Quien y como modifica los ajustes en Win10

Nina_Tusabe · 9 Marzo, 2021 14:39

Me explico ,Me esta ocurriendo una cosa muy curiosa ,alguien esta moviendo los ajustes de los ajustes de Windows El firewall ,creando servicios a paladas como si no existiera un mañana .creando tareas programadas como loko. Voy a hacer una prueba y voy a “sistema y seguridad” "firewall de Windows “permitir una aplicación o una característica a través de firewall” Esto es lo que me encuentro:

Me armo de paciencia y desactivo todas por séptima vez.

Ahora voy a configuración avanzada del firewall y miro las reglas de entrada

Otra vez me aparecen reglas que yo no he puesto ,pero un montonazo de reglas nuevas .

A borra y a reparar todas otra vez . He reconocer que este fantasma es muy muy listo ,ejemplo: tengo bloqueado el puerto 445 ,para lo cual creo una regla de entrada en el firewall y siempre le digo que bloquee en TODAS las conexiones ,En vez de hacer una para Privada otra para publica y otra para el dominio .

Como he eliminado el permiso de aplicación a través de Firewall ,me ha creado tres reglas de puerto 445 y condición bloqueada, pero si nos fijamos dos son de publica y una de dominio ? .Donde esta el bloqueo para la conexión privada ?

Ni que decir tiene que he mirado antimalware antivirus antiespía y nadie encuentra nada fuera de lo normal , Bueno nadie mas que yo .Por que esto no es normal no ?

Saludos

MIXU · 9 Marzo, 2021 20:34

Hola @Nina_Tusabe

¿Desde cuánto tiempo hace que tienes dichos síntomas?

¿Los relacionas con algún hecho/desencadenante? Tipo: instale tal programa y paso tal cosa, puse tal USB y sucedió esto que dices… descargue este archivo y PAM problemas al canto…

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Nina_Tusabe · 10 Marzo, 2021 09:20

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-02-2021
Ejecutado por begod (administrador) sobre DESKTOP-SKPCUQG (Dell Inc. OptiPlex 755) (10-03-2021 09:56:16)
Ejecutado desde C:\Users\begod\Desktop
Perfiles cargados: begod
Platform: Windows 10 Pro Versión 20H2 19042.631 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Download Master -> WestByte) C:\Program Files (x86)\IDA\ida.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\begod\AppData\Local\Vivaldi\Application\update_notifier.exe
Error al acceder al proceso -> csrss.exe
Error al acceder al proceso -> csrss.exe
Error al acceder al proceso -> csrss.exe
Error al acceder al proceso -> dllhost.exe
Error al acceder al proceso -> dwm.exe
Error al acceder al proceso -> dwm.exe
Error al acceder al proceso -> explorer.exe
Error al acceder al proceso -> fontdrvhost.exe
Error al acceder al proceso -> fontdrvhost.exe
Error al acceder al proceso -> fontdrvhost.exe
Error al acceder al proceso -> LockApp.exe
Error al acceder al proceso -> Microsoft.Photos.exe
Error al acceder al proceso -> OneDrive.exe
Error al acceder al proceso -> PtSessionAgent.exe
Error al acceder al proceso -> RuntimeBroker.exe
Error al acceder al proceso -> RuntimeBroker.exe
Error al acceder al proceso -> RuntimeBroker.exe
Error al acceder al proceso -> RuntimeBroker.exe
Error al acceder al proceso -> RuntimeBroker.exe
Error al acceder al proceso -> RuntimeBroker.exe
Error al acceder al proceso -> SearchApp.exe
Error al acceder al proceso -> SecurityHealthSystray.exe
Error al acceder al proceso -> sihost.exe
Error al acceder al proceso -> SkypeApp.exe
Error al acceder al proceso -> SkypeBackgroundHost.exe
Error al acceder al proceso -> StartMenuExperienceHost.exe
Error al acceder al proceso -> taskhostw.exe
Error al acceder al proceso -> WmiPrvSE.exe
Error al acceder al proceso -> WUDFHost.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213696 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1233328 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKU\S-1-5-21-1517860726-1647753564-1699257484-1002\...\Run: [DRScanner] => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [6402504 2021-01-28] (Trend Micro, Inc. -> Trend Micro Inc.)
HKU\S-1-5-21-1517860726-1647753564-1699257484-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1517860726-1647753564-1699257484-1002\...\RunOnce: [Uninstall 21.016.0124.0003\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\begod\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64"
HKU\S-1-5-21-1517860726-1647753564-1699257484-1002\...\RunOnce: [Uninstall 21.016.0124.0003] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\begod\AppData\Local\Microsoft\OneDrive\21.016.0124.0003"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {2A26D95F-4068-422B-895C-6E21EEA5E6B2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1517860726-1647753564-1699257484-1001 => C:\Users\begod\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {63F36EFF-33A7-4D72-AE48-499C88F45E79} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {724B216B-0567-436C-987D-8ECB8769A135} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B189A8E-AB73-47E1-853A-69742B86A07B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-03-07] (Google LLC -> Google LLC)
Task: {CB82ADD7-70A5-4D1A-8294-E0FA102832D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-03-07] (Google LLC -> Google LLC)
Task: {CF391708-F098-4B4F-ABB7-945B561D5CB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD6C2D28-05A9-4D90-9079-86AB26785115} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1517860726-1647753564-1699257484-500 => C:\Users\begod\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\..\Interfaces\{3090c007-1185-4183-9997-a6ab0946df90}: [NameServer] 84.200.69.80,84.200.70.40
Tcpip\..\Interfaces\{96cf67f8-5ae8-462d-aa9a-d13a13d6cbcc}: [NameServer] 84.200.69.80,84.200.70.40

