD7DD ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:58:21.0331 0x0e1c isapnp - ok
16:58:21.0362 0x0e1c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:58:21.0377 0x0e1c iScsiPrt - ok
16:58:21.0393 0x0e1c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:58:21.0409 0x0e1c kbdclass - ok
16:58:21.0409 0x0e1c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:58:21.0409 0x0e1c kbdhid - ok
16:58:21.0424 0x0e1c [ 979C12C081DFF8BFE24EEA2D68234BDA, A1358D520BBD2192AA8DBA09104D93462CDAE6A44A883CCDD8E215D732BA8A7F ] KeyIso C:\Windows\system32\lsass.exe
16:58:21.0424 0x0e1c KeyIso - ok
16:58:21.0471 0x0e1c [ 248B268241DB33B677FB0D50CE52A7F7, F6B2064890D0446FCB4FC0C09D7ECBB5FA3061738BF1E6F09BE1E4E7104BEDF7 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:58:21.0471 0x0e1c KSecDD - ok
16:58:21.0518 0x0e1c [ 755895D37F128F9AE3F408B20630EDC3, 64344D12C70FB8EB3B92B0AAB097E5BFA211DF71AB38897A88378764C6D9F37F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:58:21.0518 0x0e1c KSecPkg - ok
16:58:21.0534 0x0e1c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:58:21.0534 0x0e1c ksthunk - ok
16:58:21.0565 0x0e1c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:58:21.0596 0x0e1c KtmRm - ok
16:58:21.0643 0x0e1c [ E65118228501478C4630BC96F2E1C876, FF2346ED4B097D9D58D558F4A8A854597E457F37C12984160D22E0F5B2F31720 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:58:21.0659 0x0e1c LanmanServer - ok
16:58:21.0690 0x0e1c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:58:21.0690 0x0e1c LanmanWorkstation - ok
16:58:21.0706 0x0e1c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:58:21.0706 0x0e1c lltdio - ok
16:58:21.0721 0x0e1c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:58:21.0752 0x0e1c lltdsvc - ok
16:58:21.0768 0x0e1c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:58:21.0768 0x0e1c lmhosts - ok
16:58:21.0784 0x0e1c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:58:21.0784 0x0e1c LSI_FC - ok
16:58:21.0799 0x0e1c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:58:21.0815 0x0e1c LSI_SAS - ok
16:58:21.0815 0x0e1c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:58:21.0815 0x0e1c LSI_SAS2 - ok
16:58:21.0831 0x0e1c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:58:21.0846 0x0e1c LSI_SCSI - ok
16:58:21.0862 0x0e1c [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv C:\Windows\system32\drivers\luafv.sys
16:58:21.0862 0x0e1c luafv - ok
16:58:21.0893 0x0e1c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:58:21.0893 0x0e1c Mcx2Svc - ok
16:58:21.0909 0x0e1c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:58:21.0909 0x0e1c megasas - ok
16:58:21.0924 0x0e1c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:58:21.0940 0x0e1c MegaSR - ok
16:58:22.0018 0x0e1c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:58:22.0018 0x0e1c Microsoft Office Groove Audit Service - ok
16:58:22.0034 0x0e1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:58:22.0034 0x0e1c MMCSS - ok
16:58:22.0065 0x0e1c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:58:22.0065 0x0e1c Modem - ok
16:58:22.0081 0x0e1c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:58:22.0081 0x0e1c monitor - ok
16:58:22.0127 0x0e1c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:58:22.0127 0x0e1c mouclass - ok
16:58:22.0127 0x0e1c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:58:22.0127 0x0e1c mouhid - ok
16:58:22.0174 0x0e1c [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:58:22.0174 0x0e1c mountmgr - ok
16:58:22.0237 0x0e1c [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:58:22.0237 0x0e1c MozillaMaintenance - ok
16:58:22.0299 0x0e1c [ 3665AB2F67F4024F5F3F80335ED5322A, BE3DC246F176E00D7611A7E16FBC22615199F49EBCB4C90B0C107294E592BF8D ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:58:22.0315 0x0e1c MpFilter - ok
16:58:22.0346 0x0e1c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:58:22.0346 0x0e1c mpio - ok
16:58:22.0393 0x0e1c [ 6D9BB8B53394B62540A3971FCE2BE8DB, C1942B2F3C6A4282FE39FCE5DCF46FA446D4F086F2F9ABDED9A4163A83A253B8 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:58:22.0393 0x0e1c mpsdrv - ok
16:58:22.0456 0x0e1c [ 92B4079384B8BE97AEE3CA8B43E0AAEB, 0AB87851F91274DDB19E21052E1D66FF76BA031D39A716EB4242BC5C0AC4ADB7 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:58:22.0487 0x0e1c MpsSvc - ok
16:58:22.0518 0x0e1c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:58:22.0518 0x0e1c MRxDAV - ok
16:58:22.0549 0x0e1c [ B07AD0FD4026F7E3A146485B728B9CAF, E6A762ECD856BB886FC833D6D359846306B5B688E0B7F91544D9422B07ED17C1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:58:22.0565 0x0e1c mrxsmb - ok
16:58:22.0581 0x0e1c [ 4D28B9613A100BC42CAA07E335AD4705, D20FDD637322C8FFA9145048249FDE618B771F5C0B9D981FDC3C4651813559AE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:58:22.0596 0x0e1c mrxsmb10 - ok
16:58:22.0627 0x0e1c [ 9E4E93DA0A2A492C8D31FCA092BE9384, D2B5F8E5C86D1C540A841B994E06BCBCD6EB08C37865172CE7215093CA28F676 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:58:22.0627 0x0e1c mrxsmb20 - ok
16:58:22.0659 0x0e1c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:58:22.0659 0x0e1c msahci - ok
16:58:22.0674 0x0e1c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:58:22.0674 0x0e1c msdsm - ok
16:58:22.0690 0x0e1c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:58:22.0706 0x0e1c MSDTC - ok
16:58:22.0721 0x0e1c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:58:22.0721 0x0e1c Msfs - ok
16:58:22.0721 0x0e1c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:58:22.0721 0x0e1c mshidkmdf - ok
16:58:22.0752 0x0e1c [ 6FE3DBEEA730A857CA3DF603B7DEADA2, CFB2F88799BD8D4D6B435C88B0B12D6E3EE83428B8EBE4C9DAACE25F03E7EABB ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:58:22.0752 0x0e1c msisadrv - ok
16:58:22.0784 0x0e1c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:58:22.0784 0x0e1c MSiSCSI - ok
16:58:22.0784 0x0e1c msiserver - ok
16:58:22.0831 0x0e1c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:58:22.0831 0x0e1c MSKSSRV - ok
16:58:22.0893 0x0e1c [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3, 6A462DAC110015F3E59610202714120C557674019A0196680B72031C50D7C474 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:58:22.0893 0x0e1c MsMpSvc - ok
16:58:22.0909 0x0e1c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:58:22.0909 0x0e1c MSPCLOCK - ok
16:58:22.0909 0x0e1c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:58:22.0909 0x0e1c MSPQM - ok
16:58:22.0956 0x0e1c [ 94275393BB85D1E2B74BFEFEC386B4A0, D1E8B2AFB5B0E0B4670887F15A4EDFF88B1C91AF052B2C687590AF05AC560C18 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:58:22.0971 0x0e1c MsRPC - ok
16:58:22.0987 0x0e1c [ 1FC0BF25FFCB9F751BCBC6C6AC577078, D48313C4A3E711F3E2AFEC87E3C78B9230A96438CEC92857F8B454E2D1602E84 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:58:22.0987 0x0e1c mssmbios - ok
16:58:23.0002 0x0e1c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:58:23.0002 0x0e1c MSTEE - ok
16:58:23.0018 0x0e1c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:58:23.0018 0x0e1c MTConfig - ok
16:58:23.0034 0x0e1c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:58:23.0034 0x0e1c Mup - ok
