Nod32 problemas con la deteccion

Reinicie el ordenador y realice los mismo pasos que le he indicado previamente y me dice si dichos pasos se han realizado correctamente o le ha dado algún tipo de error mientras estaba realizando dichos pasos.

A la espera de su respuesta.

Realice dichos pasos, sin ningún inconveniente.

1 me gusta

Perfecto! le estoy realizando los siguientes pasos a seguir.

Los pasos a seguir son los siguientes:

PASO 1: “Descarga”, “Instala” pero "NO" inicie los programas que te pongo en este paso.

PASO 2: "Manual de uso" de los programas que pongo en el "PASO 1"

IMPORTANTE:

Sigue “TODOS” estos pasos que te indico a continuación "AL PIE DE LA LETRA", sin saltarte ninguno y en el orden establecido

Aclarado estos pasos pasamos a realizar dichos procedimientos:

PASO 1: “Descarga”, “Instala” pero "NO" inicie los siguientes programas "EN EL ESCRITORIO" de tu ordenador que te pongo a continuación:

Url descarga: "Adwcleaner":https://www.infospyware.com/antispyware/adwcleaner/

Url descarga: Junkware Removal Tool: https://free.drweb-av.es/download+cureit+free/

Url descarga: "MalwareByte AntimalwareBytes":https://www.infospyware.com/antivirus/malwarebytes/

Url descarga: "Dr.Web CureIt!": https://free.drweb-av.es/download+cureit+free/

PASO 2: "Manual de uso" de los programas que pongo en el "PASO 1":

Url: "Manual de Uso" AdwCleaner (y “ELIMINA” "TODAS" las amenzazas que encuetre y sigue los pasos por el orden establecido: Url de descarga: Manual de AdwCleaner

Manual de Uso: “Junkware Removal Tool” y sigue los pasos por el orden establecido:

  • Desactivar momentáneamente el antivirus.

  • Cierra todos los navegadores de internet que tengas abiertos.

  • Ejecutar la herramienta en "El Escritorio" con "Derechos de Administrador" con click derecho.

  • Pulsar cualquier tecla.

  • Esperar a que termine el proceso, puede demorar unos minutos.

  • Guardar el "Block de Notas" que genera, guárdalo en el "ESCRITORIO" y "MANDAME" dicho "Informe".

Manual de Uso: "MalwareByte AntimalwareBytes":

  • Ejecútalo como administrador y esperas que termine
  • Se abrirá el programa, Click sobre donde pone: “Analizador”.
  • Click donde pone: “Análisis avanzados”.
  • Click en donde sale: “Configurar el análisis”

-. "Tildar" (Habilitar) las siguientes pestañas:

capturada01

-. Donde pone: Programas potencialmente no deseados (PUP):

capturada02

-. Donde pone: Modificaciones potencialmente no deseadas (PUM):

capturada02

  • En la parte "DERECHA" marcar "TODAS" las opciones que te salgan:

    -. C:

    -. D… y “Marcar” “(Tildar)” todas las opciones que te salgan a ti.

  • Click en la pestaña que pone: “Analizar

  • Empezará el Análisis en busca de infecciones dejar que analice por completo y no interrumpir el programa hasta que finalice.

  • Una vez finalizado el Análisis, si encuentra amenazas, “HABILITAR” “(TILDAR)” “TODAS” las pestañas que salen y click en la pestaña que pone: “Cuarentena”.

  • Si te pide “Reiniciar el ordenador para poder eliminar las amenazas (Infecciones) encontradas”, “Reinicias”. -. Una vez reiniciado abrir de nuevo el programa y hacer clic en el botón “Ver informe” , se muestra el informe de escaneado que acaba de completar, “Copiar” y “Pegar” dicho informe y “mándame dicho informe”.

Manual de Uso: "Dr.Web CureIt!":

  • Ejecútalo en Modo Normal y esperas que termine.
  • Se abrirá el programa, y sigue estos pasos:

capturada1

  • Seguidamente, se abrirá la siguiente pantalla, seguir los pasos que se indican a continuación:

capturada2

  • Aparecerá esta pantalla, dejar habilitada “TODAS” las pestañas tal y cómo se indica en esta imagen y seguir dichos pasos indicados al pie de la letra:

capturada3

  • A continuación aparecerá la siguiente pantalla, habilitar TODAS las opciones (Pestañas) que te salgan reflejadas a ti, tal y cómo se indica en el ejemplo de la imagen:

  • Empezará automáticamente a escanear su equipo en busca de Infecciones, dejar que acabe dicho proceso por completo de Analizar todo el ordenador (Puede demorar bastante en terminar dicho proceso de análisis, no desespere, tenga paciencia).
  • Si no empezara automáticamente click en la pestaña que pone: Analizar o algo similar, y empezará automáticamente a analizar su equipo por completo
  • Una vez finalizado el Proceso de Análisis por completo le aparecerá una pantalla similar a esta, pues bien, con todas las pestañas habilitadas, click donde pone: Neutralizar tal y como se indica en la imagen:

capturada7

  • Finalmente, siga estos pasos para poder enviar el informe generado:

Para enviar otros Informes siga estos pasos:

Cuando termine de realizar todos los pasos que le he indicado mándeme cada uno de los "Informes" que haya generado dichos programas.

1 me gusta

creo que ese no es el link de ese programa

1 me gusta

Tiene usted razón, se lo pongo ahora, disculpe las molestias. Aquí tiene usted de nuevo la Url del programa: "Junkware Removal Tool." Siga los pasos indicados en dicho "Manual de Uso."

Url descarga: Junkware Removal Tool: https://www.bleepingcomputer.com/download/junkware-removal-tool/dl/293/

Aclaración:

DEBE DE PASARLE CADA PROGRAMA POR SEPARADO, SEGUIR EL ORDEN, Y HASTA QUE "NO" ACABE DE PASARSE EL PRIMER PROGRAMA "NO" LE PASE EL SIGUIENTE PROGRAMA Y ASÍ CON EL RESTO DE PROGRAMAS.

EN CUANTO TERMINEN DE PASARSE TODOS LOS PROGRAMAS ME PASAS CADA UNO DE SUS RESPECTIVOS "INFORMES" QUE GENEREN DICHOS PROGRAMAS.

1 me gusta

el malwarebytes esta tomando su tiempo

1 me gusta

Efectivamente, tenga paciencia, no desespere, ya que analiza completamente el ordenador en busca de infecciones y/o virus.

Es muy "IMPORTANTE" que sólo habilite las pestañas que le he indicado en dicho "Manual de Uso" y que "NO" habilite "NINGUNA" opción que "NO" le haya reflejado en dicho "Manual de Uso".

EN CUANTO TERMINEN DE PASARSE "TODOS" LOS PROGRAMAS ME PASAS CADA UNO DE SUS RESPECTIVOS “INFORMES” QUE GENEREN DICHOS PROGRAMAS.

1 me gusta

Si estoy haciendo tal cual la guía que me brindo, seguiré esperando

1 me gusta

Perfecto! Cuando tenga todos los "Informes" que generan dichos programa al finalizar me los manda.

1 me gusta

INFORMES

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-17-2021
# Duration: 00:00:21
# OS:       Windows 10 Pro
# Scanned:  32023
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DriverPack         HKCU\Software\drpsu
PUP.Optional.FreeMakeConverter  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

PUP.Optional.FFExtense          Flow - bapoeoceggfnnoomenaapjkofjlpmbeh

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-17-2021
# Duration: 00:00:06
# OS:       Windows 10 Pro
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\drpsu
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

Deleted       Flow - bapoeoceggfnnoomenaapjkofjlpmbeh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1693 octets] - [17/12/2021 21:26:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64 
Ran by USER (Administrator) on 12/17/2021 at 23:47:36.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\ProgramData\mntemp (File) 



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/17/2021 at 23:49:53.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 17/12/21
Hora del análisis: 21:49
Archivo de registro: 12469a26-5fad-11ec-8526-5065f34a19e7.json

-Información del software-
Versión: 4.5.0.152
Versión de los componentes: 1.0.1538
Versión del paquete de actualización: 1.0.48728
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19042.1415)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-G4ALVPB\USER

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 653008
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 1 hr, 14 min, 45 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.GameHack, C:\PROGRAM FILES\CHEAT ENGINE 7.3\STANDALONEPHASE1.DAT, En cuarentena, 7801, 393793, 1.0.48728, , ame, , EB339EECEC8AA8C0FD3B08D39799D4D8, 88BB94C3CE727DB13B77ABDBDB75A4C878E91D651692F3618178DEC5BBB7080C

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Total 212963113847 bytes in 539999 files scanned (764151 objects)
Total 539980 files (763985 objects) are clean
Total 10 files (12 objects) are infected
Total 5 files (8 objects) are suspicious
Total 133 files (144 objects) are raised error condition
Scan time is 01:31:55.440

-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------

C:\programdata\freemake\freemakeutilsservice\freemakeutilsservice.exe - quarantined - 14178 ms
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe - quarantined - 9302 ms
C:\Program Files (x86)\Freemake\COM\1.1\regfiles.exe - quarantined - 8810 ms
C:\Program Files (x86)\Freemake\Freemake Video Converter\SetupUpdate.exe - quarantined - 8950 ms
C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe - quarantined - 8274 ms
C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe - quarantined - 8500 ms
C:\Program Files (x86)\Freemake\Freemake Video Converter\FileAssociationTool\FileAssociationTool.exe - quarantined - 9228 ms
C:\ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exe - quarantined - 8830 ms
C:\Users\USER\AppData\Local\Temp\is-JE8N8.tmp\zbShieldUtils.dll - quarantined - 8698 ms
C:\Users\USER\Downloads\FreemakeVideoConverterSetup_57d677e4-de66-e0bf-9b1f-f9b313dbd308.exe - quarantined - 9009 ms
C:\Users\USER\Downloads\winds-pro-2020-06-03.exe - quarantined - 346923 ms
D:\WinDS PRO\emu\Project64K7E_131\Plugin\DarkMan's DInput 4.0.dll - quarantined - 10011 ms
D:\WinDS PRO\emu\Project64K7E_131\Plugin\Jabo_Direct3D6.dll - quarantined - 10259 ms
D:\WinDS PRO\emu\Project64K7E_131\Plugin\Jabo_Direct3D8.dll - quarantined - 9624 ms
D:\WinDS PRO\emu\Project64K7E_131\Project64K7E.exe - quarantined - 10139 ms

Total 212963113847 bytes in 539999 files scanned (764151 objects)
Total 539980 files (763985 objects) are clean
Total 10 files (12 objects) are infected
Total 5 files (8 objects) are suspicious
Total 15 files (18 objects) are neutralized
Total 133 files (144 objects) are raised error condition
Scan time is 01:31:55.440
1 me gusta

PASO 1: "Descarga", “Instala” pero "NO" inicie los siguientes programas en el "Escritorio de tu Ordenador"

PASO 2: "Manual de Uso" de los programas que pongo en el "PASO 1" ("MUY IMPORTANTE": Si algún programa le pide "REINICIAR" para poder desinfectar las amenazas detectadas "REINICIE" , pero si SÓLO EL PROGRAMA SE LO PIDE", si "NO" le pide dicho programa que REINICIE "NO" reinicie y siga dicho proceso indicado en dicho "Manual de Uso":slight_smile:

Una vez aclarado dichos procedimientos pasemos a la reazación de los mismos:

PASO 1: "Descarga", “Instala” pero "NO" inicie los siguientes programas en el "Escritorio de tu Ordenador"

*Url descarga: "Eset Online Scaner":https://www.infospyware.com/eset-online-scanner/

"Url descarga": "Kaspersky Virus Removal Tool": https://www.infospyware.com/kaspersky-antivirus-online/#google_vignette

"Url descarga" "TDSSKILLER": https://www.infospyware.com/antirootkits/tdsskiller/

"Url descarga": "RogueKiller Antimalware": https://www.adlice.com/download-start/?app=roguekiller&type=x64

PASO 2: "Manual de Uso" de los programas que pongo en el "PASO 1" ("MUY IMPORTANTE": Si algún programa le pide "REINICIAR" para poder desinfectar las amenazas detectadas "REINICIE" , pero si SÓLO EL PROGRAMA SE LO PIDE", si "NO" le pide dicho programa que REINICIE "NO" reinicie y siga dicho proceso indicado en dicho "Manual de Uso")

Manual de Uso: "Eset Online Scanner":

  • Ejecútalo como administrador y esperas que termine.
  • Se abrirá el programa, aparecerá la siguiente pantalla, seguir dichas indicaciones que se reflejan en tal ventana:

  • En la siguiente pantalla, realizar dicho procedimiento que se refleja en esta ventana:

  • Se abrirá la siguiente ventana, click donde pone: Empezar tal y como se indica:

  • En la siguiente ventana, dejar marcada estas dos opciones:-. No gracias, no me interesa-. Activar el sistema de respuesta (Opción recomendada)-. Click en la pestaña que pone: Continuar

  • Aparecerá la siguiente ventana, seguir los pasos que se indican:

  • Nuevamente aparecerá la siguiente pantalla, pues bien, siga dicho proceso como se indica al pie de la letra:

En la siguiente pantalla aparecerá lo siguiente, seguir dicho proceso cómo se indica:

  • En la siguiente pantalla, realizar dicho procedimiento y habilitar TODAS las pestañas tal y como se reflejan en la imagen:

  • Seguidamente se empezará a actualizar la base de virus a la última versión, dejar que actualice por completo y no interrumpir el programa , tal y como se indica en la siguiente imagen:

  • A continuación empezará a analizar el programa, tal y como se indica en la siguiente imagen, en busca de procesos infecciosos, dejar que acabe por completo de analizar y no interrumpir dicho proceso:

  • Una vez que finalice el proceso de análisis tenemos 2 opciones, “SI” encuentra infecciones o si “NO” encuentre infecciones.