Edge: 
=======
Edge Profile: C:\Users\begod\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-10]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default [2021-03-10]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxps://www.facebook.com/","hxxps://www.google.es/","hxxps://www.google.com/search?q=google&rlz=1C1CHBD_esES854ES854&oq=g&aqs=chrome.1.69i57j0l5.1478j0j4&sourceid=chrome&ie=UTF-8","hxxps://accounts.google.com/signin/chrome/sync?ssp=1&continue=https%3A%2F%2Fwww.google.com%2F"
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Traductor de Google) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-03-09]
CHR Extension: (Presentaciones) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-08]
CHR Extension: (YouTube) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-03-09]
CHR Extension: (Documentos) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-08]
CHR Extension: (Google Drive) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-08]
CHR Extension: (Image download center) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblbkblbdlbhnidepknpkmnnjfefbhnf [2021-03-09]
CHR Extension: (YouTube) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-08]
CHR Extension: (Spotify - Music for every moment) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2021-03-09]
CHR Extension: (Internet Downloader) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\djanbhnjkgmpfcackklijlijgkcenjjf [2021-03-09]
CHR Extension: (Hojas de cálculo) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-08]
CHR Extension: (Earth in Space) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiihlpikmpijdopbaegjibndhpgjmjfe [2021-03-09]
CHR Extension: (IObit Surfing Protection) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2021-03-09]
CHR Extension: (Grabador de voz) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehegmanppiacmmpiifhjalpkigpcida [2021-03-09]
CHR Extension: (WordPress.com) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2021-03-09]
CHR Extension: (Internet Download Manager) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdlanlaneooailnebnhamiiieebikid [2021-03-09]
CHR Extension: (Conversor de vídeo) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2021-03-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-08]
CHR Extension: (Download All Images) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnffbdeachhbpfapjklmpnmjcgamcdmm [2021-03-09]
CHR Extension: (Trend Micro Toolbar) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2021-03-09]
CHR Extension: (Gmail) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-08]
CHR Extension: (Chrome Media Router) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-08]
CHR Extension: (Cortar audio) - C:\Users\begod\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2021-03-09]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Vivaldi: 
=======
VIV Profile: C:\Users\begod\AppData\Local\Vivaldi\User Data\Default [2021-03-10]
VIV Extension: (Safe Torrent Scanner) - C:\Users\begod\AppData\Local\Vivaldi\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-03-10]
VIV Extension: (Chrome Media Router) - C:\Users\begod\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-10]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [391032 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 AMSPTLM; C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe [250136 2020-12-30] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1141680 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 TmWscSvc; C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe [401448 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
U4 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
R3 e1express; C:\Windows\System32\drivers\e1e6032e.sys [300544 2019-12-07] (Microsoft Windows -> Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
S3 npf; C:\Windows\system32\drivers\npf.sys [36600 2020-08-26] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [74760 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [147672 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39880 2020-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\Windows\system32\DRIVERS\tmeyes.sys [686168 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [562296 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [159848 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [137112 2020-07-29] (Trend Micro, Inc. -> Trend Micro, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 esihdrv; \??\C:\Users\begod\AppData\Local\Temp\esihdrv.sys [X] <==== ATENCIÓN