16:58:23.0081 0x0e1c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:58:23.0112 0x0e1c napagent - ok
16:58:23.0159 0x0e1c [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:58:23.0174 0x0e1c NativeWifiP - ok
16:58:23.0206 0x0e1c [ 261F27367EB6EA6478B940811F0A6F03, C5924B8B00E93DA9B8B1DBAA05A4D53BB1720C2FFA9B3EDA63CB20A64F59808B ] NDIS C:\Windows\system32\drivers\ndis.sys
16:58:23.0237 0x0e1c NDIS - okdebido a lo largo del repore lo posteo en 2 partes
16:58:23.0252 0x0e1c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:58:23.0252 0x0e1c NdisCap - ok
16:58:23.0284 0x0e1c [ 3F217F77899654833B650ED6A1372BE4, BB351A685D8F05E8066716F7346D28F950FB263D6C4F6957D908EA602FFF0681 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:58:23.0284 0x0e1c NdisTapi - ok
16:58:23.0299 0x0e1c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:58:23.0299 0x0e1c Ndisuio - ok
16:58:23.0315 0x0e1c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:58:23.0315 0x0e1c NdisWan - ok
16:58:23.0362 0x0e1c [ E46AF308E96F7730F59B0F250A884CD6, F5D00B950AAE1F38E295385C934FDC6C24608E65A8357317AE889947A2FE2BDC ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:58:23.0362 0x0e1c NDProxy - ok
16:58:23.0393 0x0e1c [ 3351A92971670764F014A566D1106E2B, EE93B719C5F38386A23CB81FD818EEEA7332FE5119646CE20ED4160B10F17534 ] Neo_VPN C:\Windows\system32\DRIVERS\Neo_0074.sys
16:58:23.0393 0x0e1c Neo_VPN - ok
16:58:23.0409 0x0e1c [ 2E19EB10185992AB08BC3688AACA4CE2, D9E3A5CFE8887B7F66239000116723FAA119107870A6FB65FD6F108CE5C9D9EB ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:58:23.0409 0x0e1c NetBIOS - ok
16:58:23.0471 0x0e1c [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:58:23.0487 0x0e1c NetBT - ok
16:58:23.0487 0x0e1c [ 979C12C081DFF8BFE24EEA2D68234BDA, A1358D520BBD2192AA8DBA09104D93462CDAE6A44A883CCDD8E215D732BA8A7F ] Netlogon C:\Windows\system32\lsass.exe
16:58:23.0487 0x0e1c Netlogon - ok
16:58:23.0534 0x0e1c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:58:23.0549 0x0e1c Netman - ok
16:58:23.0581 0x0e1c [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:58:23.0581 0x0e1c NetMsmqActivator - ok
16:58:23.0612 0x0e1c [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:58:23.0612 0x0e1c NetPipeActivator - ok
16:58:23.0659 0x0e1c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:58:23.0674 0x0e1c netprofm - ok
16:58:23.0674 0x0e1c [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:58:23.0690 0x0e1c NetTcpActivator - ok
16:58:23.0690 0x0e1c [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:58:23.0690 0x0e1c NetTcpPortSharing - ok
16:58:23.0706 0x0e1c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:58:23.0706 0x0e1c nfrd960 - ok
16:58:23.0737 0x0e1c [ CE5F6E635FE4506AE6F2D6EB87425128, 3DB5ECF7CD2F2C3C010AA40CE57F1B3856E284BBA359FBC41A1B340E3180FD5F ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:58:23.0737 0x0e1c NisDrv - ok
16:58:23.0784 0x0e1c [ D630B510E1E3FF6BA12B705F47F115D9, 05D76065D5D9A82E53EA18CD2D0184338681A7BBD3CD5D6C44D1FA5CB1C63640 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
16:58:23.0799 0x0e1c NisSrv - ok
16:58:23.0846 0x0e1c [ 93DEDBE8E24F31962755E6AA4AC2D7B0, 368B3F48F230514F496CE24339EC8943A87A6BB9815912AE192B73837AB3E3B7 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:58:23.0862 0x0e1c NlaSvc - ok
16:58:23.0877 0x0e1c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:58:23.0877 0x0e1c Npfs - ok
16:58:23.0909 0x0e1c [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll
16:58:23.0909 0x0e1c nsi - ok
16:58:23.0940 0x0e1c [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:58:23.0940 0x0e1c nsiproxy - ok
16:58:24.0018 0x0e1c [ 8422AFBD1C2D30FFC913309D7F1A366D, 1CE5A7945C412BC1F38852DECD7C57FE244EF0D525B9A4F5DD29C1073713B8C6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:58:24.0065 0x0e1c Ntfs - ok
16:58:24.0081 0x0e1c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:58:24.0081 0x0e1c Null - ok
16:58:24.0112 0x0e1c [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:58:24.0112 0x0e1c NVHDA - ok
16:58:24.0456 0x0e1c [ 144E1FEE0A69BA8D9AC323E772708BC5, 5AF8505301C831036A092EAE67DD9998E756B78026346E860C663DC24B4042F4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:58:24.0643 0x0e1c nvlddmkm - ok
16:58:24.0690 0x0e1c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:58:24.0706 0x0e1c nvraid - ok
16:58:24.0706 0x0e1c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:58:24.0706 0x0e1c nvstor - ok
16:58:24.0799 0x0e1c [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:58:24.0799 0x0e1c NvStreamKms - ok
16:58:24.0940 0x0e1c [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
16:58:25.0034 0x0e1c NvStreamNetworkSvc - ok
16:58:25.0127 0x0e1c [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:58:25.0206 0x0e1c NvStreamSvc - ok
16:58:25.0252 0x0e1c [ E2ABF40D5E04ACE17064EC1D3B1F7834, 191285D4E476DA5DDE39EC772253B99FD3C5F472B26C673D814F4BE0549C21BF ] nvsvc C:\Windows\system32\nvvsvc.exe
16:58:25.0268 0x0e1c nvsvc - ok
16:58:25.0315 0x0e1c [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:58:25.0315 0x0e1c nvvad_WaveExtensible - ok
16:58:25.0331 0x0e1c [ 7425A6B64F5D37D0565F2581B886E5E3, 877095624C4EAE13A5814117EEEF515842FFF77C9823DA83BC01FA6B8D9E8A6B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:58:25.0346 0x0e1c nv_agp - ok
16:58:25.0440 0x0e1c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:58:25.0456 0x0e1c odserv - ok
16:58:25.0487 0x0e1c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:58:25.0487 0x0e1c ohci1394 - ok
16:58:25.0518 0x0e1c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:58:25.0518 0x0e1c ose - ok
16:58:25.0549 0x0e1c [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:58:25.0581 0x0e1c p2pimsvc - ok
16:58:25.0612 0x0e1c [ 79DB2B358BF0B152F15D1C5A525233BD, 374D9E8D7FBBC3EB14BDC651378120FCB075A36404F1E76A3F291F89CD5C3362 ] p2psvc C:\Windows\system32\p2psvc.dll
16:58:25.0627 0x0e1c p2psvc - ok
16:58:25.0643 0x0e1c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:58:25.0643 0x0e1c Parport - ok
16:58:25.0659 0x0e1c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:58:25.0659 0x0e1c partmgr - ok
16:58:25.0706 0x0e1c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
16:58:25.0706 0x0e1c PcaSvc - ok
16:58:25.0752 0x0e1c [ 481DADB90C1D4E9F19328079C7A9E63D, DA8946D89F0D59F2A17512B9029EB17B2909CF99B70CF4BA7258012E95008ABD ] pci C:\Windows\system32\drivers\pci.sys
16:58:25.0752 0x0e1c pci - ok
16:58:25.0768 0x0e1c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:58:25.0768 0x0e1c pciide - ok
16:58:25.0784 0x0e1c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:58:25.0784 0x0e1c pcmcia - ok
16:58:25.0815 0x0e1c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:58:25.0815 0x0e1c pcw - ok
16:58:25.0877 0x0e1c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:58:25.0909 0x0e1c PEAUTH - ok
16:58:25.0971 0x0e1c [ C59E17D5E30972ECA28A72004795AEA7, 24CE4698F578BB6BE51101BA083C5E4A6A1AA449439C125BA3E5793E54260525 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:58:26.0018 0x0e1c PeerDistSvc - ok
16:58:26.0081 0x0e1c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:58:26.0081 0x0e1c PerfHost - ok
16:58:26.0143 0x0e1c [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
16:58:26.0174 0x0e1c pla - ok