Elija la opción según haya encontrado Infecciones o NO hay encontrado infecciones:

:one: Si “NO” encuentra Infecciones le aparecerá la siguiente pantalla, siga los pasos que se reflejan en dicha pantalla para poder guardar el Registro de Análisis, y guárdelo en el "ESCRITORIO" ya que seguidamente tenfrá que mandarlo a este Foro de Autoayuda

  • Aparecerá la siguiente pantalla, seguir dicho proceso que se indica:

  • Seguir dicho proceso que se refleja en la pantalla:

  • En la siguiente pantalla siga dichos pasos como se indican:

:two: Si "ENCUENTRA" Infecciones siga estos pasos

  • Aparecerá la siguiente pantalla, seguir dicho proceso que aparece en la pantalla: (IMPORTANTE: Se debe de marcar la opción que pone: "Guardar Registro de Análisis" y guardar dicho registro generado en el "ESCRITORIO"). ya que se debe de mandar dicho Informe Generado a este foro.

  • Aparecerá la siguiente pantalla, seguir los pasos indicados:

  • Este paso es muy IMPORTANTE ya que se debe de seguir al pie de la letra SIN SALTARSE NINGÚN PASO, tal y como se indica en esta pantalla:

  • Finalmente se generará un Informe, pues bien, guárdelo en el ESCRITORIO, y siga estos pasos:

Url descarga: "Manual de Uso": "Kaspersky Removal Tool": y sigue los pasos por el orden establecido: Manual de Kaspersky Virus Removal Tool

Url descarga: "Manual de Uso": "TDSSKILLER": https://forospyware.com/t/manual-de-tdsskiller/5059

"Manual de Uso": "RogueKiller":

  1. Abrir el programa: RogueKiller AntiMalware" con “Derechos de Administrador” (IMPORTANTE: Si te pide que hay una nueva versión del programa y que debe de actualizar dicho programa “ACTUALIZA”. Si “NO” te pide actualizar dicho programa “NO” actualizamos dicho programa. Si te pide que active la versión de prueba o completa “ACTÍVELA” si “NO” te pide que active la versión de prueba o completa “NO” lo active).
  2. Saldrá la ventana principal del programa.
  3. En la parte izquierda click donde pone: “Análisis” y click en la opción que pone: "Personalizar"

image

  1. Nos aparecerá la siguiente pantalla, clikear en “TODAS LAS OPCIONES” (HABILITARLAS TODAS) tal y como se refleja en la siguiente imagen y click en la pestaña que pone “Iniciar” :

image

  1. Comentará el Análisis en busca de infecciones. Esperar a que se complete el Análisis.
  2. Una vez terminado el Análisis click en donde pone:
  • "Eliminar" o “Cuarentena” o algo similar para que se puedan eliminar las amenazas que haya detectado.
  • Realizado dicho paso, abrir de nuevo el programa, en la parte izquierda, tal y como se refleja en la siguiente imagen, click en la pestaña que pone pone: “Historial” click en la opción que pone: “Informe” .

image

  • En donde pone: “Fecha” seleccionar el informe correspondiente, click en la pestaña que pone: “Abrir”

Saldrá la siguiente pantalla, click en la opción que pone “General”, click en la pestaña que pone: “Abrir” y click en donde pone: “Archivo de Texto”. Aparecerá un Block de Notas, guardar dicho Block de Notas en el Escritorio y mandarme mándame dicho informe.

image

Una vez finalizado dicho Análisis por completo mándeme “TODO” el Informe generado por el programa.

IMPORTANTE:

Cuando terminen de pasarse por completo los respectivos programas mándeme TODOS los "INFORMES" que se hayan generado.

1 me gusta

Buenas noches.

Si estoy haciéndolo, solo que toma su tiempo cada uno.

1 me gusta
12/18/2021 23:39:09 p. m.
Archivos explorados: 518378
Archivos detectados: 4
Archivos desinfectados: 4
Tiempo total de exploración 01:56:09
Estado de la exploración: Finalizado
C:\Users\USER\AppData\Roaming\Honeygain\hgwin.dll	una variante de Win32/Honeygain.A aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\USER\AppData\Roaming\Honeygain\Honeygain.exe	una variante de MSIL/Honeygain.A aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\USER\Downloads\2020.rar	Win32/HackTool.WinActivator.AL aplicación potencialmente no segura,Win32/HackKMS.BK aplicación potencialmente no segura	eliminado

C:\Users\USER\Downloads\Honeygain_install.exe	Win32/Honeygain.A aplicación potencialmente no deseada	desinfectado por eliminación
18:09:52 CmlLineScanner cannot load dll:C:\Users\USER\AppData\Local\ESET\ESETOnlineScanner\esets_apiW No se puede encontrar el módulo especificado.

18:09:53 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.3.0
# EOSSerial=
# end=init
# country="Puerto Rico"
# lang=20490
18:10:00 CmlLineScanner cannot load dll:C:\Users\USER\AppData\Local\ESET\ESETOnlineScanner\esets_apiW No se puede encontrar el módulo especificado.