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-10 09:56 - 2021-03-10 09:57 - 000016331 _____ C:\Users\begod\Desktop\FRST.txt
2021-03-10 09:25 - 2021-03-10 09:25 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-03-10 09:25 - 2021-03-10 09:25 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-03-10 09:25 - 2021-03-10 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-10 09:25 - 2021-03-10 09:25 - 000000000 ____D C:\Program Files\CCleaner
2021-03-10 09:24 - 2021-03-10 09:24 - 030972600 _____ (Piriform Software Ltd) C:\Users\begod\Downloads\ccsetup577.exe
2021-03-10 09:15 - 2021-03-10 09:17 - 000030873 _____ C:\Users\begod\Desktop\Addition1.txt
2021-03-10 09:14 - 2021-03-10 09:17 - 000051449 _____ C:\Users\begod\Desktop\FRST1.txt
2021-03-10 09:13 - 2021-03-10 09:56 - 000000000 ____D C:\FRST
2021-03-10 09:13 - 2021-03-10 09:13 - 002301440 _____ (Farbar) C:\Users\begod\Desktop\FRST64.exe
2021-03-10 08:33 - 2021-03-10 08:33 - 000000000 ____D C:\Users\begod\AppData\Local\TechSmith
2021-03-10 08:23 - 2021-03-10 08:28 - 000004608 _____ C:\Users\begod\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-03-10 08:03 - 2021-03-10 08:03 - 000000000 ____D C:\Users\ama\Documents\PROGRAMAS ESENCIALES
2021-03-10 07:46 - 2021-03-10 07:55 - 000000000 ____D C:\Users\ama\AppData\Local\DiskDrill
2021-03-10 07:46 - 2021-03-10 07:46 - 000000000 ____D C:\Users\ama\AppData\Local\CrashRpt
2021-03-10 07:35 - 2021-03-10 07:41 - 000000128 _____ C:\Users\begod\AppData\Roaming\winscp.rnd
2021-03-10 07:35 - 2021-03-10 07:35 - 000001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2021-03-10 07:35 - 2021-03-10 07:35 - 000000000 ____D C:\Program Files (x86)\WinSCP
2021-03-10 07:34 - 2021-03-10 07:34 - 000000000 ____D C:\Users\begod\Downloads\FTP
2021-03-10 05:14 - 2021-03-10 05:14 - 000067864 _____ C:\Users\begod\AppData\Local\GDIPFONTCACHEV1.DAT
2021-03-10 04:27 - 2021-03-10 09:27 - 000000000 ____D C:\Users\begod\AppData\Roaming\PhotoScape
2021-03-10 04:26 - 2021-03-10 04:27 - 000000000 ____D C:\Program Files (x86)\PhotoScape
2021-03-10 04:26 - 2021-03-10 04:26 - 000001104 _____ C:\Users\begod\Desktop\PhotoScape.lnk
2021-03-10 04:26 - 2021-03-10 04:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2021-03-10 04:23 - 2021-03-10 04:23 - 021025552 _____ (Mooii) C:\Users\begod\Downloads\PhotoScapeSetup_V3.7.exe
2021-03-10 03:51 - 2021-03-10 03:51 - 000000000 ____D C:\Users\begod\AppData\Local\VS Revo Group
2021-03-10 03:51 - 2021-03-10 03:51 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-03-10 03:51 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2021-03-10 03:50 - 2021-03-10 03:50 - 017192407 _____ C:\Users\begod\Downloads\Revo.Uninstaller.Pro.v4.3.8.ES.inc.Crack.rar
2021-03-10 03:50 - 2021-03-10 03:50 - 000485320 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2021-03-10 03:50 - 2021-03-10 03:50 - 000000000 ____D C:\Users\begod\Downloads\Revo.Uninstaller.Pro.v4.3.8.ES.inc.Crack
2021-03-10 03:21 - 2021-03-10 04:28 - 000000374 _____ C:\Users\begod\.vivaldi_reporting_data
2021-03-10 03:20 - 2021-03-10 03:20 - 000002387 _____ C:\Users\begod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2021-03-10 03:20 - 2021-03-10 03:20 - 000002350 _____ C:\Users\begod\Desktop\Vivaldi.lnk
2021-03-10 03:20 - 2021-03-10 03:20 - 000000000 ____D C:\Users\begod\AppData\Local\Vivaldi
2021-03-10 03:16 - 2021-03-10 03:18 - 071453936 _____ (Vivaldi Technologies AS) C:\Users\begod\Downloads\Vivaldi.3.6.2165.40.x64.exe
2021-03-09 16:59 - 2021-03-09 18:47 - 000000000 ____D C:\Users\begod\Downloads\WIN 7 EDICION ESPE
2021-03-09 16:47 - 2021-03-09 16:55 - 933551855 _____ C:\Users\begod\Downloads\WIN7_SP1.rar
2021-03-09 16:46 - 2021-03-09 16:46 - 000000000 _____ C:\Users\begod\Downloads\wn7 sp1.txt
2021-03-09 16:39 - 2021-03-09 18:58 - 000000464 __RSH C:\ProgramData\ntuser.pol
2021-03-09 16:34 - 2021-03-09 16:34 - 001156152 _____ (Akeo Consulting) C:\Users\begod\Downloads\rufus-3.13.exe
2021-03-09 16:30 - 2020-07-10 01:04 - 000227528 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2021-03-09 16:27 - 2021-03-09 16:27 - 000000000 ____D C:\Users\begod\AppData\Roaming\EaseUS
2021-03-09 15:54 - 2020-06-01 19:48 - 000140280 ____N (Dokan Project) C:\Windows\system32\Drivers\dokan1.sys
2021-03-09 15:18 - 2021-03-09 15:18 - 000000000 ____D C:\Users\begod\Documents\HAY FANTASMAS