16:58:26.0206 0x0e1c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:58:26.0221 0x0e1c PlugPlay - ok
16:58:26.0252 0x0e1c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:58:26.0252 0x0e1c PNRPAutoReg - ok
16:58:26.0268 0x0e1c [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:58:26.0284 0x0e1c PNRPsvc - ok
16:58:26.0331 0x0e1c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:58:26.0346 0x0e1c PolicyAgent - ok
16:58:26.0377 0x0e1c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:58:26.0377 0x0e1c Power - ok
16:58:26.0393 0x0e1c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:58:26.0409 0x0e1c PptpMiniport - ok
16:58:26.0424 0x0e1c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:58:26.0424 0x0e1c Processor - ok
16:58:26.0440 0x0e1c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:58:26.0471 0x0e1c ProfSvc - ok
16:58:26.0471 0x0e1c [ 979C12C081DFF8BFE24EEA2D68234BDA, A1358D520BBD2192AA8DBA09104D93462CDAE6A44A883CCDD8E215D732BA8A7F ] ProtectedStorage C:\Windows\system32\lsass.exe
16:58:26.0471 0x0e1c ProtectedStorage - ok
16:58:26.0518 0x0e1c [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys
16:58:26.0518 0x0e1c pwdrvio - ok
16:58:26.0534 0x0e1c [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\Windows\system32\pwdspio.sys
16:58:26.0534 0x0e1c pwdspio - ok
16:58:26.0596 0x0e1c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:58:26.0627 0x0e1c ql2300 - ok
16:58:26.0659 0x0e1c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:58:26.0659 0x0e1c ql40xx - ok
16:58:26.0690 0x0e1c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:58:26.0690 0x0e1c QWAVE - ok
16:58:26.0706 0x0e1c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:58:26.0706 0x0e1c QWAVEdrv - ok
16:58:26.0721 0x0e1c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:58:26.0721 0x0e1c RasAcd - ok
16:58:26.0737 0x0e1c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:58:26.0737 0x0e1c RasAgileVpn - ok
16:58:26.0752 0x0e1c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:58:26.0768 0x0e1c RasAuto - ok
16:58:26.0799 0x0e1c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:58:26.0799 0x0e1c Rasl2tp - ok
16:58:26.0831 0x0e1c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:58:26.0846 0x0e1c RasMan - ok
16:58:26.0862 0x0e1c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:58:26.0862 0x0e1c RasPppoe - ok
16:58:26.0877 0x0e1c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:58:26.0877 0x0e1c RasSstp - ok
16:58:26.0924 0x0e1c [ FB45727105E27756B3252572A138FA19, B11A375C7377C2DD02175921F5A3BBD23191207DE76DB220ACF72BD5CF74E09A ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:58:26.0940 0x0e1c rdbss - ok
16:58:26.0956 0x0e1c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:58:26.0956 0x0e1c rdpbus - ok
16:58:26.0971 0x0e1c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:58:26.0971 0x0e1c RDPCDD - ok
16:58:26.0987 0x0e1c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:58:27.0002 0x0e1c RDPDR - ok
16:58:27.0018 0x0e1c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:58:27.0018 0x0e1c RDPENCDD - ok
16:58:27.0018 0x0e1c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:58:27.0018 0x0e1c RDPREFMP - ok
16:58:27.0081 0x0e1c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:58:27.0081 0x0e1c RdpVideoMiniport - ok
16:58:27.0112 0x0e1c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:58:27.0127 0x0e1c RDPWD - ok
16:58:27.0174 0x0e1c [ F4287A980C0AA41DE3073F053E5EA73C, 04A386884DE32C6813486FD2D8FD9B9B275758CE5354459D8862A60E7F134833 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:58:27.0174 0x0e1c rdyboost - ok
16:58:27.0221 0x0e1c [ 0301EEE83B03229F555C6F8025FB5540, 3ABBA482E59FF9FC831A0FEA75A8C937BAE5077108A0EB3F89205C72FEDC2CD9 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:58:27.0221 0x0e1c RemoteAccess - ok
16:58:27.0252 0x0e1c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:58:27.0252 0x0e1c RemoteRegistry - ok
16:58:27.0268 0x0e1c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:58:27.0268 0x0e1c RpcEptMapper - ok
16:58:27.0284 0x0e1c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:58:27.0284 0x0e1c RpcLocator - ok
16:58:27.0331 0x0e1c [ 4CE2D42E24914EE91BFFCD8D8485A1BB, 64A005A2B56CDEB00F43B56040DEB7E5995909E9E11AFB4535895A2C3F0A4648 ] RpcSs C:\Windows\system32\rpcss.dll
16:58:27.0346 0x0e1c RpcSs - ok
16:58:27.0377 0x0e1c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:58:27.0377 0x0e1c rspndr - ok
16:58:27.0440 0x0e1c [ 60EB8A87357CA5B088B422D1E55A2405, A4E8ACACB9EFB094D05EC24DFB65D969DBA14634EEB6B4DBEF500BDEA8D78DB5 ] rt61x64 C:\Windows\system32\DRIVERS\WMP54Gv41x64.sys
16:58:27.0456 0x0e1c rt61x64 - ok
16:58:27.0487 0x0e1c [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
16:58:27.0502 0x0e1c RTL8023x64 - ok
16:58:27.0549 0x0e1c [ 6E6C8B60344C1C8396AB683FA3055086, 7093A532D2F576A4AEA8A101E44543DFFBDF1E71A8759D82ACE9FF93C6FA390F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:58:27.0581 0x0e1c RTL8167 - ok
16:58:27.0596 0x0e1c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:58:27.0596 0x0e1c s3cap - ok
16:58:27.0612 0x0e1c [ 979C12C081DFF8BFE24EEA2D68234BDA, A1358D520BBD2192AA8DBA09104D93462CDAE6A44A883CCDD8E215D732BA8A7F ] SamSs C:\Windows\system32\lsass.exe
16:58:27.0612 0x0e1c SamSs - ok
16:58:27.0627 0x0e1c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:58:27.0627 0x0e1c sbp2port - ok
16:58:27.0659 0x0e1c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:58:27.0659 0x0e1c SCardSvr - ok
16:58:27.0674 0x0e1c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:58:27.0674 0x0e1c scfilter - ok
16:58:27.0737 0x0e1c [ E5A1E7B40B5086E643705B2D85A139C4, 0B298C16689C8AA475396C9BEAF1032A156A0D7986931337D47FE3AF72228026 ] Schedule C:\Windows\system32\schedsvc.dll
16:58:27.0784 0x0e1c Schedule - ok
16:58:27.0799 0x0e1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:58:27.0799 0x0e1c SCPolicySvc - ok
16:58:27.0846 0x0e1c [ 0447065A6E10774EFCECFDD0EB970A79, 384A9AC72E756F96D43EE4B144A466564476AFD8778092C979116BB29A514433 ] ScpVBus C:\Windows\system32\DRIVERS\ScpVBus.sys
16:58:27.0846 0x0e1c ScpVBus - ok
16:58:27.0877 0x0e1c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:58:27.0893 0x0e1c SDRSVC - ok
16:58:27.0924 0x0e1c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:58:27.0924 0x0e1c secdrv - ok
16:58:27.0956 0x0e1c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
16:58:27.0956 0x0e1c seclogon - ok
16:58:27.0956 0x0e1c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:58:27.0956 0x0e1c SENS - ok
16:58:27.0987 0x0e1c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:58:27.0987 0x0e1c SensrSvc - ok
16:58:28.0002 0x0e1c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:58:28.0002 0x0e1c Serenum - ok
16:58:28.0018 0x0e1c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:58:28.0018 0x0e1c Serial - ok
16:58:28.0049 0x0e1c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:58:28.0049 0x0e1c sermouse - ok
16:58:28.0065 0x0e1c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:58:28.0081 0x0e1c SessionEnv - ok
16:58:28.0096 0x0e1c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:58:28.0096 0x0e1c sffdisk - ok
16:58:28.0112 0x0e1c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:58:28.0112 0x0e1c sffp_mmc - ok