18:10:02 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.3.0
# EOSSerial=f8eca70976913348ae9569d02021ec35
# end=init
# country="Puerto Rico"
# lang=13322
18:14:09 Updating
18:14:09 Update Init
18:14:11 Update Download
18:15:20 esets_scanner_reload returned 0
18:15:20 g_uiModuleBuild: 51879
18:15:20 Update Finalize
18:15:20 Call m_esets_charon_send
18:15:20 Call m_esets_charon_destroy
18:15:21 Updated modules version: 51879
18:15:31 Call m_esets_charon_setup_create
18:15:31 Call m_esets_charon_create
18:15:31 m_esets_charon_create OK
18:15:31 Call m_esets_charon_start_send_thread
18:15:31 Call m_esets_charon_setup_set
18:15:31 m_esets_charon_setup_set OK
18:15:31 Scanner engine: 51879
23:44:59 Call m_esets_charon_send
23:44:59 Call m_esets_charon_destroy
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_ihcjicgdanjaechkgeegckofjjedodee_0.indexeddb.leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extension Scripts\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_ihcjicgdanjaechkgeegckofjjedodee_0.indexeddb.leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ekhagklcjbdpajgpjgmbionohlpdbjgc\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ihcjicgdanjaechkgeegckofjjedodee\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihcjicgdanjaechkgeegckofjjedodee\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\data_reduction_proxy_leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\Extension Scripts\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\Extension State\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\GCM Store\Encryption\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\Local Storage\leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\Platform Notifications\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\shared_proto_db\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\shared_proto_db\metadata\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\Site Characteristics Database\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile\Sync Data\LevelDB\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\data_reduction_proxy_leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\Extension Scripts\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\Extension State\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\GCM Store\Encryption\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\Local Storage\leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\Platform Notifications\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\shared_proto_db\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\shared_proto_db\metadata\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\Site Characteristics Database\LOCK
Processing error C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile\Sync Data\LevelDB\LOCK
Processing error C:\Users\USER\AppData\Local\Steam\htmlcache\Local Storage\leveldb\LOCK
Processing error C:\Users\USER\AppData\Local\Steam\htmlcache\LOCK
Processing error C:\Users\USER\AppData\Local\Steam\htmlcache\Session Storage\LOCK
02:03:29.0570 0x2738  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
02:03:29.0574 0x2738  UEFI system
02:03:44.0276 0x2738  ============================================================
02:03:44.0276 0x2738  Current date / time: 2021/12/19 02:03:44.0276
02:03:44.0288 0x2738  SystemInfo:
02:03:44.0288 0x2738  
02:03:44.0288 0x2738  OS Version: 10.0.19042 ServicePack: 0.0
02:03:44.0288 0x2738  Product type: Workstation
02:03:44.0288 0x2738  ComputerName: DESKTOP-G4ALVPB
02:03:44.0288 0x2738  UserName: USER
02:03:44.0288 0x2738  Windows directory: C:\WINDOWS
02:03:44.0289 0x2738  System windows directory: C:\WINDOWS
02:03:44.0289 0x2738  Running under WOW64
02:03:44.0289 0x2738  Processor architecture: Intel x64
02:03:44.0289 0x2738  Number of processors: 8
02:03:44.0289 0x2738  Page size: 0x1000
02:03:44.0289 0x2738  Boot type: Normal boot
02:03:44.0289 0x2738  CodeIntegrityOptions = 0x00000001
02:03:44.0289 0x2738  ============================================================
02:03:44.0659 0x2738  KLMD registered as C:\WINDOWS\system32\drivers\38250204.sys
02:03:44.0660 0x2738  KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19042.0, osProperties = 0x1D
02:03:44.0943 0x2738  System UUID: {3C023B50-01CA-BF62-C271-EEFC57E30D57}
02:03:45.0504 0x2738  !crdlk
02:03:45.0511 0x2738  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
02:03:45.0524 0x2738  ============================================================
02:03:45.0524 0x2738  \Device\Harddisk0\DR0:
02:03:45.0524 0x2738  GPT partitions:
02:03:45.0546 0x2738  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {EC3D8CC4-6E27-454F-86DF-8C952E9EFDEC}, Name: , StartLBA 0x22, BlocksNum 0x40000
02:03:45.0546 0x2738  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C29CD088-8D9D-468E-8926-90096FB73A88}, Name: , StartLBA 0x40800, BlocksNum 0x108800
02:03:45.0547 0x2738  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {33E0F9F7-C695-42F4-BEBA-F3F33EC7C349}, Name: , StartLBA 0x149000, BlocksNum 0x32000
02:03:45.0547 0x2738  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {413B19B5-FC05-4FCF-9E73-5A74D5E4F007}, Name: , StartLBA 0x17B000, BlocksNum 0x1E704800
02:03:45.0548 0x2738  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E2F48CF7-8A05-45BB-B374-CF2FCC6E88CA}, Name: , StartLBA 0x1E87F800, BlocksNum 0x55E87000
02:03:45.0548 0x2738  MBR partitions:
02:03:45.0548 0x2738  ============================================================
02:03:45.0565 0x2738  C: <-> \Device\Harddisk0\DR0\Partition4
02:03:45.0597 0x2738  D: <-> \Device\Harddisk0\DR0\Partition5
02:03:45.0597 0x2738  ============================================================
02:03:45.0597 0x2738  Initialize success
02:03:45.0597 0x2738  ============================================================
02:05:38.0761 0x31ac  ============================================================
02:05:38.0761 0x31ac  Scan started
02:05:38.0761 0x31ac  Mode: Manual; 
02:05:38.0761 0x31ac  ============================================================
02:05:38.0761 0x31ac  KSN ping started
02:05:39.0283 0x31ac  KSN ping finished: true
02:05:47.0617 0x31ac  ================ Scan BIOS =================================
02:05:47.0617 0x31ac  BIOS info: vendor = Hewlett-Packard, version = L01 v02.70, releaseDate = 10/04/2016
02:05:47.0617 0x31ac  Base board info: manufacturer = Hewlett-Packard, product = 18E7, version = 
02:05:50.0316 0x31ac  [ AA1BDC24A7471BC667BE2E3BBFA0B0B8, B38121430AC671FC93EBFD488BE7043930C7E5E35A19BD9414754D37AEB0C2C1 ] BIOS
02:05:50.0316 0x31ac  BIOS - ok
02:05:50.0321 0x31ac  ================ Scan system memory ========================
02:05:50.0321 0x31ac  System memory - ok
02:05:50.0321 0x31ac  ================ Scan services =============================
02:05:50.0476 0x31ac  1394ohci - ok
02:05:50.0477 0x31ac  3ware - ok
02:05:50.0492 0x31ac  AarSvc - ok
02:05:50.0532 0x31ac  ACPI - ok
02:05:50.0542 0x31ac  AcpiDev - ok
02:05:50.0547 0x31ac  acpiex - ok
02:05:50.0557 0x31ac  acpipagr - ok
02:05:50.0592 0x31ac  [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
02:05:50.0592 0x31ac  AcpiPmi - ok
02:05:50.0601 0x31ac  acpitime - ok
02:05:50.0606 0x31ac  Acx01000 - ok
02:05:50.0687 0x31ac  [ AD1F754E82CEDCC88FFD491571DEB6E6, 5C1AC9CE1380313A807D7B47E2FFA694658DB437E28C6AF1FA80EB7C2A3A1746 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:05:50.0692 0x31ac  AdobeARMservice - ok
02:05:50.0697 0x31ac  ADP80XX - ok
02:05:50.0772 0x31ac  [ 3635D8AA69298A646866C78D364C22BF, 1A9B1ED237E45FCBB81F89CBEE64B5024607DB666DF87095422428C79929C641 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
02:05:50.0772 0x31ac  AERTFilters - ok
02:05:50.0793 0x31ac  AFD - ok
02:05:50.0804 0x31ac  afunix - ok
02:05:50.0809 0x31ac  ahcache - ok
02:05:50.0827 0x31ac  [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
02:05:50.0857 0x31ac  AJRouter - ok
02:05:50.0862 0x31ac  ALG - ok
02:05:50.0867 0x31ac  amdgpio2 - ok
02:05:50.0867 0x31ac  amdi2c - ok
02:05:50.0872 0x31ac  AmdK8 - ok
02:05:50.0877 0x31ac  AmdPPM - ok
02:05:50.0882 0x31ac  amdsata - ok
02:05:50.0882 0x31ac  amdsbs - ok
02:05:50.0887 0x31ac  amdxata - ok
02:05:50.0892 0x31ac  AppID - ok
02:05:50.0902 0x31ac  AppIDSvc - ok
02:05:50.0902 0x31ac  Appinfo - ok
02:05:50.0912 0x31ac  applockerfltr - ok
02:05:50.0917 0x31ac  AppMgmt - ok
02:05:50.0927 0x31ac  AppReadiness - ok
02:05:50.0947 0x31ac  AppVClient - ok
02:05:50.0947 0x31ac  AppvStrm - ok
02:05:50.0967 0x31ac  AppvVemgr - ok
02:05:50.0969 0x31ac  AppvVfs - ok
02:05:50.0984 0x31ac  AppXSvc - ok
02:05:50.0984 0x31ac  arcsas - ok
02:05:51.0010 0x31ac  AssignedAccessManagerSvc - ok
02:05:51.0015 0x31ac  AsyncMac - ok
02:05:51.0032 0x31ac  atapi - ok
02:05:51.0047 0x31ac  AudioEndpointBuilder - ok
02:05:51.0062 0x31ac  Audiosrv - ok
02:05:51.0082 0x31ac  autotimesvc - ok
02:05:51.0092 0x31ac  AxInstSV - ok
02:05:51.0097 0x31ac  b06bdrv - ok
02:05:51.0122 0x31ac  [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam             C:\WINDOWS\system32\drivers\bam.sys
02:05:51.0147 0x31ac  bam - ok
02:05:51.0187 0x31ac  BasicDisplay - ok
02:05:51.0192 0x31ac  BasicRender - ok
02:05:51.0207 0x31ac  BcastDVRUserService - ok
02:05:51.0254 0x31ac  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
02:05:51.0254 0x31ac  bcmfn2 - ok
02:05:51.0272 0x31ac  BDESVC - ok
02:05:51.0287 0x31ac  [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
02:05:51.0292 0x31ac  Beep - ok
02:05:51.0307 0x31ac  BFE - ok
02:05:51.0307 0x31ac  bindflt - ok
02:05:51.0312 0x31ac  BITS - ok
02:05:51.0327 0x31ac  BluetoothUserService - ok
02:05:51.0362 0x31ac  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
02:05:51.0367 0x31ac  Bonjour Service - ok
02:05:51.0387 0x31ac  bowser - ok
02:05:51.0407 0x31ac  BrokerInfrastructure - ok
02:05:51.0422 0x31ac  BTAGService - ok
02:05:51.0462 0x31ac  [ 7F09708B8C651A0C0E2A2725136BA254, 0442A18BBED4E323265C66561C8F8C171D8E934E9089C12B94D1DFDBB057B737 ] BthA2dp         C:\WINDOWS\System32\drivers\BthA2dp.sys
02:05:51.0467 0x31ac  BthA2dp - ok
02:05:51.0487 0x31ac  BthAvctpSvc - ok
02:05:51.0492 0x31ac  BthEnum - ok
02:05:51.0512 0x31ac  [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
02:05:51.0517 0x31ac  BthHFEnum - ok
02:05:51.0542 0x31ac  BthLEEnum - ok
02:05:51.0542 0x31ac  BthMini - ok
02:05:51.0562 0x31ac  [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
02:05:51.0567 0x31ac  BTHMODEM - ok
02:05:51.0582 0x31ac  BTHPORT - ok
02:05:51.0612 0x31ac  [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv         C:\WINDOWS\system32\bthserv.dll