2021-03-09 14:11 - 2021-03-09 14:11 - 000000000 ____D C:\Users\begod\AppData\Roaming\WinRAR
2021-03-09 14:10 - 2021-03-09 18:37 - 000000000 ____D C:\Users\begod\Downloads\recuperacion discos duros
2021-03-09 14:05 - 2021-03-09 14:05 - 035663688 _____ (CleverFiles) C:\Users\begod\Downloads\recuperar datos disco duro.exe
2021-03-09 14:03 - 2020-08-26 08:31 - 000370424 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2021-03-09 14:03 - 2020-08-26 08:31 - 000282360 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\wpcap.dll
2021-03-09 14:03 - 2020-08-26 08:31 - 000107768 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2021-03-09 14:03 - 2020-08-26 08:31 - 000098040 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\Packet.dll
2021-03-09 14:03 - 2020-08-26 08:31 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2021-03-09 04:15 - 2021-03-09 04:15 - 000000000 ____D C:\Users\begod\AppData\LocalLow\Temp
2021-03-09 04:13 - 2021-03-09 04:13 - 000000000 ____D C:\Users\begod\AppData\Roaming\Adobe
2021-03-09 03:03 - 2021-03-09 03:03 - 000000000 ____D C:\Users\begod\Documents\Plantillas personalizadas de Office
2021-03-09 02:53 - 2021-03-09 02:53 - 000000000 ____D C:\Users\begod\AppData\Local\OfficeBSCache-MyComputer
2021-03-09 02:30 - 2021-03-09 02:30 - 000000723 _____ C:\Users\begod\Desktop\Bibliotecas - Acceso directo.lnk
2021-03-09 01:26 - 2021-03-10 06:47 - 000000000 ____D C:\Users\begod\AppData\Local\PhotoScapeXPro
2021-03-09 01:23 - 2021-03-09 01:23 - 000000000 ____D C:\Users\begod\AppData\Roaming\FastStone
2021-03-09 00:25 - 2021-03-09 18:10 - 000000000 ____D C:\Users\begod\VirtualBox VMs
2021-03-09 00:25 - 2021-03-09 18:10 - 000000000 ____D C:\Users\begod\.VirtualBox
2021-03-08 23:14 - 2021-03-08 23:15 - 009224744 _____ (Crawler Group ) C:\Users\begod\Downloads\SpywareTerminatorSetup.exe
2021-03-08 23:14 - 2021-03-08 23:14 - 011093184 _____ (Carifred) C:\Users\begod\Downloads\UltraAdwareKiller.exe
2021-03-08 23:14 - 2021-03-08 23:14 - 002248832 _____ (Emsisoft Ltd) C:\Users\begod\Downloads\EmsisoftAntiMalwareSetup_majorgeeks.exe
2021-03-08 23:07 - 2021-03-08 23:07 - 055188776 _____ (ESET) C:\Users\begod\Downloads\essp_nt32.exe
2021-03-08 22:26 - 2021-03-08 22:26 - 000000000 ____D C:\Users\begod\AppData\Local\PeerDistRepub
2021-03-08 22:10 - 2021-03-08 22:10 - 000000000 ____D C:\Users\begod\AppData\Local\ElevatedDiagnostics
2021-03-08 21:55 - 2021-03-08 23:32 - 000000000 ____D C:\Users\begod\Downloads\ACTUALIZACIONES PARA WIN 7
2021-03-08 21:48 - 2021-03-09 01:21 - 000000000 ____D C:\Users\begod\AppData\Local\BitTorrentHelper
2021-03-08 21:48 - 2021-03-08 21:48 - 000000000 ____D C:\Users\begod\AppData\Local\Publishers
2021-03-08 21:47 - 2021-03-10 04:38 - 000000000 ____D C:\Users\begod\AppData\Local\Packages
2021-03-08 21:47 - 2021-03-09 13:58 - 000000000 ____D C:\Users\begod\AppData\Local\PlaceholderTileLogoFolder
2021-03-08 21:47 - 2021-03-08 21:55 - 000000000 ____D C:\Users\begod\AppData\Local\Trend Micro
2021-03-08 21:46 - 2021-03-08 21:46 - 000000000 ____D C:\Users\begod\AppData\Local\VirtualStore
2021-03-08 21:46 - 2021-03-08 21:46 - 000000000 ____D C:\Users\begod\AppData\Local\Comms
2021-03-08 21:19 - 2021-03-08 21:19 - 000000000 ___RD C:\Users\TEMP\OneDrive
2021-03-08 21:16 - 2021-03-08 21:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\Trend Micro
2021-03-08 21:15 - 2021-03-08 21:42 - 000000000 ___RD C:\Users\TEMP\3D Objects
2021-03-08 21:15 - 2021-03-08 21:17 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2021-03-08 21:15 - 2021-03-08 21:15 - 000000000 _SHDL C:\Users\TEMP\Documents\Mis vídeos
2021-03-08 21:15 - 2021-03-08 21:15 - 000000000 _SHDL C:\Users\TEMP\Documents\Mis imágenes
2021-03-08 21:15 - 2021-03-08 21:15 - 000000000 _SHDL C:\Users\TEMP\Documents\Mi música
2021-03-08 21:15 - 2021-03-08 21:15 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2021-03-08 21:15 - 2021-03-08 21:15 - 000000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2021-03-08 20:35 - 2021-03-08 21:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-08 19:40 - 2021-03-08 20:01 - 000000000 ____D C:\Windows\system32\MRT
2021-03-08 16:52 - 2021-03-10 09:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-08 15:26 - 2021-03-08 15:26 - 000000000 ____D C:\Program Files\Oracle
2021-03-08 14:58 - 2021-03-09 15:50 - 000000000 ____D C:\1-VIDEOS