16:58:28.0127 0x0e1c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:58:28.0127 0x0e1c sffp_sd - ok
16:58:28.0143 0x0e1c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:58:28.0143 0x0e1c sfloppy - ok
16:58:28.0174 0x0e1c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:58:28.0206 0x0e1c SharedAccess - ok
16:58:28.0237 0x0e1c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:58:28.0252 0x0e1c ShellHWDetection - ok
16:58:28.0268 0x0e1c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:58:28.0268 0x0e1c SiSRaid2 - ok
16:58:28.0284 0x0e1c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:58:28.0284 0x0e1c SiSRaid4 - ok
16:58:28.0315 0x0e1c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:58:28.0315 0x0e1c Smb - ok
16:58:28.0331 0x0e1c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:58:28.0331 0x0e1c SNMPTRAP - ok
16:58:28.0346 0x0e1c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:58:28.0346 0x0e1c spldr - ok
16:58:28.0393 0x0e1c [ 8003D39B386EDCCFB08DC21AACC0683A, 99D6A4DBE810335A69AE3053DC4B6AAC267639AD7F9C568431FA0714F6E71F30 ] Spooler C:\Windows\System32\spoolsv.exe
16:58:28.0409 0x0e1c Spooler - ok
16:58:28.0502 0x0e1c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:58:28.0596 0x0e1c sppsvc - ok
16:58:28.0643 0x0e1c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:58:28.0643 0x0e1c sppuinotify - ok
16:58:28.0706 0x0e1c [ 1145EC013B72D4E6C60497707BB1A4B6, 1062AE3C61A5ACB25A1899E354DC9AA750658E23B22F2A97E9B181B65A50AA46 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:58:28.0721 0x0e1c srv - ok
16:58:28.0784 0x0e1c [ 2D8FFA3B636368130F909E0CD935B555, 0C0BC56D5F6B1931D9159D98D3C8F4F1C4F4C3674C48430DFAC79926AB355601 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:58:28.0799 0x0e1c srv2 - ok
16:58:28.0846 0x0e1c [ 4B1C343E11065819F687EAC68A5E13F3, 4A850E37ECA4293A12E9C12B96999C4AA84A44177D31DFEF316E52050B1EDDA3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:58:28.0862 0x0e1c srvnet - ok
16:58:28.0877 0x0e1c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:58:28.0893 0x0e1c SSDPSRV - ok
16:58:28.0909 0x0e1c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:58:28.0909 0x0e1c SstpSvc - ok
16:58:28.0956 0x0e1c [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:58:28.0956 0x0e1c ssudmdm - ok
16:58:29.0065 0x0e1c [ 167E7CE4DBBA691E563AC36ECDB00318, 894C37C1DD794FC6F90408697D354E2AE89F2A7873AD66AF45F36D0C9142AE9C ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:58:29.0081 0x0e1c Stereo Service - ok
16:58:29.0112 0x0e1c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:58:29.0112 0x0e1c stexstor - ok
16:58:29.0143 0x0e1c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:58:29.0174 0x0e1c stisvc - ok
16:58:29.0206 0x0e1c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:58:29.0206 0x0e1c storflt - ok
16:58:29.0206 0x0e1c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:58:29.0206 0x0e1c storvsc - ok
16:58:29.0252 0x0e1c [ 10DCD3BDFA785E1482EC02304A7E9B96, DBD348388F5B17F2620A9D40D1191A51BA6CDAF15E37503630D859FB144486A1 ] swenum C:\Windows\system32\drivers\swenum.sys
16:58:29.0252 0x0e1c swenum - ok
16:58:29.0284 0x0e1c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:58:29.0315 0x0e1c swprv - ok
16:58:29.0346 0x0e1c [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
16:58:29.0346 0x0e1c Synth3dVsc - ok
16:58:29.0440 0x0e1c [ 15CF7B24AA64FE958CAEA00274838B1C, 820F7CF1CCD036A1871D728C1CC80D9E9BB5E3BD5D9C7BC822B1711D8DB79707 ] SysMain C:\Windows\system32\sysmain.dll
16:58:29.0487 0x0e1c SysMain - ok
16:58:29.0518 0x0e1c [ AD359C53941A6AC57FB935E7E9F1D16E, 6D53065ECE8E928CC045E16B7618D866C121EBA6C6CBDADC97C2B0DC8D8CF9FC ] TabletInputService C:\Windows\System32\TabSvc.dll
16:58:29.0518 0x0e1c TabletInputService - ok
16:58:29.0549 0x0e1c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:58:29.0565 0x0e1c TapiSrv - ok
16:58:29.0581 0x0e1c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:58:29.0581 0x0e1c TBS - ok
16:58:29.0674 0x0e1c [ 8A54B9C4206FBAB2CEE3525CFD365241, 009D2C45797D512F6B973BAE6FECA67C9BAE6B2C726A916D7168230ADDC769DC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:58:29.0737 0x0e1c Tcpip - ok
16:58:29.0784 0x0e1c [ 8A54B9C4206FBAB2CEE3525CFD365241, 009D2C45797D512F6B973BAE6FECA67C9BAE6B2C726A916D7168230ADDC769DC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:58:29.0815 0x0e1c TCPIP6 - ok
16:58:29.0846 0x0e1c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:58:29.0846 0x0e1c tcpipreg - ok
16:58:29.0862 0x0e1c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:58:29.0862 0x0e1c TDPIPE - ok
16:58:29.0862 0x0e1c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:58:29.0862 0x0e1c TDTCP - ok
16:58:29.0893 0x0e1c [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:58:29.0909 0x0e1c tdx - ok
16:58:29.0924 0x0e1c [ AC24D7A7D9EEDE11E2926F9001BEAFB5, 04F8FEC125B70A292DF4748925064CBDDF6D8FFF596ACD1EB063425E22505472 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:58:29.0940 0x0e1c TermDD - ok
16:58:29.0940 0x0e1c [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:58:29.0940 0x0e1c terminpt - ok
16:58:29.0987 0x0e1c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:58:30.0018 0x0e1c TermService - ok
16:58:30.0049 0x0e1c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:58:30.0049 0x0e1c Themes - ok
16:58:30.0065 0x0e1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:58:30.0065 0x0e1c THREADORDER - ok
16:58:30.0081 0x0e1c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:58:30.0081 0x0e1c TrkWks - ok
16:58:30.0127 0x0e1c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:58:30.0127 0x0e1c TrustedInstaller - ok
16:58:30.0159 0x0e1c [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:58:30.0159 0x0e1c tssecsrv - ok
16:58:30.0190 0x0e1c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:58:30.0190 0x0e1c TsUsbFlt - ok
16:58:30.0206 0x0e1c [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:58:30.0206 0x0e1c TsUsbGD - ok
16:58:30.0237 0x0e1c [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
16:58:30.0237 0x0e1c tsusbhub - ok
16:58:30.0252 0x0e1c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:58:30.0252 0x0e1c tunnel - ok
16:58:30.0268 0x0e1c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:58:30.0268 0x0e1c uagp35 - ok
16:58:30.0299 0x0e1c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:58:30.0315 0x0e1c udfs - ok
16:58:30.0346 0x0e1c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:58:30.0346 0x0e1c UI0Detect - ok
16:58:30.0362 0x0e1c [ B70E26A57F35ECA5199E6D6B9592A67C, 8ECCEEA69A69FBDC4AFEB2EC306FCEE6B569370F599D76F4CFDEAF77A0CD018C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:58:30.0362 0x0e1c uliagpkx - ok
16:58:30.0377 0x0e1c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:58:30.0393 0x0e1c umbus - ok
16:58:30.0409 0x0e1c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:58:30.0409 0x0e1c UmPass - ok
16:58:30.0424 0x0e1c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:58:30.0440 0x0e1c UmRdpService - ok
16:58:30.0456 0x0e1c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:58:30.0471 0x0e1c upnphost - ok
16:58:30.0534 0x0e1c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:58:30.0534 0x0e1c USBAAPL64 - ok