02:05:51.0742 0x31ac  bthserv - ok
02:05:51.0757 0x31ac  BTHUSB - ok
02:05:51.0764 0x31ac  bttflt - ok
02:05:51.0769 0x31ac  buttonconverter - ok
02:05:51.0789 0x31ac  [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
02:05:51.0789 0x31ac  CAD - ok
02:05:51.0804 0x31ac  camsvc - ok
02:05:51.0814 0x31ac  CaptureService - ok
02:05:51.0832 0x31ac  cbdhsvc - ok
02:05:51.0859 0x31ac  cdfs - ok
02:05:51.0869 0x31ac  CDPSvc - ok
02:05:51.0874 0x31ac  CDPUserSvc - ok
02:05:51.0883 0x31ac  cdrom - ok
02:05:51.0892 0x31ac  CertPropSvc - ok
02:05:51.0897 0x31ac  cht4iscsi - ok
02:05:51.0897 0x31ac  cht4vbd - ok
02:05:51.0897 0x31ac  CimFS - ok
02:05:51.0914 0x31ac  [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
02:05:51.0917 0x31ac  circlass - ok
02:05:51.0930 0x31ac  CldFlt - ok
02:05:51.0940 0x31ac  CLFS - ok
02:05:51.0950 0x31ac  ClipSVC - ok
02:05:51.0972 0x31ac  cloudidsvc - ok
02:05:51.0977 0x31ac  CmBatt - ok
02:05:51.0989 0x31ac  CNG - ok
02:05:52.0037 0x31ac  [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
02:05:52.0037 0x31ac  cnghwassist - ok
02:05:52.0077 0x31ac  [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
02:05:52.0082 0x31ac  CompositeBus - ok
02:05:52.0092 0x31ac  COMSysApp - ok
02:05:52.0112 0x31ac  condrv - ok
02:05:52.0127 0x31ac  ConsentUxUserSvc - ok
02:05:52.0167 0x31ac  CoreMessagingRegistrar - ok
02:05:52.0256 0x31ac  [ 898BDD69C9583123A1C99D3075F715C5, 65C9CE22FC3257FC2D8740A2391464F4FAC19FAAB8205BF39F246D9CBF249C42 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
02:05:52.0282 0x31ac  cphs - ok
02:05:52.0297 0x31ac  CredentialEnrollmentManagerUserSvc - ok
02:05:52.0302 0x31ac  CredentialEnrollmentManagerUserSvc_5c62c - ok
02:05:52.0322 0x31ac  CryptSvc - ok
02:05:52.0331 0x31ac  CSC - ok
02:05:52.0347 0x31ac  CscService - ok
02:05:52.0349 0x31ac  dam - ok
02:05:52.0369 0x31ac  DcomLaunch - ok
02:05:52.0374 0x31ac  defragsvc - ok
02:05:52.0405 0x31ac  DeviceAssociationBrokerSvc - ok
02:05:52.0437 0x31ac  DeviceAssociationService - ok
02:05:52.0447 0x31ac  DeviceInstall - ok
02:05:52.0462 0x31ac  DevicePickerUserSvc - ok
02:05:52.0477 0x31ac  DevicesFlowUserSvc - ok
02:05:52.0497 0x31ac  [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
02:05:52.0560 0x31ac  DevQueryBroker - ok
02:05:52.0562 0x31ac  Dfsc - ok
02:05:52.0591 0x31ac  [ 4B7375F07C9B7E520AB042CE9EC0F9ED, CF0E22F829D04707D75B5E15D6284D99FD0E2D33F3A5C0390C89670CBD4495A6 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus2.sys
02:05:52.0674 0x31ac  dg_ssudbus - ok
02:05:52.0679 0x31ac  Dhcp - ok
02:05:52.0722 0x31ac  diagnosticshub.standardcollector.service - ok
02:05:52.0752 0x31ac  diagsvc - ok
02:05:52.0786 0x31ac  DiagTrack - ok
02:05:52.0812 0x31ac  DialogBlockingService - ok
02:05:52.0817 0x31ac  disk - ok
02:05:52.0822 0x31ac  DispBrokerDesktopSvc - ok
02:05:52.0827 0x31ac  DisplayEnhancementService - ok
02:05:52.0872 0x31ac  DmEnrollmentSvc - ok
02:05:52.0881 0x31ac  dmvsc - ok
02:05:52.0906 0x31ac  [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
02:05:52.0950 0x31ac  dmwappushservice - ok
02:05:52.0990 0x31ac  Dnscache - ok
02:05:53.0010 0x31ac  dot3svc - ok
02:05:53.0030 0x31ac  [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS             C:\WINDOWS\system32\dps.dll
02:05:53.0040 0x31ac  DPS - ok
02:05:53.0045 0x31ac  drmkaud - ok
02:05:53.0055 0x31ac  DsmSvc - ok
02:05:53.0060 0x31ac  DsSvc - ok
02:05:53.0080 0x31ac  [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
02:05:53.0117 0x31ac  DusmSvc - ok
02:05:53.0141 0x31ac  DXGKrnl - ok
02:05:53.0162 0x31ac  [ 52BAE4A73F9F7927B557F4FA2ED91F29, 489DBDA6B083BA8315C9BEF3488E01D859981B267D8167537578D3B49B90AB96 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
02:05:53.0172 0x31ac  e1dexpress - ok
02:05:53.0217 0x31ac  [ EC473A7AD03C7DE06505B1A9F9185C4C, D1BB3D554F8C1D004E5153BF927D2051587F3273265FCE595D918F8A7EA504BA ] eamonm          C:\WINDOWS\system32\DRIVERS\eamonm.sys
02:05:53.0217 0x31ac  eamonm - ok
02:05:53.0234 0x31ac  Eaphost - ok
02:05:53.0240 0x31ac  ebdrv - ok
02:05:53.0272 0x31ac  [ 45A4485A2FE33070B58B4D2DFD420C2A, 772C77BE06EE0B609969E1974819FC11C3B2CBF3399A96DA8671B7A25324F1FD ] edevmon         C:\WINDOWS\system32\DRIVERS\edevmon.sys
02:05:53.0272 0x31ac  edevmon - ok
02:05:53.0349 0x31ac  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdate      C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
02:05:53.0351 0x31ac  edgeupdate - ok
02:05:53.0356 0x31ac  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdatem     C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
02:05:53.0366 0x31ac  edgeupdatem - ok
02:05:53.0401 0x31ac  [ 3026ABB1E11D5192144478C404E5A7FB, D3AFB69D7C5200BBBBC16A45E2E89C42DA8A262316AA88DB9AE62FCA24D50668 ] eelam           C:\WINDOWS\system32\DRIVERS\eelam.sys
02:05:53.0406 0x31ac  eelam - ok
02:05:53.0421 0x31ac  EFS - ok
02:05:53.0456 0x31ac  [ CEFBF0B9AA63CA3628DD07C2C79E4D98, C160EEE41EEB382874B42308788BA74E1397B17F65FF048924E7378817967D95 ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
02:05:53.0461 0x31ac  ehdrv - ok
02:05:53.0481 0x31ac  EhStorClass - ok
02:05:53.0491 0x31ac  EhStorTcgDrv - ok
02:05:53.0692 0x31ac  [ BC094DAD16B4B6290CAD21A6CEF93407, 6491F51577776353CD4D6E536E611F8006C5B08C70B55B86E3BE052758C74F2F ] ekrn            C:\Program Files\ESET\ESET Security\ekrn.exe
02:05:53.0797 0x31ac  ekrn - ok
02:05:53.0847 0x31ac  [ BC094DAD16B4B6290CAD21A6CEF93407, 6491F51577776353CD4D6E536E611F8006C5B08C70B55B86E3BE052758C74F2F ] ekrnEpfw        C:\Program Files\ESET\ESET Security\ekrn.exe
02:05:53.0877 0x31ac  ekrnEpfw - ok
02:05:53.0897 0x31ac  embeddedmode - ok
02:05:53.0902 0x31ac  EntAppSvc - ok
02:05:53.0925 0x31ac  [ 38133DA46696380A6628F9E570FAD5A8, CC0F94D3873C1FB13278445DE42370CBAF0F5BA0AFCC3F8F9410256B90C9E3FE ] epfwwfp         C:\WINDOWS\system32\DRIVERS\epfwwfp.sys
02:05:53.0925 0x31ac  epfwwfp - ok
02:05:53.0930 0x31ac  ErrDev - ok
02:05:53.0977 0x31ac  [ 35228E19C2AA466B0F6DAE9DBC90A886, 29F5C14685C3D240CC777BDE532DB6AF0C5EBC48A18B3CAE56CFF7F3ECDB1312 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
02:05:53.0985 0x31ac  ESProtectionDriver - ok
02:05:54.0000 0x31ac  EventLog - ok
02:05:54.0022 0x31ac  EventSystem - ok
02:05:54.0037 0x31ac  exfat - ok
02:05:54.0054 0x31ac  fastfat - ok
02:05:54.0064 0x31ac  Fax - ok
02:05:54.0064 0x31ac  fdc - ok
02:05:54.0081 0x31ac  [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
02:05:54.0137 0x31ac  fdPHost - ok
02:05:54.0157 0x31ac  [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
02:05:54.0162 0x31ac  FDResPub - ok
02:05:54.0186 0x31ac  fhsvc - ok
02:05:54.0217 0x31ac  [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
02:05:54.0217 0x31ac  FileCrypt - ok
02:05:54.0222 0x31ac  FileInfo - ok
02:05:54.0222 0x31ac  Filetrace - ok
02:05:54.0227 0x31ac  flpydisk - ok
02:05:54.0242 0x31ac  FltMgr - ok
02:05:54.0262 0x31ac  FontCache - ok
02:05:54.0302 0x31ac  [ EAA7668BCC0086D5DCA96CD8CCB5EF23, 78590F24DC4584529E1AF81887D316C71E8D930EA6DC7234E35E489253C72D02 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
02:05:54.0362 0x31ac  FrameServer - ok
02:05:54.0372 0x31ac  FsDepends - ok
02:05:54.0377 0x31ac  Fs_Rec - ok
02:05:54.0382 0x31ac  fvevol - ok
02:05:54.0415 0x31ac  [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
02:05:54.0486 0x31ac  gencounter - ok
02:05:54.0532 0x31ac  genericusbfn - ok
02:05:54.0667 0x31ac  [ 87F6F0181589F69B2F8EA50EF176B643, 9ACAC7AE3BBB68D232079197BEF5BEDEEA7A6DB2AFDE3AA644266C15CB352104 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe
02:05:54.0717 0x31ac  GoogleChromeElevationService - ok
02:05:54.0752 0x31ac  GPIOClx0101 - ok
02:05:54.0762 0x31ac  gpsvc - ok
02:05:54.0772 0x31ac  [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
02:05:54.0772 0x31ac  GpuEnergyDrv - ok
02:05:54.0797 0x31ac  GraphicsPerfSvc - ok
02:05:54.0827 0x31ac  [ 79B804E8A81BFD9C6A3749B4F3EE86E2, BFBDD26604FC653E01976EF23C92CF7ADB59F9E80F47350F1A72B7876BBED60A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:05:54.0837 0x31ac  gupdate - ok
02:05:54.0862 0x31ac  [ 79B804E8A81BFD9C6A3749B4F3EE86E2, BFBDD26604FC653E01976EF23C92CF7ADB59F9E80F47350F1A72B7876BBED60A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:05:54.0862 0x31ac  gupdatem - ok
02:05:54.0872 0x31ac  HdAudAddService - ok
02:05:54.0891 0x31ac  HDAudBus - ok
02:05:54.0896 0x31ac  HidBatt - ok
02:05:54.0896 0x31ac  HidBth - ok
02:05:54.0901 0x31ac  hidi2c - ok
02:05:54.0906 0x31ac  hidinterrupt - ok
02:05:54.0937 0x31ac  [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
02:05:54.0937 0x31ac  HidIr - ok
02:05:54.0957 0x31ac  hidserv - ok
02:05:54.0962 0x31ac  hidspi - ok
02:05:54.0962 0x31ac  HidUsb - ok
02:05:54.0967 0x31ac  HpSAMD - ok
02:05:54.0974 0x31ac  HTTP - ok
02:05:54.0996 0x31ac  [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
02:05:55.0001 0x31ac  hvcrash - ok
02:05:55.0027 0x31ac  [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
02:05:55.0051 0x31ac  HvHost - ok
02:05:55.0071 0x31ac  [ 9E21E784F824365AAA77582917BCFBF1, 0B1E3BAB79D028770DC776B3FA37DA4B62BB3353C4CF8409A46F1AEA237D87C1 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
02:05:55.0071 0x31ac  hvservice - ok
02:05:55.0097 0x31ac  [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
02:05:55.0097 0x31ac  HwNClx0101 - ok
02:05:55.0117 0x31ac  hwpolicy - ok
02:05:55.0122 0x31ac  hyperkbd - ok
02:05:55.0132 0x31ac  HyperVideo - ok
02:05:55.0143 0x31ac  i8042prt - ok
02:05:55.0147 0x31ac  iagpio - ok
02:05:55.0147 0x31ac  iai2c - ok
02:05:55.0152 0x31ac  iaLPSS2i_GPIO2 - ok
02:05:55.0170 0x31ac  iaLPSS2i_GPIO2_BXT_P - ok
02:05:55.0170 0x31ac  iaLPSS2i_GPIO2_CNL - ok
02:05:55.0175 0x31ac  iaLPSS2i_GPIO2_GLK - ok
02:05:55.0180 0x31ac  iaLPSS2i_I2C - ok
02:05:55.0185 0x31ac  iaLPSS2i_I2C_BXT_P - ok
02:05:55.0185 0x31ac  iaLPSS2i_I2C_CNL - ok
02:05:55.0190 0x31ac  iaLPSS2i_I2C_GLK - ok
02:05:55.0195 0x31ac  iaLPSSi_GPIO - ok
02:05:55.0195 0x31ac  iaLPSSi_I2C - ok
02:05:55.0200 0x31ac  iaStorAVC - ok
02:05:55.0205 0x31ac  iaStorV - ok
02:05:55.0205 0x31ac  ibbus - ok
02:05:55.0221 0x31ac  icssvc - ok
02:05:55.0357 0x31ac  [ 333CD0E6A4DD97E531786AA40969F8CB, DC53AF9E77809308F3548A306EECB9C14A5743FA107EDACC0017A2B0F04BECF9 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
02:05:55.0522 0x31ac  igfx - ok
02:05:55.0537 0x31ac  [ 10BB7AD2544EAC38C9F1C7AFE44B2982, 9ACAA5CF33FCA5B48735E141E762543B7CB5AE2ADAC1199A7BF572C9C616F473 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
02:05:55.0547 0x31ac  igfxCUIService2.0.0.0 - ok
02:05:55.0566 0x31ac  IKEEXT - ok
02:05:55.0567 0x31ac  IndirectKmd - ok