2021-03-08 14:49 - 2021-03-08 14:49 - 000000000 ____D C:\ProgramData\Oracle
2021-03-08 14:34 - 2021-03-08 14:34 - 000000000 ____D C:\Windows\pss
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Reciente
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Plantillas
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Mis documentos
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Menú Inicio
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Impresoras
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Entorno de red
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Datos de programa
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\Configuración local
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Historial
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Datos de programa
2021-03-08 11:58 - 2021-03-08 11:58 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Archivos temporales de Internet
2021-03-08 11:57 - 2021-03-08 21:42 - 000000000 ____D C:\Users\TEMP
2021-03-08 11:46 - 2021-03-08 11:46 - 000023207 _____ C:\Users\Administrador\Desktop\infeccion.txt
2021-03-08 11:38 - 2021-03-08 11:38 - 000000996 _____ C:\Users\Administrador\Documents\reglas.csv
2021-03-08 10:21 - 2021-03-08 10:23 - 000000000 ___SD C:\Users\Administrador\Documents\Mis sitios Web
2021-03-08 10:21 - 2021-03-08 10:21 - 000067864 _____ C:\Users\Administrador\AppData\Local\GDIPFONTCACHEV1.DAT
2021-03-08 10:19 - 2021-03-08 10:19 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\FastStone
2021-03-08 10:17 - 2021-03-08 10:17 - 000000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2021-03-08 10:17 - 2021-03-08 10:17 - 000000000 ____D C:\Program Files (x86)\QuickTime
2021-03-08 09:56 - 2021-03-08 09:56 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\WinRAR
2021-03-08 09:44 - 2021-03-08 10:56 - 000000000 ____D C:\Users\Administrador\AppData\Local\PhotoScapeXPro
2021-03-08 09:32 - 2021-03-08 09:32 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbam
2021-03-08 09:31 - 2021-03-08 09:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-08 09:30 - 2021-03-08 09:30 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-08 09:18 - 2021-03-08 21:42 - 000000000 ____D C:\FSTool
2021-03-08 08:14 - 2021-03-09 16:30 - 000000000 ____D C:\Windows\system32\appmgmt
2021-03-08 07:59 - 2021-03-08 21:42 - 000000000 ____D C:\Users\Administrador\Documents\3-MIS DOCUMENTOS ROSA
2021-03-08 07:38 - 2021-03-08 21:42 - 000000000 ____D C:\Users\Administrador\Documents\5-DE G
2021-03-08 07:27 - 2021-03-08 07:27 - 000000000 ____D C:\Users\Administrador\AppData\Local\D3DSCache
2021-03-08 07:19 - 2021-03-08 21:42 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\vlc
2021-03-08 07:12 - 2021-03-08 21:42 - 000000000 ____D C:\Users\Administrador\Documents\PROGRAMAS ESENCIALES
2021-03-08 07:07 - 2021-03-08 21:42 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2021-03-08 07:07 - 2021-03-08 07:07 - 000000000 ____D C:\Users\ama\AppData\Roaming\Canneverbe Limited
2021-03-08 07:07 - 2021-03-08 07:07 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2021-03-08 06:43 - 2021-03-08 06:46 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\GlarySoft
2021-03-08 06:37 - 2021-03-08 06:37 - 000000000 ____H C:\Users\Administrador\Documents\Default.rdp
2021-03-08 06:19 - 2021-03-08 06:19 - 000000000 ____D C:\Users\Administrador\AppData\Local\Comms
2021-03-08 06:16 - 2021-03-08 06:16 - 000000000 ___HD C:\$SysReset
2021-03-08 06:09 - 2021-03-08 09:43 - 000000000 ____D C:\Users\Administrador\AppData\Local\Trend Micro
2021-03-08 06:05 - 2021-03-08 08:15 - 000000000 ___RD C:\Users\Administrador\OneDrive
2021-03-08 06:01 - 2021-03-08 06:01 - 000000000 ____D C:\Users\Administrador\AppData\Local\Publishers
2021-03-08 06:00 - 2021-03-08 21:42 - 000000000 ___RD C:\Users\Administrador\3D Objects
2021-03-08 06:00 - 2021-03-08 21:42 - 000000000 ____D C:\Users\Administrador
2021-03-08 06:00 - 2021-03-08 07:51 - 000000000 ____D C:\Users\Administrador\AppData\Local\Packages
2021-03-08 06:00 - 2021-03-08 06:46 - 000000000 ____D C:\Users\Administrador\AppData\Local\Google
2021-03-08 06:00 - 2021-03-08 06:01 - 000000000 ____D C:\Users\Administrador\AppData\Local\ConnectedDevicesPlatform
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Reciente
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Plantillas