16:58:30.0565 0x0e1c [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:58:30.0565 0x0e1c usbccgp - ok
16:58:30.0596 0x0e1c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:58:30.0596 0x0e1c usbcir - ok
16:58:30.0627 0x0e1c [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:58:30.0627 0x0e1c usbehci - ok
16:58:30.0690 0x0e1c [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub C:\Windows\system32\drivers\usbhub.sys
16:58:30.0706 0x0e1c usbhub - ok
16:58:30.0752 0x0e1c [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:58:30.0752 0x0e1c usbohci - ok
16:58:30.0768 0x0e1c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:58:30.0784 0x0e1c usbprint - ok
16:58:30.0815 0x0e1c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:58:30.0815 0x0e1c usbscan - ok
16:58:30.0862 0x0e1c [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\USBSER.sys
16:58:30.0862 0x0e1c usbser - ok
16:58:30.0909 0x0e1c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:58:30.0909 0x0e1c USBSTOR - ok
16:58:30.0924 0x0e1c [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:58:30.0924 0x0e1c usbuhci - ok
16:58:30.0940 0x0e1c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:58:30.0956 0x0e1c UxSms - ok
16:58:30.0956 0x0e1c [ 979C12C081DFF8BFE24EEA2D68234BDA, A1358D520BBD2192AA8DBA09104D93462CDAE6A44A883CCDD8E215D732BA8A7F ] VaultSvc C:\Windows\system32\lsass.exe
16:58:30.0956 0x0e1c VaultSvc - ok
16:58:30.0987 0x0e1c [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
16:58:30.0987 0x0e1c VClone - ok
16:58:31.0002 0x0e1c [ 7BDCE021786C3DCCFD2C22EBF643EE36, 92842E529EBDE9A9A9408287182BF1ECD8737C1DA39AF20570528CBD37D43228 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:58:31.0018 0x0e1c vdrvroot - ok
16:58:31.0034 0x0e1c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:58:31.0065 0x0e1c vds - ok
16:58:31.0096 0x0e1c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:58:31.0096 0x0e1c vga - ok
16:58:31.0112 0x0e1c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:58:31.0112 0x0e1c VgaSave - ok
16:58:31.0127 0x0e1c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:58:31.0143 0x0e1c vhdmp - ok
16:58:31.0143 0x0e1c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:58:31.0143 0x0e1c viaide - ok
16:58:31.0159 0x0e1c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:58:31.0159 0x0e1c vmbus - ok
16:58:31.0174 0x0e1c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:58:31.0174 0x0e1c VMBusHID - ok
16:58:31.0190 0x0e1c [ 8EDE91FBAC7BF7605323C517C717A253, 8441DBE652E8922B888649FF8F37D5593FD8938E3AFFB69323184DE8E4A5EBDB ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:58:31.0190 0x0e1c volmgr - ok
16:58:31.0237 0x0e1c [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:58:31.0252 0x0e1c volmgrx - ok
16:58:31.0268 0x0e1c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:58:31.0284 0x0e1c volsnap - ok
16:58:31.0299 0x0e1c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:58:31.0299 0x0e1c vsmraid - ok
16:58:31.0377 0x0e1c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:58:31.0409 0x0e1c VSS - ok
16:58:31.0471 0x0e1c [ DC067801E8E3B664F25FF7D3E501926E, 3BD1C9B92747995F6F1C532104AA2BA1BF93B5BC5CA3AE28450207ABED2C9DB5 ] vvftav211 C:\Windows\system32\drivers\vvftav211.sys
16:58:31.0487 0x0e1c vvftav211 - ok
16:58:31.0502 0x0e1c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:58:31.0502 0x0e1c vwifibus - ok
16:58:31.0518 0x0e1c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:58:31.0534 0x0e1c W32Time - ok
16:58:31.0565 0x0e1c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:58:31.0565 0x0e1c WacomPen - ok
16:58:31.0596 0x0e1c [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:58:31.0596 0x0e1c WANARP - ok
16:58:31.0612 0x0e1c [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:58:31.0612 0x0e1c Wanarpv6 - ok
16:58:31.0659 0x0e1c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:58:31.0706 0x0e1c wbengine - ok
16:58:31.0737 0x0e1c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:58:31.0737 0x0e1c WbioSrvc - ok
16:58:31.0752 0x0e1c [ 79E3903FD75A22386326B542F17A2563, 3CCCE0BCDE12240BE7E108A8C0A959A33C8462A0DE8510F28FA0107C4A9A1F05 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:58:31.0768 0x0e1c wcncsvc - ok
16:58:31.0799 0x0e1c [ 35050F01D00E7E72A2449EB6F9ABF8B4, CF45943E14D2418E83CF4DC836D3AFE4ED61186B6B9DA25EF745DC6FBB07FAC5 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:58:31.0815 0x0e1c WcsPlugInService - ok
16:58:31.0831 0x0e1c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:58:31.0831 0x0e1c Wd - ok
16:58:31.0893 0x0e1c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:58:31.0924 0x0e1c Wdf01000 - ok
16:58:31.0940 0x0e1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:58:31.0956 0x0e1c WdiServiceHost - ok
16:58:31.0956 0x0e1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:58:31.0956 0x0e1c WdiSystemHost - ok
16:58:32.0018 0x0e1c [ 9955F303C20C4F58DB6645C6248DE1C8, 1A04B5C0EF2FE0CDBA054104727C54A02072B829BEAF4F3E4D16E581B50593F1 ] wdm_usb C:\Windows\system32\DRIVERS\usb2ser.sys
16:58:32.0034 0x0e1c wdm_usb - ok
16:58:32.0065 0x0e1c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
16:58:32.0081 0x0e1c WebClient - ok
16:58:32.0112 0x0e1c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:58:32.0127 0x0e1c Wecsvc - ok
16:58:32.0143 0x0e1c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:58:32.0143 0x0e1c wercplsupport - ok
16:58:32.0159 0x0e1c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:58:32.0159 0x0e1c WerSvc - ok
16:58:32.0174 0x0e1c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:58:32.0174 0x0e1c WfpLwf - ok
16:58:32.0190 0x0e1c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:58:32.0190 0x0e1c WIMMount - ok
16:58:32.0221 0x0e1c WinDefend - ok
16:58:32.0237 0x0e1c WinHttpAutoProxySvc - ok
16:58:32.0299 0x0e1c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:58:32.0315 0x0e1c Winmgmt - ok
16:58:32.0409 0x0e1c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
16:58:32.0471 0x0e1c WinRM - ok
16:58:32.0518 0x0e1c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:58:32.0518 0x0e1c WinUsb - ok
16:58:32.0581 0x0e1c [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:58:32.0612 0x0e1c Wlansvc - ok
16:58:32.0768 0x0e1c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:58:32.0815 0x0e1c wlidsvc - ok
16:58:32.0846 0x0e1c [ 43471A750D4F3918AC92F5131AE252D3, E843AA1555262F521B924BBB1505474757E1BB9540FCCF93BC0BE2059F497C87 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:58:32.0846 0x0e1c WmiAcpi - ok
16:58:32.0893 0x0e1c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:58:32.0909 0x0e1c wmiApSrv - ok
16:58:32.0924 0x0e1c WMPNetworkSvc - ok
16:58:32.0940 0x0e1c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:58:32.0940 0x0e1c WPCSvc - ok
16:58:32.0956 0x0e1c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:58:32.0956 0x0e1c WPDBusEnum - ok
16:58:32.0971 0x0e1c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:58:32.0987 0x0e1c ws2ifsl - ok
16:58:33.0065 0x0e1c [ E0A69AAB9D8F6EFDAD11AE261E3FE986, BD2B75A0A73636396F1556A8E153D994F75E4DC776B8FD1B1C73C5F2BF72FD79 ] WsAppService C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