02:05:55.0583 0x31ac  InstallService - ok
02:05:55.0604 0x31ac  [ 87E738E189EB31E2EB07F609C930D068, A19927C8C56F27D7BBD2D7A3A1700EF3C34D63E18D5505DA08D7E8BEDF2CB912 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
02:05:55.0609 0x31ac  intaud_WaveExtensible - ok
02:05:55.0725 0x31ac  [ D244FBEC7E700F94F284CEBA73E9A2D4, CF5C04F11ACA71EEBC8C3CF9EC32D0B30C7DAE44B89D88AC026AE9498B416A6F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
02:05:55.0832 0x31ac  IntcAzAudAddService - ok
02:05:55.0887 0x31ac  [ EAE20DB9DC1366B9A1C558C58229AD65, 966D79304A766DD38EAB1B7B71DDE0ECB23323C07F29C8CBB21EA94654F75DF1 ] IntcDAud        C:\WINDOWS\System32\drivers\IntcDAud.sys
02:05:55.0897 0x31ac  IntcDAud - ok
02:05:55.0922 0x31ac  intelide - ok
02:05:55.0936 0x31ac  intelpep - ok
02:05:55.0963 0x31ac  [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax       C:\WINDOWS\System32\drivers\intelpmax.sys
02:05:55.0963 0x31ac  intelpmax - ok
02:05:55.0974 0x31ac  intelppm - ok
02:05:55.0982 0x31ac  iorate - ok
02:05:55.0987 0x31ac  IpFilterDriver - ok
02:05:56.0004 0x31ac  iphlpsvc - ok
02:05:56.0007 0x31ac  IPMIDRV - ok
02:05:56.0027 0x31ac  [ F63572DF4295C78B3F7036AEDA878176, B71EB3CC4EC95BC9A3FA217736C6C36C756935714D7E16E34C05D913B829CB9C ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
02:05:56.0032 0x31ac  IPNAT - ok
02:05:56.0044 0x31ac  [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
02:05:56.0044 0x31ac  IPT - ok
02:05:56.0074 0x31ac  [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
02:05:56.0079 0x31ac  IpxlatCfgSvc - ok
02:05:56.0092 0x31ac  isapnp - ok
02:05:56.0107 0x31ac  iScsiPrt - ok
02:05:56.0112 0x31ac  ItSas35i - ok
02:05:56.0127 0x31ac  [ 56D480702478880805F4E74F2BA02382, D1292175BBC38D105E298F7E62C7E113DB540C1878892F1D4E1E2602DECDCAA0 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
02:05:56.0131 0x31ac  iwdbus - ok
02:05:56.0141 0x31ac  kbdclass - ok
02:05:56.0151 0x31ac  kbdhid - ok
02:05:56.0167 0x31ac  kbldfltr - ok
02:05:56.0175 0x31ac  kdnic - ok
02:05:56.0200 0x31ac  KeyIso - ok
02:05:56.0205 0x31ac  KSecDD - ok
02:05:56.0220 0x31ac  KSecPkg - ok
02:05:56.0225 0x31ac  ksthunk - ok
02:05:56.0247 0x31ac  [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
02:05:56.0407 0x31ac  KtmRm - ok
02:05:56.0416 0x31ac  LanmanServer - ok
02:05:56.0437 0x31ac  LanmanWorkstation - ok
02:05:56.0467 0x31ac  [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
02:05:56.0477 0x31ac  lfsvc - ok
02:05:56.0496 0x31ac  LicenseManager - ok
02:05:56.0522 0x31ac  [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
02:05:56.0522 0x31ac  lltdio - ok
02:05:56.0542 0x31ac  lltdsvc - ok
02:05:56.0553 0x31ac  lmhosts - ok
02:05:56.0557 0x31ac  LSI_SAS - ok
02:05:56.0562 0x31ac  LSI_SAS2i - ok
02:05:56.0567 0x31ac  LSI_SAS3i - ok
02:05:56.0567 0x31ac  LSI_SSS - ok
02:05:56.0584 0x31ac  LSM - ok
02:05:56.0587 0x31ac  luafv - ok
02:05:56.0592 0x31ac  LxpSvc - ok
02:05:56.0612 0x31ac  [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker      C:\WINDOWS\System32\moshost.dll
02:05:56.0622 0x31ac  MapsBroker - ok
02:05:56.0627 0x31ac  mausbhost - ok
02:05:56.0632 0x31ac  mausbip - ok
02:05:56.0672 0x31ac  [ 84EDF9813CCB01242F732DBD6CEAFB7A, A40DB0A06ACAC78CAA3E0C569A5663089CCCA1725AE963E493C83967FD356DEE ] MBAMChameleon   C:\WINDOWS\System32\Drivers\MbamChameleon.sys
02:05:56.0677 0x31ac  MBAMChameleon - ok
02:05:56.0712 0x31ac  [ BF46AFE0CC03D9A5883E74438170B841, 43309A4DBCF15F09AB3066E96C498785C4F41DBCA8467B0385FCA467AE370980 ] MbamElam        C:\WINDOWS\system32\DRIVERS\MbamElam.sys
02:05:56.0712 0x31ac  MbamElam - ok
02:05:56.0744 0x31ac  [ 9CA9591A9E143ADFC7FBFE68F3253040, AC947859D18FD078A950438369FC27EE05AF6AB175625EC31EA456427F96256C ] MBAMFarflt      C:\WINDOWS\system32\DRIVERS\farflt.sys
02:05:56.0744 0x31ac  MBAMFarflt - ok
02:05:56.0770 0x31ac  [ 0E9EAF09974E7FE6EF14A0B13E3E6CB6, 627D613313190101474A8EF607E99A3D43FCFDB4FCD7462D70EC5E44F20A67B0 ] MBAMProtection  C:\WINDOWS\system32\DRIVERS\mbam.sys
02:05:56.0772 0x31ac  MBAMProtection - ok
02:05:57.0017 0x31ac  [ 92B16C970C547095D8378D5F0F5069D0, 6487967112232A05937B40A0FAD5BFFFBFAE9B6A8B0551E70EEEEA445CE2BB3F ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
02:05:57.0157 0x31ac  MBAMService - ok
02:05:57.0175 0x31ac  [ 0B17A8F4956ABD5FA1A0851B59FF960E, 1B62082ACA96EF78A61AFDB33EF77260292C5D08E5E35B56F7F8F0A3A837ED9B ] MBAMSwissArmy   C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
02:05:57.0180 0x31ac  MBAMSwissArmy - ok
02:05:57.0202 0x31ac  [ 3F4C33FD3F5FE093C1640134DA9AA273, A604DA96C6E0709C084F364DE198EDA139116CDDA7777E69AC5FFDAD293428D0 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
02:05:57.0207 0x31ac  MBAMWebProtection - ok
02:05:57.0217 0x31ac  MbbCx - ok
02:05:57.0222 0x31ac  megasas - ok
02:05:57.0222 0x31ac  megasas2i - ok
02:05:57.0227 0x31ac  megasas35i - ok
02:05:57.0232 0x31ac  megasr - ok
02:05:57.0252 0x31ac  [ F1E754DEEB3369BCCE2228D5C10DE101, ECC894FCF4C3F2364883BA55242C432E9E416D93E71B67985DF24ECB39F9BAC4 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
02:05:57.0257 0x31ac  MEIx64 - ok
02:05:57.0261 0x31ac  MessagingService - ok
02:05:57.0352 0x31ac  MicrosoftEdgeElevationService - ok
02:05:57.0387 0x31ac  [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
02:05:57.0395 0x31ac  Microsoft_Bluetooth_AvrcpTransport - ok
02:05:57.0415 0x31ac  MixedRealityOpenXRSvc - ok
02:05:57.0432 0x31ac  mlx4_bus - ok
02:05:57.0442 0x31ac  MMCSS - ok
02:05:57.0457 0x31ac  Modem - ok
02:05:57.0472 0x31ac  monitor - ok
02:05:57.0477 0x31ac  mouclass - ok
02:05:57.0482 0x31ac  mouhid - ok
02:05:57.0487 0x31ac  mountmgr - ok
02:05:57.0492 0x31ac  mpsdrv - ok
02:05:57.0527 0x31ac  mpssvc - ok
02:05:57.0539 0x31ac  MRxDAV - ok
02:05:57.0557 0x31ac  mrxsmb - ok
02:05:57.0557 0x31ac  mrxsmb20 - ok
02:05:57.0577 0x31ac  [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
02:05:57.0582 0x31ac  MsBridge - ok
02:05:57.0602 0x31ac  [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
02:05:57.0622 0x31ac  MSDTC - ok
02:05:57.0632 0x31ac  Msfs - ok
02:05:57.0677 0x31ac  [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
02:05:57.0679 0x31ac  msgpiowin32 - ok
02:05:57.0684 0x31ac  mshidkmdf - ok
02:05:57.0707 0x31ac  [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
02:05:57.0712 0x31ac  mshidumdf - ok
02:05:57.0722 0x31ac  msisadrv - ok
02:05:57.0740 0x31ac  MSiSCSI - ok
02:05:57.0745 0x31ac  msiserver - ok
02:05:57.0765 0x31ac  MsKeyboardFilter - ok
02:05:57.0775 0x31ac  MSKSSRV - ok
02:05:57.0797 0x31ac  [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
02:05:57.0802 0x31ac  MsLldp - ok
02:05:57.0806 0x31ac  MSPCLOCK - ok
02:05:57.0811 0x31ac  MSPQM - ok
02:05:57.0822 0x31ac  MsQuic - ok
02:05:57.0826 0x31ac  MsRPC - ok
02:05:57.0837 0x31ac  MsSecFlt - ok
02:05:57.0841 0x31ac  mssmbios - ok
02:05:57.0841 0x31ac  MSTEE - ok
02:05:57.0846 0x31ac  MTConfig - ok
02:05:57.0846 0x31ac  Mup - ok
02:05:57.0852 0x31ac  mvumis - ok
02:05:57.0857 0x31ac  NativeWifiP - ok
02:05:57.0857 0x31ac  NaturalAuthentication - ok
02:05:57.0884 0x31ac  [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
02:05:57.0906 0x31ac  NcaSvc - ok
02:05:57.0921 0x31ac  NcbService - ok
02:05:57.0931 0x31ac  [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
02:05:57.0936 0x31ac  NcdAutoSetup - ok
02:05:57.0941 0x31ac  ndfltr - ok
02:05:57.0946 0x31ac  NDIS - ok
02:05:57.0972 0x31ac  [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
02:05:57.0977 0x31ac  NdisCap - ok
02:05:57.0977 0x31ac  NdisImPlatform - ok
02:05:58.0000 0x31ac  NdisTapi - ok
02:05:58.0000 0x31ac  Ndisuio - ok
02:05:58.0005 0x31ac  NdisVirtualBus - ok
02:05:58.0015 0x31ac  NdisWan - ok
02:05:58.0020 0x31ac  ndiswanlegacy - ok
02:05:58.0030 0x31ac  [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing         C:\WINDOWS\system32\drivers\NDKPing.sys
02:05:58.0035 0x31ac  NDKPing - ok
02:05:58.0040 0x31ac  ndproxy - ok
02:05:58.0053 0x31ac  [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
02:05:58.0057 0x31ac  Ndu - ok
02:05:58.0072 0x31ac  NetAdapterCx - ok
02:05:58.0072 0x31ac  NetBIOS - ok
02:05:58.0077 0x31ac  NetBT - ok
02:05:58.0082 0x31ac  Netlogon - ok
02:05:58.0087 0x31ac  Netman - ok
02:05:58.0102 0x31ac  netprofm - ok
02:05:58.0107 0x31ac  NetSetupSvc - ok
02:05:58.0207 0x31ac  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:05:58.0209 0x31ac  NetTcpPortSharing - ok
02:05:58.0221 0x31ac  netvsc - ok
02:05:58.0237 0x31ac  NgcCtnrSvc - ok
02:05:58.0237 0x31ac  NgcSvc - ok
02:05:58.0253 0x31ac  NlaSvc - ok
02:05:58.0253 0x31ac  Npfs - ok
02:05:58.0260 0x31ac  npsvctrig - ok
02:05:58.0260 0x31ac  nsi - ok
02:05:58.0265 0x31ac  nsiproxy - ok
02:05:58.0270 0x31ac  Ntfs - ok
02:05:58.0275 0x31ac  Null - ok
02:05:58.0280 0x31ac  nvdimm - ok
02:05:58.0280 0x31ac  nvraid - ok
02:05:58.0285 0x31ac  nvstor - ok
02:05:58.0295 0x31ac  OneSyncSvc - ok
02:05:58.0341 0x31ac  [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:05:58.0346 0x31ac  ose - ok
02:05:58.0364 0x31ac  p2pimsvc - ok
02:05:58.0384 0x31ac  [ DA97CD5815EC123BC88382C08D465B9E, 46F5EA2E3D590FB10E14BC811612B6EF87C805B359A652D2C6BFE4840D5D6AA2 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
02:05:58.0453 0x31ac  p2psvc - ok
02:05:58.0462 0x31ac  Parport - ok
02:05:58.0472 0x31ac  partmgr - ok
02:05:58.0501 0x31ac  PcaSvc - ok
02:05:58.0516 0x31ac  pci - ok
02:05:58.0530 0x31ac  pciide - ok
02:05:58.0567 0x31ac  pcmcia - ok
02:05:58.0572 0x31ac  pcw - ok
02:05:58.0607 0x31ac  pdc - ok
02:05:58.0620 0x31ac  PEAUTH - ok
02:05:58.0653 0x31ac  PeerDistSvc - ok
02:05:58.0682 0x31ac  perceptionsimulation - ok
02:05:58.0687 0x31ac  percsas2i - ok
02:05:58.0692 0x31ac  percsas3i - ok
02:05:58.0766 0x31ac  [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
02:05:58.0782 0x31ac  PerfHost - ok
02:05:58.0821 0x31ac  PhoneSvc - ok
02:05:58.0831 0x31ac  PimIndexMaintenanceSvc - ok
02:05:58.0846 0x31ac  PktMon - ok
02:05:58.0890 0x31ac  [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla             C:\WINDOWS\system32\pla.dll
02:05:58.0945 0x31ac  pla - ok
02:05:58.0962 0x31ac  PlugPlay - ok
02:05:58.0967 0x31ac  pmem - ok
02:05:58.0982 0x31ac  [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
02:05:58.0982 0x31ac  PNPMEM - ok
02:05:58.0992 0x31ac  [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
02:05:58.0997 0x31ac  PNRPAutoReg - ok
02:05:59.0002 0x31ac  PNRPsvc - ok
02:05:59.0021 0x31ac  PolicyAgent - ok
02:05:59.0021 0x31ac  portcfg - ok
02:05:59.0031 0x31ac  Power - ok
02:05:59.0037 0x31ac  PptpMiniport - ok