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Mis documentos
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Menú Inicio
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Impresoras
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Entorno de red
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis vídeos
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis imágenes
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Documents\Mi música
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Datos de programa
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\Configuración local
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Historial
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Datos de programa
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Archivos temporales de Internet
2021-03-08 06:00 - 2021-03-08 06:00 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe
2021-03-08 05:32 - 2021-03-08 05:32 - 000000000 ____D C:\Users\ama\AppData\Local\PeerDistRepub
2021-03-08 05:26 - 2021-03-08 05:32 - 000000000 ____D C:\Users\ama\AppData\Local\ElevatedDiagnostics
2021-03-08 05:11 - 2021-03-08 05:11 - 000000000 ____D C:\Users\ama\AppData\Local\UT008
2021-03-08 05:06 - 2021-03-08 05:34 - 000000000 ____D C:\Users\ama\.VirtualBox
2021-03-08 05:06 - 2021-03-08 05:06 - 000000000 ____D C:\Users\ama\VirtualBox VMs
2021-03-08 04:50 - 2021-03-08 20:40 - 000000000 ____D C:\ProgramData\GlarySoft
2021-03-08 03:38 - 2021-03-10 03:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-03-08 03:38 - 2021-03-08 03:38 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-08 03:36 - 2021-03-08 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2021-03-08 03:36 - 2021-03-08 03:36 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2021-03-08 02:59 - 2021-03-08 15:35 - 000000000 ____D C:\ProgramData\VirtualBox
2021-03-08 02:45 - 2021-03-08 21:42 - 000000000 ____D C:\Users\begod\AppData\Local\UT008
2021-03-08 02:09 - 2021-03-08 12:02 - 000000000 ____D C:\Windows\Minidump
2021-03-08 01:59 - 2021-03-10 07:53 - 000000000 ____D C:\Users\ama\AppData\Local\D3DSCache
2021-03-08 01:54 - 2021-03-10 08:11 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-08 01:45 - 2021-03-08 01:45 - 001580448 _____ C:\Users\ama\Downloads\eset_nod32_antivirus_live_installer.exe
2021-03-08 01:37 - 2021-03-08 01:37 - 000000000 ____D C:\Users\ama\AppData\Local\OneDrive
2021-03-08 01:32 - 2021-03-08 05:05 - 000000000 ____D C:\Users\ama\AppData\Local\Trend Micro
2021-03-08 01:31 - 2021-03-08 01:31 - 000002256 _____ C:\Users\ama\Desktop\Trend Micro Antivirus+.lnk
2021-03-08 01:31 - 2021-03-08 01:31 - 000002183 _____ C:\Users\ama\Desktop\Seguridad de pago de Trend Micro.lnk
2021-03-08 01:31 - 2021-03-08 01:31 - 000000000 ____D C:\Users\ama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Antivirus+
2021-03-08 01:30 - 2021-03-08 01:30 - 000000000 ____D C:\Users\ama\AppData\Local\Google
2021-03-08 00:52 - 2021-03-08 00:52 - 000000000 ____D C:\Windows\Trend Micro
2021-03-07 22:19 - 2021-03-07 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jAlbum
2021-03-07 22:19 - 2021-03-07 22:20 - 000000000 ____D C:\Program Files\jAlbum
2021-03-07 21:52 - 2021-03-07 21:52 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-03-07 21:52 - 2021-03-07 21:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2021-03-07 21:51 - 2021-03-07 21:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-03-07 21:49 - 2021-03-07 21:51 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-07 21:47 - 2021-03-08 21:42 - 000000000 ___SD C:\Users\begod\Documents\Mis sitios Web
2021-03-07 21:47 - 2021-03-07 21:47 - 000000376 _____ C:\Windows\ODBC.INI
2021-03-07 21:46 - 2021-03-08 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-03-07 21:46 - 2021-03-07 21:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-07 21:46 - 2021-03-07 21:46 - 000000000 ____D C:\Windows\PCHEALTH
2021-03-07 21:45 - 2021-03-08 21:36 - 000000000 __RHD C:\MSOCache
2021-03-07 21:44 - 2021-03-08 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2021-03-07 21:44 - 2021-03-08 21:42 - 000000000 ____D C:\Program Files (x86)\UltraISO
2021-03-07 21:44 - 2021-03-07 21:44 - 000001080 _____ C:\Users\begod\Desktop\UltraISO.lnk
2021-03-07 21:26 - 2021-03-08 21:58 - 000000000 ____D C:\Users\begod\AppData\Roaming\Internet Download Accelerator