16:58:33.0065 0x0e1c WsAppService - ok
16:58:33.0081 0x0e1c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:58:33.0081 0x0e1c wscsvc - ok
16:58:33.0127 0x0e1c [ E6BDB785DDB30427DE00F3B7039A73C2, 93AD43FBEC99B9CB510C121516EE2B354B9CD66FB77ACF00CCFE4D517639F7E0 ] WsDrvInst C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe
16:58:33.0127 0x0e1c WsDrvInst - ok
16:58:33.0143 0x0e1c WSearch - ok
16:58:33.0252 0x0e1c [ 0A2E5059B5775E7DBBE05B8156ECE0C6, 75584C0E9EACB26585795C24A0DE19709A6842D286B5DD99036880D66DD20CDD ] wuauserv C:\Windows\system32\wuaueng.dll
16:58:33.0315 0x0e1c wuauserv - ok
16:58:33.0346 0x0e1c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:58:33.0346 0x0e1c WudfPf - ok
16:58:33.0362 0x0e1c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:58:33.0362 0x0e1c WUDFRd - ok
16:58:33.0393 0x0e1c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:58:33.0409 0x0e1c wudfsvc - ok
16:58:33.0424 0x0e1c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:58:33.0424 0x0e1c WwanSvc - ok
16:58:33.0456 0x0e1c [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:58:33.0456 0x0e1c xusb21 - ok
16:58:33.0549 0x0e1c [ 86840BE194AA7D42954B3D0CBE21C1FA, DE327A6708610ECBB35ED1ED0C2965881C9AE5B31E40C27E550670467DB2360A ] ZSMC30x C:\Windows\system32\Drivers\ZS211.sys
16:58:33.0581 0x0e1c ZSMC30x - ok
16:58:33.0612 0x0e1c ================ Scan global ===============================
16:58:33.0643 0x0e1c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:58:33.0690 0x0e1c [ 14B9D4DB3CD804DC935C2AD0E655200B, 20B2F9581C787F6EC79D5C7A4B764EB4FF2F3E43DADCCAD81AB9C70A5B058F90 ] C:\Windows\system32\winsrv.dll
16:58:33.0706 0x0e1c [ 14B9D4DB3CD804DC935C2AD0E655200B, 20B2F9581C787F6EC79D5C7A4B764EB4FF2F3E43DADCCAD81AB9C70A5B058F90 ] C:\Windows\system32\winsrv.dll
16:58:33.0721 0x0e1c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:58:33.0768 0x0e1c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:58:33.0784 0x0e1c [ Global ] - ok
16:58:33.0784 0x0e1c ================ Scan MBR ==================================
16:58:33.0799 0x0e1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:58:34.0284 0x0e1c \Device\Harddisk1\DR1 - ok
16:58:34.0284 0x0e1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:58:34.0393 0x0e1c \Device\Harddisk0\DR0 - ok
16:58:34.0393 0x0e1c ================ Scan VBR ==================================
16:58:34.0393 0x0e1c [ 25B93AF45E3161E4E6F0734436DD0010 ] \Device\Harddisk1\DR1\Partition1
16:58:34.0409 0x0e1c \Device\Harddisk1\DR1\Partition1 - ok
16:58:34.0409 0x0e1c [ 27504BD0AE6EBDBE69E74BD3633F9D88 ] \Device\Harddisk1\DR1\Partition2
16:58:34.0409 0x0e1c \Device\Harddisk1\DR1\Partition2 - ok
16:58:34.0409 0x0e1c [ D92FBEB7F8555ABE754E8707CFC50262 ] \Device\Harddisk1\DR1\Partition3
16:58:34.0409 0x0e1c \Device\Harddisk1\DR1\Partition3 - ok
16:58:34.0409 0x0e1c [ 755BA15353D796E6EA5B1D9D01CF8995 ] \Device\Harddisk0\DR0\Partition1
16:58:34.0409 0x0e1c \Device\Harddisk0\DR0\Partition1 - ok
16:58:34.0409 0x0e1c [ 6EF7628F37DD77C0F4F1BF4985389BD2 ] \Device\Harddisk0\DR0\Partition2
16:58:34.0424 0x0e1c \Device\Harddisk0\DR0\Partition2 - ok
16:58:34.0424 0x0e1c [ 14DF279151325FCDA4EA9795058E2124 ] \Device\Harddisk0\DR0\Partition3
16:58:34.0424 0x0e1c \Device\Harddisk0\DR0\Partition3 - ok
16:58:34.0424 0x0e1c [ 767E2622404884C70B74F1FFCE9B7F2C ] \Device\Harddisk0\DR0\Partition4
16:58:34.0424 0x0e1c \Device\Harddisk0\DR0\Partition4 - ok
16:58:34.0424 0x0e1c ================ Scan generic autorun ======================
16:58:34.0784 0x0e1c [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:58:35.0112 0x0e1c RTHDVCPL - ok
16:58:35.0206 0x0e1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:58:35.0237 0x0e1c Sidebar - ok
16:58:35.0268 0x0e1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:58:35.0268 0x0e1c mctadmin - ok
16:58:35.0315 0x0e1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:58:35.0346 0x0e1c Sidebar - ok
16:58:35.0346 0x0e1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:58:35.0346 0x0e1c mctadmin - ok
16:58:35.0346 0x0e1c Waiting for KSN requests completion. In queue: 99
16:58:36.0346 0x0e1c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x60010 ( disabled : outofdate )
16:58:36.0362 0x0e1c Win FW state via NFP2: enabled ( trusted )
16:58:36.0737 0x0e1c ============================================================
16:58:36.0737 0x0e1c Scan finished
16:58:36.0737 0x0e1c ============================================================
16:58:36.0737 0x0308 Detected object count: 0
16:58:36.0737 0x0308 Actual detected object count: 0
16:59:35.0590 0x04b4 Deinitialize successy aca el de FSS
Farbar Service Scanner Version: 27-01-2016
Ran by Mati (administrator) on 20-06-2019 at 17:03:50
Running from "C:\Users\Mati\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****Hola @victor_TeReparoLaPC
Aun no se ha podido eliminar.
Una consulta supongo que si pero debo preguntar, tienes acceso a una unidad USB y otro equipo limpio?
Realiza lo siguiente:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descarga a tu escritorio las siguientes herramientas:
3.- Malwarebytes Anti-Rootkits
- Lo Instalas y actualizas.
- Realiza un Análisis Completo de acuerdo a su Manual.
Guía : ¿Como Pegar reportes en el Foro?
Esperamos el reporte.
Salu2
Hola @SanMar disculpa la demora. Si, tengo un portatil limpio y con acceso a internet desde el mismo estoy bajando todo y pasando mediante pendrive a pc que estamos tratando
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2019.06.21.09
rootkit: v2019.06.21.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.19035
Mati :: MATI-PC [administrator]
21/06/2019 22:10:32
mbar-log-2019-06-21 (22-10-32).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 191341
Time elapsed: 18 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)Hola @victor_TeReparoLaPC
Aunque el equipo infectado arranque normal necesito que lo hagas desde las Opciones de Recuperación.
Si tienes otro USB que no hayas usado hasta ahora mejor, al finalizar recuerdame que analicemos ese equipo limpio.
Realice lo siguiente:
Herramientas necesarias.
- Un ordenador limpio con conexión a Internet.
- Un USB.
Desde el ordenador limpio:.
- Descargue FRST.EXE a su escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >>> ¿Cómo saber si mi Windows es de 32 o 64 bits.?
- Copie Frst.exe o Frst64.exe a su unidad USB.
Desde el equipo Infectado:
Conecte el Usb en el equipo infectado…
- Ingrese a Símbolo de Sistema del Entorno de Recuperación.:
Para acceder a las Opciones de Recuperación del Sistema:
Instrucciones para Windows 7.
- Reinicie el equipo.
- Tan pronto como se carga el BIOS comienze a apretar la tecla F8 hasta que aparezcan las opciones avanzadas de arranque.
- Selecciona Reparar el Equipo y presione enter.
- Espere a que cargue, seleccione el idioma y configuración de teclado, clic en siguiente.
- Seleccione el sistema operativo que desee reparar y haga clic en siguiente.
- Seleccione su cuenta de usuario haga clic en siguiente.
En el menú de Opciones de Recuperación del Sistema vera las siguientes opciones:
- Reparación de inicio.
- Restaurar sistema.
- Restauración de imagen del sistema.
- Diagnóstico de memoria de Windows.
- Símbolo del sistema.