02:05:59.0142 0x31ac  [ 127682EFCBC718AE83C591CF12EDBE9E, EDA3BBCA39385ECFC53D6726E2E0311F86033F2E29BB2744A92339947D2498BD ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
02:05:59.0232 0x31ac  PrintNotify - ok
02:05:59.0237 0x31ac  PrintWorkflowUserSvc - ok
02:05:59.0256 0x31ac  Processor - ok
02:05:59.0274 0x31ac  ProfSvc - ok
02:05:59.0277 0x31ac  Psched - ok
02:05:59.0290 0x31ac  PushToInstall - ok
02:05:59.0313 0x31ac  [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE           C:\WINDOWS\system32\qwave.dll
02:05:59.0332 0x31ac  QWAVE - ok
02:05:59.0361 0x31ac  [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
02:05:59.0361 0x31ac  QWAVEdrv - ok
02:05:59.0366 0x31ac  Ramdisk - ok
02:05:59.0371 0x31ac  RasAcd - ok
02:05:59.0381 0x31ac  RasAgileVpn - ok
02:05:59.0386 0x31ac  RasAuto - ok
02:05:59.0391 0x31ac  Rasl2tp - ok
02:05:59.0401 0x31ac  RasMan - ok
02:05:59.0401 0x31ac  RasPppoe - ok
02:05:59.0406 0x31ac  RasSstp - ok
02:05:59.0411 0x31ac  rdbss - ok
02:05:59.0437 0x31ac  [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
02:05:59.0437 0x31ac  rdpbus - ok
02:05:59.0457 0x31ac  RDPDR - ok
02:05:59.0472 0x31ac  RdpVideoMiniport - ok
02:05:59.0492 0x31ac  [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
02:05:59.0497 0x31ac  rdyboost - ok
02:05:59.0520 0x31ac  ReFS - ok
02:05:59.0536 0x31ac  ReFSv1 - ok
02:05:59.0557 0x31ac  RemoteAccess - ok
02:05:59.0569 0x31ac  [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
02:05:59.0616 0x31ac  RemoteRegistry - ok
02:05:59.0626 0x31ac  RetailDemo - ok
02:05:59.0652 0x31ac  [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
02:05:59.0657 0x31ac  RFCOMM - ok
02:05:59.0689 0x31ac  [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
02:05:59.0691 0x31ac  rhproxy - ok
02:05:59.0696 0x31ac  RmSvc - ok
02:05:59.0706 0x31ac  RpcEptMapper - ok
02:05:59.0736 0x31ac  [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
02:05:59.0737 0x31ac  RpcLocator - ok
02:05:59.0752 0x31ac  RpcSs - ok
02:05:59.0787 0x31ac  [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
02:05:59.0787 0x31ac  rspndr - ok
02:05:59.0872 0x31ac  [ FD4D8A0A6B96B8E8FCB8C5A311F76287, 2E69C1D37536B71DD3BF4F587A58B580F7BB9DEA00FE980DF30C3AEBB6DCE5D2 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
02:05:59.0882 0x31ac  RtkAudioService - ok
02:05:59.0937 0x31ac  [ 37B0328266FECDC5EF35AEB3976BE93A, 3A49F7FA64CC5354B6891813281E583198F4DCA9683A814801AF1FB3124CAF9E ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
02:05:59.0987 0x31ac  RTSUER - ok
02:06:00.0002 0x31ac  [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
02:06:00.0007 0x31ac  s3cap - ok
02:06:00.0032 0x31ac  SamSs - ok
02:06:00.0047 0x31ac  sbp2port - ok
02:06:00.0052 0x31ac  SCardSvr - ok
02:06:00.0057 0x31ac  ScDeviceEnum - ok
02:06:00.0062 0x31ac  scfilter - ok
02:06:00.0082 0x31ac  Schedule - ok
02:06:00.0087 0x31ac  scmbus - ok
02:06:00.0092 0x31ac  SCPolicySvc - ok
02:06:00.0097 0x31ac  sdbus - ok
02:06:00.0111 0x31ac  [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
02:06:00.0111 0x31ac  SDFRd - ok
02:06:00.0121 0x31ac  SDRSVC - ok
02:06:00.0126 0x31ac  sdstor - ok
02:06:00.0146 0x31ac  [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon        C:\WINDOWS\system32\seclogon.dll
02:06:00.0179 0x31ac  seclogon - ok
02:06:00.0194 0x31ac  SecurityHealthService - ok
02:06:00.0204 0x31ac  SEMgrSvc - ok
02:06:00.0225 0x31ac  [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS            C:\WINDOWS\System32\sens.dll
02:06:00.0230 0x31ac  SENS - ok
02:06:00.0262 0x31ac  Sense - ok
02:06:00.0267 0x31ac  SensorDataService - ok
02:06:00.0287 0x31ac  SensorService - ok
02:06:00.0307 0x31ac  [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
02:06:00.0317 0x31ac  SensrSvc - ok
02:06:00.0317 0x31ac  SerCx - ok
02:06:00.0325 0x31ac  SerCx2 - ok
02:06:00.0330 0x31ac  Serenum - ok
02:06:00.0330 0x31ac  Serial - ok
02:06:00.0335 0x31ac  sermouse - ok
02:06:00.0340 0x31ac  SessionEnv - ok
02:06:00.0345 0x31ac  sfloppy - ok
02:06:00.0372 0x31ac  [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
02:06:00.0377 0x31ac  SgrmAgent - ok
02:06:00.0377 0x31ac  SgrmBroker - ok
02:06:00.0387 0x31ac  SharedAccess - ok
02:06:00.0437 0x31ac  SharedRealitySvc - ok
02:06:00.0472 0x31ac  [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
02:06:00.0527 0x31ac  ShellHWDetection - ok
02:06:00.0532 0x31ac  shpamsvc - ok
02:06:00.0537 0x31ac  SiSRaid2 - ok
02:06:00.0546 0x31ac  SiSRaid4 - ok
02:06:00.0546 0x31ac  SmartSAMD - ok
02:06:00.0567 0x31ac  [ FF75E3F42E77904238AED44E4E03BAEF, 535013A9E3324198E1016963EBF306F3D34583F7031EE753EC6095B15E2D492C ] smbdirect       C:\WINDOWS\system32\DRIVERS\smbdirect.sys
02:06:00.0567 0x31ac  smbdirect - ok
02:06:00.0590 0x31ac  smphost - ok
02:06:00.0605 0x31ac  SmsRouter - ok
02:06:00.0625 0x31ac  [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
02:06:00.0655 0x31ac  SNMPTRAP - ok
02:06:00.0677 0x31ac  [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser     C:\WINDOWS\system32\drivers\spaceparser.sys
02:06:00.0682 0x31ac  spaceparser - ok
02:06:00.0707 0x31ac  spaceport - ok
02:06:00.0737 0x31ac  [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
02:06:00.0742 0x31ac  SpatialGraphFilter - ok
02:06:00.0752 0x31ac  SpbCx - ok
02:06:00.0762 0x31ac  spectrum - ok
02:06:00.0773 0x31ac  Spooler - ok
02:06:00.0773 0x31ac  sppsvc - ok
02:06:00.0789 0x31ac  srv2 - ok
02:06:00.0803 0x31ac  srvnet - ok
02:06:00.0817 0x31ac  SSDPSRV - ok
02:06:00.0851 0x31ac  ssh-agent - ok
02:06:00.0863 0x31ac  SstpSvc - ok
02:06:00.0889 0x31ac  [ DB1FA4DDD8641E5631969744695DA856, 7D0B4E051C0644C50A079C407ADAC029858FF5E151F420F8A8B44CE1D2B64BB8 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
02:06:00.0889 0x31ac  ssudmdm - ok
02:06:00.0909 0x31ac  StateRepository - ok
02:06:01.0046 0x31ac  [ 4EAAE0BE59462ABEC74649F0FABFA7A9, DDE81D5926A57001B3D98FF83D1F4B9B08ECFD2EB0F46569BC8927385E65909D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:06:01.0097 0x31ac  Steam Client Service - ok
02:06:01.0126 0x31ac  stexstor - ok
02:06:01.0163 0x31ac  stisvc - ok
02:06:01.0163 0x31ac  storahci - ok
02:06:01.0182 0x31ac  storflt - ok
02:06:01.0202 0x31ac  stornvme - ok
02:06:01.0202 0x31ac  storqosflt - ok
02:06:01.0217 0x31ac  StorSvc - ok
02:06:01.0227 0x31ac  storufs - ok
02:06:01.0232 0x31ac  storvsc - ok
02:06:01.0237 0x31ac  svsvc - ok
02:06:01.0277 0x31ac  swenum - ok
02:06:01.0282 0x31ac  swprv - ok
02:06:01.0314 0x31ac  Synth3dVsc - ok
02:06:01.0339 0x31ac  SysMain - ok
02:06:01.0363 0x31ac  SystemEventsBroker - ok
02:06:01.0382 0x31ac  TabletInputService - ok
02:06:01.0382 0x31ac  TapiSrv - ok
02:06:01.0387 0x31ac  Tcpip - ok
02:06:01.0392 0x31ac  Tcpip6 - ok
02:06:01.0447 0x31ac  [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
02:06:01.0447 0x31ac  tcpipreg - ok
02:06:01.0452 0x31ac  tdx - ok
02:06:01.0472 0x31ac  Telemetry - ok
02:06:01.0497 0x31ac  [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
02:06:01.0497 0x31ac  terminpt - ok
02:06:01.0502 0x31ac  TermService - ok
02:06:01.0532 0x31ac  [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes          C:\WINDOWS\system32\themeservice.dll
02:06:01.0552 0x31ac  Themes - ok
02:06:01.0557 0x31ac  TieringEngineService - ok
02:06:01.0557 0x31ac  TimeBrokerSvc - ok
02:06:01.0572 0x31ac  TokenBroker - ok
02:06:01.0577 0x31ac  TPM - ok
02:06:01.0605 0x31ac  [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
02:06:01.0615 0x31ac  TrkWks - ok
02:06:01.0634 0x31ac  TroubleshootingSvc - ok
02:06:01.0697 0x31ac  TrustedInstaller - ok
02:06:01.0727 0x31ac  [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
02:06:01.0727 0x31ac  TsUsbFlt - ok
02:06:01.0747 0x31ac  TsUsbGD - ok
02:06:01.0757 0x31ac  tsusbhub - ok
02:06:01.0771 0x31ac  [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
02:06:01.0776 0x31ac  tunnel - ok
02:06:01.0804 0x31ac  tzautoupdate - ok
02:06:01.0857 0x31ac  UASPStor - ok
02:06:01.0885 0x31ac  UcmCx0101 - ok
02:06:01.0937 0x31ac  [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
02:06:01.0963 0x31ac  UcmTcpciCx0101 - ok
02:06:02.0012 0x31ac  [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
02:06:02.0032 0x31ac  UcmUcsiAcpiClient - ok
02:06:02.0064 0x31ac  UcmUcsiCx0101 - ok
02:06:02.0095 0x31ac  Ucx01000 - ok
02:06:02.0117 0x31ac  UdeCx - ok
02:06:02.0127 0x31ac  udfs - ok
02:06:02.0164 0x31ac  UdkUserSvc - ok
02:06:02.0220 0x31ac  UEFI - ok
02:06:02.0235 0x31ac  UevAgentDriver - ok
02:06:02.0240 0x31ac  UevAgentService - ok
02:06:02.0240 0x31ac  Ufx01000 - ok
02:06:02.0255 0x31ac  UfxChipidea - ok
02:06:02.0267 0x31ac  ufxsynopsys - ok
02:06:02.0406 0x31ac  [ 3CE7ADECE2CDAD638CFC04A685D132D3, CFC126A7F129D8D24511B500411FDDB07D0608F5DE838424CDF6C35AEBAF7ABE ] uhssvc          C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
02:06:02.0416 0x31ac  uhssvc - ok
02:06:02.0421 0x31ac  umbus - ok
02:06:02.0426 0x31ac  UmPass - ok
02:06:02.0442 0x31ac  UmRdpService - ok
02:06:02.0447 0x31ac  UnistoreSvc - ok
02:06:02.0472 0x31ac  upnphost - ok
02:06:02.0487 0x31ac  [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea     C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
02:06:02.0487 0x31ac  UrsChipidea - ok
02:06:02.0517 0x31ac  [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
02:06:02.0517 0x31ac  UrsCx01000 - ok
02:06:02.0552 0x31ac  [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys     C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
02:06:02.0552 0x31ac  UrsSynopsys - ok
02:06:02.0557 0x31ac  usbaudio - ok
02:06:02.0595 0x31ac  [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2       C:\WINDOWS\System32\drivers\usbaudio2.sys
02:06:02.0601 0x31ac  usbaudio2 - ok
02:06:02.0606 0x31ac  usbccgp - ok
02:06:02.0637 0x31ac  [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
02:06:02.0640 0x31ac  usbcir - ok
02:06:02.0641 0x31ac  usbehci - ok
02:06:02.0646 0x31ac  usbhub - ok
02:06:02.0651 0x31ac  USBHUB3 - ok
02:06:02.0661 0x31ac  usbohci - ok
02:06:02.0697 0x31ac  usbprint - ok
02:06:02.0697 0x31ac  usbser - ok
02:06:02.0707 0x31ac  USBSTOR - ok
02:06:02.0707 0x31ac  usbuhci - ok
02:06:02.0722 0x31ac  usbvideo - ok
02:06:02.0727 0x31ac  USBXHCI - ok
02:06:02.0732 0x31ac  UserDataSvc - ok
02:06:02.0767 0x31ac  UserManager - ok
02:06:02.0795 0x31ac  UsoSvc - ok
02:06:02.0813 0x31ac  VacSvc - ok
02:06:02.0822 0x31ac  VaultSvc - ok
02:06:02.0827 0x31ac  vdrvroot - ok
02:06:02.0855 0x31ac  vds - ok
02:06:02.0860 0x31ac  VerifierExt - ok
02:06:02.0867 0x31ac  vhdmp - ok
02:06:02.0872 0x31ac  vhf - ok
02:06:02.0885 0x31ac  Vid - ok