2021-03-07 21:26 - 2021-03-08 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Accelerator
2021-03-07 21:26 - 2021-03-08 21:42 - 000000000 ____D C:\Program Files (x86)\IDA
2021-03-07 21:26 - 2021-03-07 21:26 - 000001082 _____ C:\Users\begod\Desktop\Internet Download Accelerator.lnk
2021-03-07 20:08 - 2021-03-07 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2021-03-07 20:08 - 2021-03-07 20:08 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2021-03-07 20:07 - 2021-03-10 06:53 - 000000000 ____D C:\Users\begod\AppData\Roaming\vlc
2021-03-07 20:07 - 2021-03-07 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-03-07 20:07 - 2021-03-07 20:07 - 000000000 ____D C:\Program Files\VideoLAN
2021-03-07 20:04 - 2021-03-10 08:30 - 000000000 ____D C:\Users\begod\Documents\Camtasia Studio
2021-03-07 20:04 - 2021-03-07 20:04 - 000000000 ___HD C:\TMRescueDisk
2021-03-07 20:03 - 2021-03-08 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2021-03-07 20:02 - 2021-03-08 21:37 - 000000000 ____D C:\ProgramData\TechSmith
2021-03-07 20:02 - 2021-03-08 21:37 - 000000000 ____D C:\Program Files (x86)\TechSmith
2021-03-07 20:01 - 2021-03-08 21:42 - 000000000 ____D C:\Users\begod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Antivirus+
2021-03-07 20:01 - 2021-03-07 20:01 - 000008648 _____ C:\Windows\system32\AmspLogList.ini
2021-03-07 20:01 - 2021-03-07 20:01 - 000002256 _____ C:\Users\begod\Desktop\Trend Micro Antivirus+.lnk
2021-03-07 20:01 - 2021-03-07 20:01 - 000002222 _____ C:\Windows\system32\AmspConfig.ini
2021-03-07 20:01 - 2021-03-07 20:01 - 000002183 _____ C:\Users\begod\Desktop\Seguridad de pago de Trend Micro.lnk
2021-03-07 20:01 - 2021-03-07 20:01 - 000002016 _____ C:\Windows\system32\AmspLogFilter.ini
2021-03-07 20:01 - 2021-03-07 20:01 - 000000127 _____ C:\Windows\system32\trxhandler_log.ini
2021-03-07 20:01 - 2021-03-07 20:01 - 000000080 _____ C:\Windows\system32\log.ini
2021-03-07 19:59 - 2021-03-08 21:42 - 000000000 ____D C:\Windows\SysWOW64\tmumh
2021-03-07 19:59 - 2021-03-08 21:42 - 000000000 ____D C:\Windows\system32\tmumh
2021-03-07 19:59 - 2021-03-07 20:00 - 000000000 ____D C:\Windows\SysWOW64\TmAMSI
2021-03-07 19:59 - 2021-03-07 20:00 - 000000000 ____D C:\Windows\system32\TmAMSI
2021-03-07 19:59 - 2020-07-29 16:30 - 000686168 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeyes.sys
2021-03-07 19:59 - 2020-07-29 16:30 - 000562296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2021-03-07 19:59 - 2020-07-29 16:30 - 000159848 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMUMH.sys
2021-03-07 19:59 - 2020-07-29 16:30 - 000147672 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2021-03-07 19:59 - 2020-07-29 16:30 - 000137112 _____ (Trend Micro, Inc.) C:\Windows\system32\Drivers\tmusa.sys
2021-03-07 19:59 - 2020-07-29 16:30 - 000074760 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2021-03-07 19:57 - 2021-03-08 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Troubleshooting Tool
2021-03-07 19:57 - 2021-03-08 21:42 - 000000000 ____D C:\Program Files\Trend Micro
2021-03-07 19:57 - 2021-03-07 19:57 - 000000059 _____ C:\Windows\system32\SupportTool.exe.bat
2021-03-07 19:48 - 2021-03-07 19:48 - 000095924 _____ C:\Windows\system32\rsop3.msc
2021-03-07 19:28 - 2020-07-29 16:30 - 000039880 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2021-03-07 19:24 - 2021-03-07 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HouseCall for Home Networks
2021-03-07 19:23 - 2021-03-07 19:30 - 000000000 ____D C:\Program Files (x86)\Trend Micro
2021-03-07 19:22 - 2021-03-10 03:50 - 000000000 ____D C:\ProgramData\Trend Micro
2021-03-07 19:21 - 2021-03-07 19:21 - 000000000 ___HD C:\$WinREAgent
2021-03-07 19:10 - 2021-03-07 19:10 - 000000000 ____D C:\ProgramData\Caphyon
2021-03-07 19:10 - 2021-03-07 19:10 - 000000000 ____D C:\Program Files\PhotoScape X Pro
2021-03-07 18:38 - 2021-03-08 21:42 - 000000000 ____D C:\Users\begod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-07 18:38 - 2021-03-08 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-07 18:37 - 2021-03-08 21:42 - 000000000 ____D C:\Program Files\WinRAR
2021-03-07 18:37 - 2021-03-08 01:17 - 000003608 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-07 18:37 - 2021-03-08 01:17 - 000003384 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-07 18:37 - 2021-03-07 18:37 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-07 18:37 - 2021-03-07 18:37 - 000000000 ____D C:\Program Files\Google