Una vez en el Símbolo del Sistema:
- En la ventana de Comandos, escriba notepad.exe, presione “Enter”.
- Se abrirá la ventana del programa, en la parte superior vaya a Archivo >>> Abrir. *Seleccione “Equipo” para encontrar la letra de su Unidad USB, cierre el Bloc de Notas.
- Una vez dentro de la Ventana de Comandos escribe tal cual x:frst.exe o x:frst64.exe según sea su caso, donde x debe ser reemplazada por la letra de Su unidad Usb.
- Presione Enter.
- La herramienta comenzará a correr.
- Cuando la herramienta se abra le mostrará la ventana “Disclaimer”, haga clic en “Sí/Yes”.
Luego abrirá la ventana del programa:
- Pulse el botón Scan.
Al finalizar el escaneo se creará un reporte Frst.txt o Frst64.txt en su USB. Conecte de nuevo el USB en el ordenador limpio, abra el archivo Frst.txt o Frst64.txt copie y pegue su contenido en su próxima respuesta.
Cualquier duda nos consulta.
Para tu seguridad imprime los pasos.
Salu2
No aparece la opción de reparar equipo solo las de modo seguro, modo seguro con funciones red, modo seguro con simbolo de sistema y las demas
Hola @victor_TeReparoLaPC
Hola tienes una .iso Windows 7 con la misma versión en un DVD/USB de arranque?
Salu2
Tengo un Aio de win 7
Hola:
Ese servirá:
Imagino por tu nombre que ya alguna vez has instalado Windows.
Configura Bios para arrancar desde el DVD como si fueras a reinstalar Windows.
Solo que debes elegir REPARAR.
Selecciona la instalación a reparar.
Entra a las opciones avanzadas >>> Simbolo del Sistema y sigues los pasos del post 18.
Salu2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2019
Ran by SYSTEM on MININT-DBOL12Q (22-06-2019 10:47:59)
Running from J:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] ()
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] ()
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0309550F-A1C7-44ED-ABF2-2E4DD90C5D93} - System32\Tasks\ASC9_PerformanceMonitor => C:\Users\Mati\Downloads\Monitor temperaturas ASC9 -W10\Monitor de Rendimiento - ASC9\Monitor.exe [1517344 2015-11-06] (IObit Information Technology -> IObit)
Task: {0C51074C-BFB0-4DCA-882C-110EE3D49A1A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [538952 2018-09-11] (Piriform Ltd -> Piriform Ltd)
Task: {397C4FB5-7531-47A6-841B-078A7B14DC16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-27] (Google Inc -> Google Inc.)
Task: {3DCAA28E-39DB-4113-AC7B-1D8B20FCAF7C} - System32\Tasks\{5057F1CA-7F94-4CAF-9CC8-BA7AEA7634D6} => C:\Windows\system32\pcalua.exe -a "C:\Users\Mati\Desktop\LG Mobile Support Tool\LG Mobile Support Tool.exe" -d "C:\Users\Mati\Desktop\LG Mobile Support Tool"
Task: {4C541660-2DC1-42DE-B10E-FE65716110DE} - System32\Tasks\EPSON XP-211 214 216 Series Invitation {8B97DC3F-EDD9-4AFA-B1FB-072EEF8DB156} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {571B5C7D-1B28-447C-9E58-FB0F6E7F664E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {6F20C1B7-EB3C-4D46-B3F9-BFB03AEC0BA8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-11] (Piriform Ltd -> Piriform Ltd)
Task: {815E70A1-4B11-4888-B934-0149C2E17014} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-27] (Google Inc -> Google Inc.)
Task: {A8160E4F-4830-4EC6-983B-85667128DE29} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [1454592 2018-10-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B0A2B5E9-9FE8-44AA-A6BB-8A27573B9EF5} - System32\Tasks\{F6212FBF-100F-4864-A51A-04E5FCF9E835} => C:\Windows\twain_32\escndv\escndv.exe [212504 2012-09-05] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORP.)
Task: {C1E75B03-FB48-41F1-A0AD-4B92E0EDDDC2} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E57B8B3F-2B00-4062-BD1E-87B6406CEF73} - System32\Tasks\EPSON XP-211 214 216 Series Update {8B97DC3F-EDD9-4AFA-B1FB-072EEF8DB156} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {E6952E73-59F1-4893-8E78-C16559F5810D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-03-28] (Garmin International, Inc. -> )
Task: {E7BE0D97-9D94-45A2-879B-23DCC57813DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EA99BCDB-2C74-4CA4-81FE-462F4C2EB755} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2018-10-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {7B0121BA-A77B-4C02-9B90-EC20B54BB0AE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE
Task: C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {7B0121BA-A77B-4C02-9B90-EC20B54BB0AE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLDE.EXE:/EXE:{7B0121BA-A77B-4C02-9B90-EC20B54BB0AE} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [674768 2018-04-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-28] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S1 AFD; C:\Windows\system32\drivers\afd.sys [496128 2017-04-04] (Microsoft Corporation)
S3 AppID; C:\Windows\system32\drivers\appid.sys [62464 2018-05-29] (Microsoft Corporation)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90112 2016-10-05] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
S3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation)
S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [106496 2018-01-01] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2015-12-08] (Microsoft Corporation)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2018-02-10] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195584 2017-03-10] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [205312 2017-03-10] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2018-05-12] (Microsoft Corporation)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754176 2018-01-01] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2017-10-12] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2018-01-01] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [142336 2016-09-08] (Microsoft Corporation)
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [160256 2018-05-29] (Microsoft Corporation)
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [291328 2018-05-29] (Microsoft Corporation)
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129536 2018-05-29] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [324608 2017-09-13] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2018-01-01] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [58368 2018-01-01] (Microsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0074.sys [38432 2016-09-18] (SoftEther Corporation -> SoftEther Corporation)
S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [45056 2018-01-01] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262656 2017-08-11] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [26112 2017-08-11] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2016-06-14] (Microsoft Corporation)
S0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [317440 2017-10-12] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation)
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2014-04-28] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] (Microsoft Corporation)
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 rt61x64; C:\Windows\System32\DRIVERS\WMP54Gv41x64.sys [446304 2010-04-07] (Ralink Technology Corporation -> Ralink Technology, Corp.)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
S3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [464384 2018-04-10] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [406016 2018-04-10] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [169984 2018-04-10] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2014-04-28] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2014-04-28] (Microsoft Corporation)
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [117248 2017-07-29] (Microsoft Corporation)
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [29696 2014-04-28] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [40448 2017-08-13] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2014-04-28] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [29696 2014-04-28] (Microsoft Corporation)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2017-10-18] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2014-04-28] (Microsoft Corporation)
S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [56320 2017-10-18] (Microsoft Corporation)