02:06:02.0915 0x31ac  [ 129165F67CCBB25BE6BE8AE2F0C15DDA, 1A1E57CB0DD7CA08D96BBB1B6CE667E3273702C13A7ECF86839B7642EF8255E0 ] ViGEmBus        C:\WINDOWS\System32\drivers\ViGEmBus.sys
02:06:02.0915 0x31ac  ViGEmBus - ok
02:06:02.0950 0x31ac  [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender   C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
02:06:02.0950 0x31ac  VirtualRender - ok
02:06:02.0974 0x31ac  vmbus - ok
02:06:02.0977 0x31ac  VMBusHID - ok
02:06:03.0000 0x31ac  [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
02:06:03.0000 0x31ac  vmgid - ok
02:06:03.0023 0x31ac  vmicguestinterface - ok
02:06:03.0027 0x31ac  vmicheartbeat - ok
02:06:03.0032 0x31ac  vmickvpexchange - ok
02:06:03.0057 0x31ac  vmicrdv - ok
02:06:03.0057 0x31ac  vmicshutdown - ok
02:06:03.0065 0x31ac  vmictimesync - ok
02:06:03.0067 0x31ac  vmicvmsession - ok
02:06:03.0072 0x31ac  vmicvss - ok
02:06:03.0077 0x31ac  volmgr - ok
02:06:03.0086 0x31ac  volmgrx - ok
02:06:03.0096 0x31ac  volsnap - ok
02:06:03.0101 0x31ac  volume - ok
02:06:03.0116 0x31ac  [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci            C:\WINDOWS\system32\drivers\vpci.sys
02:06:03.0117 0x31ac  vpci - ok
02:06:03.0127 0x31ac  vsmraid - ok
02:06:03.0157 0x31ac  VSS - ok
02:06:03.0167 0x31ac  VSTXRAID - ok
02:06:03.0182 0x31ac  vwifibus - ok
02:06:03.0187 0x31ac  vwififlt - ok
02:06:03.0187 0x31ac  W32Time - ok
02:06:03.0195 0x31ac  WaaSMedicSvc - ok
02:06:03.0200 0x31ac  WacomPen - ok
02:06:03.0220 0x31ac  WalletService - ok
02:06:03.0230 0x31ac  wanarp - ok
02:06:03.0235 0x31ac  wanarpv6 - ok
02:06:03.0267 0x31ac  [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
02:06:03.0322 0x31ac  WarpJITSvc - ok
02:06:03.0347 0x31ac  wbengine - ok
02:06:03.0372 0x31ac  WbioSrvc - ok
02:06:03.0377 0x31ac  wcifs - ok
02:06:03.0397 0x31ac  Wcmsvc - ok
02:06:03.0402 0x31ac  wcncsvc - ok
02:06:03.0412 0x31ac  wcnfs - ok
02:06:03.0437 0x31ac  WdBoot - ok
02:06:03.0457 0x31ac  Wdf01000 - ok
02:06:03.0462 0x31ac  WdFilter - ok
02:06:03.0487 0x31ac  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
02:06:03.0497 0x31ac  WdiServiceHost - ok
02:06:03.0505 0x31ac  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
02:06:03.0515 0x31ac  WdiSystemHost - ok
02:06:03.0520 0x31ac  wdiwifi - ok
02:06:03.0551 0x31ac  [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
02:06:03.0551 0x31ac  WdmCompanionFilter - ok
02:06:03.0556 0x31ac  WdNisDrv - ok
02:06:03.0614 0x31ac  WdNisSvc - ok
02:06:03.0629 0x31ac  WebClient - ok
02:06:03.0634 0x31ac  Wecsvc - ok
02:06:03.0659 0x31ac  [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
02:06:03.0677 0x31ac  WEPHOSTSVC - ok
02:06:03.0707 0x31ac  wercplsupport - ok
02:06:03.0740 0x31ac  WerSvc - ok
02:06:03.0757 0x31ac  WFDSConMgrSvc - ok
02:06:03.0773 0x31ac  WFPLWFS - ok
02:06:03.0787 0x31ac  WiaRpc - ok
02:06:03.0811 0x31ac  WIMMount - ok
02:06:03.0816 0x31ac  WinDefend - ok
02:06:03.0853 0x31ac  [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
02:06:03.0857 0x31ac  WindowsTrustedRT - ok
02:06:03.0882 0x31ac  [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
02:06:03.0882 0x31ac  WindowsTrustedRTProxy - ok
02:06:03.0892 0x31ac  WinHttpAutoProxySvc - ok
02:06:03.0912 0x31ac  WinMad - ok
02:06:03.0937 0x31ac  Winmgmt - ok
02:06:03.0942 0x31ac  WinNat - ok
02:06:03.0947 0x31ac  WinRM - ok
02:06:03.0987 0x31ac  [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
02:06:03.0997 0x31ac  WINUSB - ok
02:06:04.0012 0x31ac  WinVerbs - ok
02:06:04.0037 0x31ac  wisvc - ok
02:06:04.0042 0x31ac  WlanSvc - ok
02:06:04.0087 0x31ac  wlidsvc - ok
02:06:04.0100 0x31ac  wlpasvc - ok
02:06:04.0115 0x31ac  WManSvc - ok
02:06:04.0120 0x31ac  WmiAcpi - ok
02:06:04.0144 0x31ac  wmiApSrv - ok
02:06:04.0197 0x31ac  WMPNetworkSvc - ok
02:06:04.0214 0x31ac  Wof - ok
02:06:04.0240 0x31ac  workfolderssvc - ok
02:06:04.0255 0x31ac  WpcMonSvc - ok
02:06:04.0270 0x31ac  WPDBusEnum - ok
02:06:04.0287 0x31ac  [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
02:06:04.0302 0x31ac  WpdUpFltr - ok
02:06:04.0322 0x31ac  WpnService - ok
02:06:04.0342 0x31ac  WpnUserService - ok
02:06:04.0362 0x31ac  ws2ifsl - ok
02:06:04.0377 0x31ac  wscsvc - ok
02:06:04.0382 0x31ac  WSearch - ok
02:06:04.0389 0x31ac  wuauserv - ok
02:06:04.0409 0x31ac  [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
02:06:04.0414 0x31ac  WudfPf - ok
02:06:04.0472 0x31ac  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
02:06:04.0487 0x31ac  WUDFRd - ok
02:06:04.0497 0x31ac  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:06:04.0510 0x31ac  WUDFWpdFs - ok
02:06:04.0525 0x31ac  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:06:04.0530 0x31ac  WUDFWpdMtp - ok
02:06:04.0545 0x31ac  WwanSvc - ok
02:06:04.0545 0x31ac  XblAuthManager - ok
02:06:04.0550 0x31ac  XblGameSave - ok
02:06:04.0560 0x31ac  xboxgip - ok
02:06:04.0565 0x31ac  XboxGipSvc - ok
02:06:04.0582 0x31ac  XboxNetApiSvc - ok
02:06:04.0647 0x31ac  [ E031D482CE4EF80CB81B035AF7A0D669, 5A59961E3A3D404377684725BE304F6DC7AF3431147841F06F744633D5D97972 ] xhunter1        C:\Windows\xhunter1.sys
02:06:04.0682 0x31ac  xhunter1 - ok
02:06:04.0697 0x31ac  xinputhid - ok
02:06:04.0717 0x31ac  [ BED094AB47C813697E5920049617F408, 1190B9FD9D1E2BDE9CA11CFC75305A87E9ECC8EAB1B1C48875DE2BD82F23EC67 ] xspirit         C:\Windows\xspirit.sys
02:06:04.0717 0x31ac  xspirit - ok
02:06:04.0747 0x31ac  [ B5D4D7025A556A45837EC49BBBAADF6A, 809859D6C2C88568884C1DE6D8DA28E065700674A68ABC8ECA33EE58D573C3B9 ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
02:06:04.0747 0x31ac  xusb22 - ok
02:06:04.0757 0x31ac  ================ Scan global ===============================
02:06:04.0797 0x31ac  [ Global ] - ok
02:06:04.0797 0x31ac  ================ Scan MBR ==================================
02:06:04.0832 0x31ac  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
02:06:04.0857 0x31ac  \Device\Harddisk0\DR0 - ok
02:06:04.0862 0x31ac  ================ Scan VBR ==================================
02:06:04.0867 0x31ac  [ 88C9D9DFB01E9824ED86123217A2B298 ] \Device\Harddisk0\DR0\Partition1
02:06:04.0867 0x31ac  \Device\Harddisk0\DR0\Partition1 - ok
02:06:04.0882 0x31ac  [ 2E696BEDCD79837AB080C60EE3CE923A ] \Device\Harddisk0\DR0\Partition2
02:06:04.0887 0x31ac  \Device\Harddisk0\DR0\Partition2 - ok
02:06:04.0897 0x31ac  [ 16A290B7B53C4288D55CF13ECB2C1D89 ] \Device\Harddisk0\DR0\Partition3
02:06:04.0897 0x31ac  \Device\Harddisk0\DR0\Partition3 - ok
02:06:04.0917 0x31ac  [ 73D722AEB3AA1E4A7E29BD3C517BEFB6 ] \Device\Harddisk0\DR0\Partition4
02:06:04.0917 0x31ac  \Device\Harddisk0\DR0\Partition4 - ok
02:06:04.0935 0x31ac  [ D4A8F7CB5D241743652A28661AFF6B2A ] \Device\Harddisk0\DR0\Partition5
02:06:04.0935 0x31ac  \Device\Harddisk0\DR0\Partition5 - ok
02:06:04.0937 0x31ac  ================ Scan generic autorun ======================
02:06:04.0977 0x31ac  [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\WINDOWS\system32\SecurityHealthSystray.exe
02:06:04.0982 0x31ac  SecurityHealth - ok
02:06:05.0099 0x31ac  [ 76BEC0984FBD2BEC624B213D5B10C9AD, 97EB0836D032392E88C520DB0F6814E4934C0D4C730C9E5399FDF704F7E28327 ] C:\Program Files\ESET\ESET Security\ecmdS.exe
02:06:05.0101 0x31ac  egui - ok
02:06:05.0314 0x31ac  [ D1AFCB5F332A3D2E33A8A9523D548C2E, 76E8DCC77B0597250430D3F067017AD9DB80948B5DFFB3020D5A6AAD61159685 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
02:06:05.0502 0x31ac  RTHDVCPL - ok
02:06:05.0547 0x31ac  [ 730E915C4AD707C3AB2FA85B95DD847D, B1B2AF0833E0E0D8A180FC016DF3DB8D9C09B50C2AE18263E0C356DF8B3B93E0 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
02:06:05.0574 0x31ac  RtHDVBg - ok
02:06:05.0615 0x31ac  [ 4C74E057F63570D4559A7916AC3AE3CA, 1700DEA2A98D85CEAC6F2E7F0B10A7FAB08D02DC6A89BAB4CF7F2D1C512053F3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:06:05.0625 0x31ac  SunJavaUpdateSched - ok
02:06:05.0716 0x31ac  OneDriveSetup - ok
02:06:05.0762 0x31ac  [ 251E51E2FEDCE8BB82763D39D631EF89, 2682086ACE1970D5573F971669591B731F87D749406927BD7A7A4B58C3C662E9 ] C:\Program Files (x86)\Windows Mail\wab.exe
02:06:05.0767 0x31ac  WAB Migrate - ok
02:06:05.0767 0x31ac  OneDriveSetup - ok
02:06:05.0797 0x31ac  [ 251E51E2FEDCE8BB82763D39D631EF89, 2682086ACE1970D5573F971669591B731F87D749406927BD7A7A4B58C3C662E9 ] C:\Program Files (x86)\Windows Mail\wab.exe
02:06:05.0802 0x31ac  WAB Migrate - ok
02:06:05.0907 0x31ac  OneDrive - ok
02:06:06.0019 0x31ac  [ 35C4D928BE190C842807667DB21EF985, FFC0541718F663955E4865C924BD4500197A8DD2D6E18C14495848C4DC96ECAA ] C:\Program Files (x86)\Steam\steam.exe
02:06:06.0122 0x31ac  Steam - ok
02:06:06.0182 0x31ac  [ 13E3F1E318224A1593F8783086ACA044, 9B2DE7E18319BC24FFADAC02E1A1ADC82571BE94B4C63B075435868F232E2724 ] C:\Users\USER\AppData\Local\Discord\Update.exe
02:06:06.0242 0x31ac  Discord - ok
02:06:06.0322 0x31ac  [ CAAB15630A285117523D04A6A287AEB8, 97147B218B4FBC15538A34BBFB0607E8D996522D3E9B168043959470C3834385 ] C:\Program Files (x86)\Battle.net\Battle.net.exe
02:06:06.0347 0x31ac  Battle.net - ok
02:06:06.0407 0x31ac  EpicGamesLauncher - ok
02:06:06.0416 0x31ac  Waiting for KSN requests completion. In queue: 128
02:06:07.0502 0x31ac  AV detected via SS2: ESET Security, C:\Program Files\ESET\ESET Security\ecmds.exe ( 15.0.21.0 ), 0x40000 ( disabled : updated )
02:06:07.0502 0x31ac  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x60100 ( disabled : updated )
02:06:07.0502 0x31ac  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.207 ), 0x61000 ( enabled : updated )
02:06:07.0507 0x31ac  AV detected via SS2: ESET Security, C:\Program Files\ESET\ESET Security\ecmds.exe ( 15.0.21.0 ), 0x40000 ( disabled : updated )
02:06:07.0516 0x31ac  Win FW state via NFP2: enabled ( trusted )
02:06:08.0122 0x31ac  ============================================================
02:06:08.0122 0x31ac  Scan finished
02:06:08.0122 0x31ac  ============================================================
02:06:08.0147 0x2ad8  Detected object count: 0
02:06:08.0147 0x2ad8  Actual detected object count: 0
1 me gusta
Program            : RogueKiller Anti-Malware
Version            : 15.1.5.0
x64                : Yes
Program Date       : Dec 15 2021
Location           : C:\Users\USER\Downloads\RogueKiller_portable64.exe
Premium            : Yes
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19042) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : User
User is Admin      : Yes
Date               : 2021/12/19 08:32:01
Type               : Scan
Aborted            : No
Scan Mode          : Custom
Duration           : 4407
Found items        : 10
Total scanned      : 580027
Signatures Version : 20211216_132143
Truesight Driver   : Yes
Updates Count      : 4

************************* Warnings *************************
(17:57791) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1348.1.7, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1348.1.7
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 17
  [+] int2    : 57791

(18:58003) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1415.1.6, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1415.1.6
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 18
  [+] int2    : 58003

(35:0) C:\Windows\servicing\LCU, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 35
  [+] int2    : 0

(36:4) C:\Windows\servicing, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 36
  [+] int2    : 4

(48:30) C:\Windows, LONG_FOLDER_SCAN
  [+] path    : C:\Windows
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 48
  [+] int2    : 30


************************* Updates *************************
VLC media player (64-bit), version 3.0.6
  [+] Available Version        : 3.0.16
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\VideoLAN\VLC

WinRAR 5.61 (64-bit) (64-bit), version 5.61.0
  [+] Available Version        : 6.02
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\WinRAR\

Discord (64-bit), version 0.0.309
  [+] Available Version        : 1.0.9003
  [+] Size                     : 64.6 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\USER\AppData\Local\Discord

Zoom (64-bit), version 5.7.7 (1105)
  [+] Available Version        : 5.8.7
  [+] Size                     : 9.76 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\USER\AppData\Roaming\Zoom\bin


************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************
>>>>>> O87 - Firewall
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2A0828D8-A8B8-4941-98AD-0F35E572C78D}C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe|Name=among us.exe|Desc=among us.exe|Defer=User| (missing) -> Encontrado
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FEF4EE02-6CC8-4BCA-8385-BA61D2C542C9}C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe|Name=among us.exe|Desc=among us.exe|Defer=User| (missing) -> Encontrado
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4CECD110-DE74-48CF-83BC-B92C966A0B23}C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe|Name=among us.exe|Desc=among us.exe|Defer=User| (missing) -> Encontrado
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{52E49AB1-A25A-4455-960F-80FCAF26D7C1}C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe|Name=among us.exe|Desc=among us.exe|Defer=User| (missing) -> Encontrado
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{485D67DC-2A2A-4DBE-9221-513E742D01FF}C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe|Name=among us.exe|Desc=among us.exe| -> Encontrado
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{981BC0B2-36A8-4DE4-AA29-F32DAC2FF54A}C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe|Name=among us.exe|Desc=among us.exe| -> Encontrado
├── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5FCCCC92-BB44-4253-9EB4-BF46F5CC4625}C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe|Name=chrome.exe|Desc=chrome.exe| -> Encontrado
└── [Suspicious.Path (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1ECEDD55-4585-4F49-8734-DD4F0D7EC713}C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe|Name=chrome.exe|Desc=chrome.exe| -> Encontrado

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************
[PUP.OnlineIO (Potencialmente Malicioso)] (folder) AdvinstAnalytics -- C:\Users\USER\AppData\Local\AdvinstAnalytics -> Encontrado
[PUP.OnlineIO (Potencialmente Malicioso)] (folder) AdvinstAnalytics -- C:\Users\USER\AppData\Local\AdvinstAnalytics -> Encontrado

************************* Web Browsers *************************

************************* Antirootkit *************************
Program            : RogueKiller Anti-Malware
Version            : 15.1.5.0
x64                : Yes
Program Date       : Dec 15 2021
Location           : C:\Users\USER\Downloads\RogueKiller_portable64.exe
Premium            : Yes
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19042) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : User
User is Admin      : Yes
Date               : 2021/12/19 12:55:04
Type               : Removal
Aborted            : No
Scan Mode          : Custom
Duration           : 4407
Found items        : 10
Total scanned      : 580027
Signatures Version : 20211216_132143
Truesight Driver   : Yes
Updates Count      : 4

************************* Warnings *************************
(17:57791) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1348.1.7, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1348.1.7
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 17
  [+] int2    : 57791

(18:58003) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1415.1.6, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1415.1.6
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 18
  [+] int2    : 58003

(35:0) C:\Windows\servicing\LCU, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 35
  [+] int2    : 0

(36:4) C:\Windows\servicing, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 36
  [+] int2    : 4

(48:30) C:\Windows, LONG_FOLDER_SCAN
  [+] path    : C:\Windows
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 48
  [+] int2    : 30


************************* Removal *************************
[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2A0828D8-A8B8-4941-98AD-0F35E572C78D}C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe -- [%localappdata%\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe] -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2A0828D8-A8B8-4941-98AD-0F35E572C78D}C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe
  [+] value           : [%localappdata%\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe]
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FEF4EE02-6CC8-4BCA-8385-BA61D2C542C9}C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe -- [%localappdata%\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe] -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FEF4EE02-6CC8-4BCA-8385-BA61D2C542C9}C:\users\user\appdata\local\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe
  [+] value           : [%localappdata%\temp\rar$exa14036.20835\among.us.v2020.9.9s-jefh\among us.exe]
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 1
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4CECD110-DE74-48CF-83BC-B92C966A0B23}C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe -- [%localappdata%\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe] -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4CECD110-DE74-48CF-83BC-B92C966A0B23}C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe
  [+] value           : [%localappdata%\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe]
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 2
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{52E49AB1-A25A-4455-960F-80FCAF26D7C1}C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe -- [%localappdata%\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe] -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{52E49AB1-A25A-4455-960F-80FCAF26D7C1}C:\users\user\appdata\local\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe
  [+] value           : [%localappdata%\temp\rar$exa14036.8246\among.us.v2020.9.9s-jefh\among us.exe]
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 3
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{485D67DC-2A2A-4DBE-9221-513E742D01FF}C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe --  -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{485D67DC-2A2A-4DBE-9221-513E742D01FF}C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 4
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{981BC0B2-36A8-4DE4-AA29-F32DAC2FF54A}C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe --  -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{981BC0B2-36A8-4DE4-AA29-F32DAC2FF54A}C:\users\user\appdata\local\temp\rar$exa13648.19714\amongus zsg\among us.exe
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 5
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5FCCCC92-BB44-4253-9EB4-BF46F5CC4625}C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe --  -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5FCCCC92-BB44-4253-9EB4-BF46F5CC4625}C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 6
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1ECEDD55-4585-4F49-8734-DD4F0D7EC713}C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe --  -> Borrado
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1ECEDD55-4585-4F49-8734-DD4F0D7EC713}C:\users\user\appdata\local\temp\rar$exa12032.31176\chrome-bin\chrome.exe
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 7
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[PUP.OnlineIO (Potencialmente Malicioso)] AdvinstAnalytics -- %localappdata%\AdvinstAnalytics -> Borrado
  [+] scan_what       : 1
  [+] vendors         : PUP.OnlineIO
  [+] Name            : AdvinstAnalytics
  [+] value           : %localappdata%\AdvinstAnalytics
  [+] Type            : File/Folder
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 8
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[PUP.OnlineIO (Potencialmente Malicioso)] AdvinstAnalytics -- %localappdata%\AdvinstAnalytics -> Eliminado al reiniciar [2]
  [+] scan_what       : 1
  [+] vendors         : PUP.OnlineIO
  [+] Name            : AdvinstAnalytics
  [+] value           : %localappdata%\AdvinstAnalytics
  [+] Type            : File/Folder
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 9
  [+] status          : 5
  [+] status_str      : Eliminado al reiniciar [2]
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1
1 me gusta

Perfecto! Todos los programas han realizado su función! Quiero asegurarme de una cosa, pasale de nuevo el programa: “RogueKiller” siguiendo su “Manual de Uso” como lo ha estado realizando correctamente y me manda de nuevo dicho “Informe” cuando haya finalizado dicho proceso de Análisis Completo.

Si te pide reiniciar el programa para poder eliminar dichas infección “REINICIAS”, si el programa “NO” te pide Reiniciar “NO” reinicie.

1 me gusta
Program            : RogueKiller Anti-Malware
Version            : 15.1.5.0
x64                : Yes
Program Date       : Dec 15 2021
Location           : C:\Users\USER\Downloads\RogueKiller_portable64.exe
Premium            : Yes
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19042) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : User
User is Admin      : Yes
Date               : 2021/12/20 01:57:49
Type               : Scan
Aborted            : No
Scan Mode          : Custom
Duration           : 4185
Found items        : 0
Total scanned      : 580007
Signatures Version : 20211216_132143
Truesight Driver   : Yes
Updates Count      : 4

************************* Warnings *************************
(16:57791) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1348.1.7, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1348.1.7
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 16
  [+] int2    : 57791

(17:58003) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1415.1.6, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1415.1.6
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 17
  [+] int2    : 58003

(33:0) C:\Windows\servicing\LCU, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing\LCU
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 33
  [+] int2    : 0

(34:4) C:\Windows\servicing, LONG_FOLDER_SCAN
  [+] path    : C:\Windows\servicing
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 34
  [+] int2    : 4

(45:30) C:\Windows, LONG_FOLDER_SCAN
  [+] path    : C:\Windows
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 45
  [+] int2    : 30


************************* Updates *************************
VLC media player (64-bit), version 3.0.6
  [+] Available Version        : 3.0.16
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\VideoLAN\VLC

WinRAR 5.61 (64-bit) (64-bit), version 5.61.0
  [+] Available Version        : 6.02
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\WinRAR\

Discord (64-bit), version 0.0.309
  [+] Available Version        : 1.0.9003
  [+] Size                     : 64.6 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\USER\AppData\Local\Discord

Zoom (64-bit), version 5.7.7 (1105)
  [+] Available Version        : 5.8.7
  [+] Size                     : 9.76 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\USER\AppData\Roaming\Zoom\bin


************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************
1 me gusta

He revisado TODOS los Informes generados por todos los programas que se le han ido pasando y puedo casi asegurar que tu ordenador está completamente libre de infecciones.

De todas formas:

Reinicie el ordenador y comente que tal funciona ahora y comente si se le ha solucionado el problema por el cual abrió este TEMA.

Es decir: ¿Cómo funciona tu ordenador respecto al problema inicial planteado por el cual abriste este tema?

A la espera de su respuesta.

2 Me gusta

Buenas tardes, disculpe la demora he estado un poco delicado de salud y ya pude observar que la computadora esta mejor que antes e incluso muchos ventanas pop up que solían salirme al abrir el navegador ya no están e incluso ahora con mayor seguridad me advierten si alguna pagina o contenido de descarga es peligroso para mi, en serio muchas gracias por su tiempo y dedicación al ayudarme con mi problema.

1 me gusta

Gracias a ti por tu paciencia que has tenido en la realización de los procedimientos que se han realizado.

Por mi parte podemos dar el tema por solucionado, para ello, busca en este mismo TEMA la opción que pone: Solución ó Solucionado para poder dar por finalizado el problema por el cual abriste este TEMA.

Para la próxima vez que te ocurra cualquier problema con tu ordenador puedes abrir un nuevo TEMA y estaremos encantados de ayudarle de ayudarlo.

Te indicaré como debes de cerrar el tema.

No olvides de marcar el tema como Solucionado. Para ello miras el enlace que te he pasado y marcas como solución alguna de las respuestas.

Como consejo/apunte final, te invito a que nos sigas en nuestras redes sociales para estar al tanto y prevenida de los nuevos tipos de malwares y de otros temas relacionados que puedan ser de tu interés.

Blog

Twitter

Facebook

Ha sido un placer ayudarte en ayudarte a dar por SOLUCIONADO EL TEMA y en esta parte final de este. Has tenido paciencia y has sido muy fácil de llevar a lo largo del tema. Muchas gracias por confiar en ForoSpyware.