S3 usbhub; C:\Windows\system32\drivers\usbhub.sys [344064 2017-10-18] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2017-10-18] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [42496 2014-04-28] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\DRIVERS\USBSER.sys [33280 2014-04-28] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-03] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2017-10-18] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vvftav211; C:\Windows\System32\drivers\vvftav211.sys [308224 2007-12-10] (Vimicro Corporation)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2018-01-01] (Microsoft Corporation)
S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2018-01-01] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2018-02-10] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2014-04-28] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2014-04-28] (Microsoft Corporation)
S3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [73984 2009-08-14] (Microsoft Corporation)
S3 ZSMC30x; C:\Windows\System32\Drivers\ZS211.sys [1491712 2007-12-13] (ZSMC.Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-22 02:06 - 2019-06-22 02:34 - 000000000 ____D C:\Users\Mati\Desktop\mbar
2019-06-20 21:03 - 2019-06-20 21:04 - 000002892 _____ C:\Users\Mati\Desktop\FSS.txt
2019-06-20 20:54 - 2019-06-20 20:53 - 000899584 _____ (Farbar) C:\Users\Mati\Desktop\FSS.exe
2019-06-20 20:53 - 2019-06-20 20:59 - 000206858 _____ C:\TDSSKiller.3.1.0.28_20.06.2019_16.53.08_log.txt
2019-06-20 20:51 - 2019-06-20 02:37 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Mati\Desktop\tdsskiller.exe
2019-06-20 19:53 - 2019-06-20 23:24 - 000019999 _____ C:\Users\Mati\Desktop\Fixlog.txt
2019-06-20 19:53 - 2019-06-20 19:54 - 000022429 _____ C:\Users\Mati\Desktop\Fixlog1.txt
2019-06-20 19:45 - 2019-06-20 19:47 - 000000255 _____ C:\DelFix.txt
2019-06-20 19:45 - 2019-06-20 19:35 - 000797760 _____ C:\Users\Mati\Desktop\delfix.exe
2019-06-20 03:01 - 2019-06-20 03:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-20 02:43 - 2019-06-22 02:34 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-06-20 01:27 - 2019-06-20 01:27 - 000000537 _____ C:\Users\Mati\Desktop\speed2 - Acceso directo.lnk
2019-06-19 23:07 - 2019-06-19 23:08 - 000039804 _____ C:\Users\Mati\Desktop\Addition.txt
2019-06-19 23:06 - 2019-06-19 23:08 - 000027675 _____ C:\Users\Mati\Desktop\FRST.txt
2019-06-19 23:02 - 2019-06-22 10:47 - 000000000 ____D C:\FRST
2019-06-19 22:56 - 2019-06-19 15:43 - 063182216 _____ (Malwarebytes ) C:\Users\Mati\Desktop\mb3-setup-43841.43841-3.7.1.2839-1.0.586-1.0.10430.exe
2019-06-19 22:11 - 2019-06-19 22:12 - 355832572 _____ C:\backupdrweb.reg
2019-06-19 22:02 - 2019-06-19 22:02 - 000000000 ____D C:\Users\Mati\Doctor Web
2019-06-19 22:02 - 2019-06-19 22:02 - 000000000 ____D C:\ProgramData\Doctor Web
2019-06-19 22:01 - 2019-06-19 22:01 - 000000000 ____D C:\Users\Mati\AppData\Local\ESET
2019-06-19 18:37 - 2019-06-19 18:37 - 000000054 _____ C:\Users\Mati\Desktop\backuphho.txt
2019-06-19 18:01 - 2019-06-19 18:01 - 000009692 _____ C:\Users\Mati\Documents\cc_20190619_140118.reg
2019-06-19 17:45 - 2019-06-19 22:56 - 000000594 _____ C:\Users\Mati\Desktop\cpuz.ini
2019-06-19 17:45 - 2019-06-19 17:42 - 010924745 _____ C:\Users\Mati\Desktop\realtek_pcielan_7_mb.zip
2019-06-19 17:45 - 2019-06-19 17:39 - 002877647 _____ C:\Users\Mati\Desktop\cpu-z_1.89-en.zip
2019-06-19 17:45 - 2019-05-23 17:21 - 003782624 _____ (CPUID) C:\Users\Mati\Desktop\cpuz_x64.exe
2019-06-19 17:45 - 2019-05-23 17:21 - 003250656 _____ (CPUID) C:\Users\Mati\Desktop\cpuz_x32.exe
2019-06-19 17:45 - 2019-05-23 14:22 - 000028147 _____ C:\Users\Mati\Desktop\cpuz_readme.txt
2019-06-19 15:45 - 2019-06-19 15:45 - 000008442 _____ C:\Users\Mati\Documents\cc_20190619_114538.reg
2019-06-19 15:44 - 2019-06-19 15:44 - 000068150 _____ C:\Users\Mati\Documents\cc_20190619_114401.reg
2019-06-19 15:34 - 2011-05-19 22:05 - 000000137 _____ C:\Users\Mati\Desktop\WinSockFix-Win7.bat
2019-06-19 15:34 - 2009-05-18 00:28 - 001445888 _____ (Option^Explicit Software Solutions) C:\Users\Mati\Desktop\WinsockxpFix-WinXP.exe
2019-06-19 13:16 - 2019-06-19 13:20 - 000000000 ____D C:\GoogleChromePortable
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-22 05:06 - 2015-03-26 13:03 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-20 19:54 - 2017-10-28 20:37 - 000000000 ____D C:\Users\Mati\AppData\LocalLow\Temp
2019-06-20 19:54 - 2017-09-15 20:43 - 000000000 ____D C:\Users\Mati\AppData\Roaming\Chrome Extensions
2019-06-20 01:02 - 2015-06-16 04:36 - 000000000 ____D C:\Users\Mati\AppData\Local\NFS Underground 2
2019-06-19 17:58 - 2016-08-27 23:00 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2019-06-19 16:20 - 2015-03-27 05:42 - 000000000 ____D C:\Users\Mati\AppData\Roaming\FlvtoConverter
2019-06-19 16:20 - 2015-03-27 05:30 - 000000000 ____D C:\Users\Mati\AppData\Local\Flvto Youtube Downloader
2019-06-19 16:19 - 2016-11-10 01:00 - 000000000 ____D C:\UsbFix
2019-06-19 15:47 - 2015-03-27 04:24 - 000110768 _____ C:\Users\Mati\AppData\Local\GDIPFONTCACHEV1.DAT
2019-06-19 15:43 - 2016-09-01 06:38 - 000000000 ____D C:\Users\Mati\AppData\Local\CrashDumps
==================== FLock ================
2019-06-22 05:06 C:\hiberfil.sys
==================== KnownDLLs (Whitelisted) =========================
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2018-07-02 23:58] - [2018-04-23 01:00] - 000512512 _____ (Microsoft Corporation) 4CE2D42E24914EE91BFFCD8D8485A1BB
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2018-07-05 20:30
Restore point date: 2018-11-07 21:58
Restore point date: 2018-11-07 22:08
Restore point date: 2018-11-07 22:09
Restore point date: 2018-11-07 22:12
Restore point date: 2018-11-07 22:12
Restore point date: 2019-05-16 22:54
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 8191.3 MB
Available physical RAM: 7243.95 MB
Total Virtual: 8189.5 MB
Available Virtual: 7235.05 MB
==================== Drives ================================
Drive c: (fdfdferfer) (Fixed) (Total:95.73 GB) (Free:25.74 GB) NTFS
Drive d: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Nuevo vol) (Fixed) (Total:64.36 GB) (Free:50.53 GB) NTFS
Drive f: (Progr y Doc) (Fixed) (Total:196.31 GB) (Free:150.91 GB) NTFS
Drive g: (Datos) (Fixed) (Total:204.99 GB) (Free:60.33 GB) NTFS
Drive i: () (Fixed) (Total:202.26 GB) (Free:79.01 GB) NTFS
Drive j: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B543CEFE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=64.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=196.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=205 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 39C139C0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=95.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=202.3 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Protective MBR) (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2018-10-25 04:38
==================== End of FRST.txt ============================Hola @victor_TeReparoLaPC
No lo ha detectado…pero aun no me fió.
Desinstala el antivirus Microsoft Security Essentials Version utilizando su herramienta especifica.
Luego desactiva el Firewall de Windows 7.
Luego de reiniciar intenta conectar.
Vuelve a ejecutar Dr. Web si vuelve a detectar la infección no elimines nada solo copia el reporte la parte final, o toma una imagen.
Prueba lo siguiente:
Descarga en tu escritorio 
Windows Repair all in one, hazlo con la versión portable suele estar la última de todas donde veas que pone 
◄
-
Es un fichero ZIP con este nombre
tweaking.com_windows_repair_aio.zip, lo descomprimes y ejecutas desde la carpeta que se habrá generado en tu escritorio. -
Haces doble clic sobre el archivo Repair_Windows.exe.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona Ejecutar como Administrador.- )
-
Aceptas en la primera pantalla la licencia de uso pulsando en I Agree y a continuación veras la pantalla inicial del programa, donde debes seguir estos pasos :
Repairs - Main.
Open Repairs.
-
Inmediatamente aparecerá una nueva ventana, marcas "All Repair"
-
Presiona en "Start Repair"
El proceso ira realizando todos los pasos establecidos y cuando termine Reinicias el equipo.
Nos comentas.
Salu2
Me estoy llendo de viaje, de regreso hago lo que me indicas y comento como me fue. Saludos! Que tengas buen fin de semana!