2021-03-07 18:36 - 2021-03-08 22:03 - 000000000 ____D C:\Users\begod\AppData\Local\Google
2021-03-07 18:36 - 2021-03-07 18:36 - 000000000 ____D C:\Program Files (x86)\Google
2021-03-07 18:32 - 2021-03-07 18:32 - 000000000 ___HD C:\OneDriveTemp
2021-03-07 18:29 - 2021-03-08 21:45 - 000000000 ____D C:\Users\begod\AppData\Local\ConnectedDevicesPlatform
2021-03-07 18:29 - 2021-03-08 21:42 - 000000000 ___RD C:\Users\begod\3D Objects
2021-03-07 18:28 - 2021-03-10 08:10 - 000000000 ____D C:\Users\begod
2021-03-07 18:28 - 2021-03-07 18:28 - 000000020 ___SH C:\Users\begod\ntuser.ini
2021-03-07 18:19 - 2021-03-08 07:02 - 000000000 ____D C:\Users\ama\AppData\Local\PlaceholderTileLogoFolder
2021-03-07 18:18 - 2021-03-10 09:23 - 000002922 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1517860726-1647753564-1699257484-1001
2021-03-07 18:18 - 2021-03-10 07:44 - 000000000 ___RD C:\Users\ama\OneDrive
2021-03-07 18:18 - 2021-03-07 18:18 - 000000000 ____D C:\Users\ama\AppData\Local\Comms
2021-03-07 17:13 - 2021-03-09 00:46 - 001683676 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-07 17:13 - 2021-03-07 17:13 - 000000000 ____D C:\Users\ama\AppData\Local\Publishers
2021-03-07 17:12 - 2021-03-08 06:25 - 000000000 ____D C:\Users\ama\AppData\Local\Packages
2021-03-07 17:12 - 2021-03-07 17:12 - 000000000 ___RD C:\Users\ama\3D Objects
2021-03-07 17:12 - 2021-03-07 17:12 - 000000000 ____D C:\Users\ama\AppData\Roaming\Adobe
2021-03-07 17:12 - 2021-03-07 17:12 - 000000000 ____D C:\Users\ama\AppData\Local\VirtualStore
2021-03-07 17:12 - 2021-03-07 17:12 - 000000000 ____D C:\Users\ama\AppData\Local\ConnectedDevicesPlatform
2021-03-07 17:11 - 2021-03-10 07:44 - 000002395 _____ C:\Users\ama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-07 17:11 - 2021-03-08 21:42 - 000000000 ____D C:\Users\ama
2021-03-07 17:11 - 2021-03-07 17:11 - 000000020 ___SH C:\Users\ama\ntuser.ini
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Reciente
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Plantillas
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Mis documentos
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Menú Inicio
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Impresoras
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Entorno de red
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Documents\Mis vídeos
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Documents\Mis imágenes
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Documents\Mi música
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Datos de programa
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\Configuración local
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\AppData\Local\Historial
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\AppData\Local\Datos de programa
2021-03-07 17:11 - 2021-03-07 17:11 - 000000000 _SHDL C:\Users\ama\AppData\Local\Archivos temporales de Internet
2021-03-07 17:09 - 2021-03-07 17:09 - 000000000 ____D C:\Windows\CSC
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Reciente
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Plantillas
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Mis documentos
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Impresoras
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Entorno de red
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Datos de programa
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\Configuración local
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\ProgramData\Plantillas
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\ProgramData\Escritorio
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\ProgramData\Documentos
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\ProgramData\Datos de programa
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Program Files\Archivos comunes
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Documents and Settings
2021-03-07 17:07 - 2021-03-07 17:07 - 000000000 _SHDL C:\Archivos de programa
2021-03-07 17:01 - 2021-03-10 09:23 - 000002918 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1517860726-1647753564-1699257484-500
2021-03-07 17:00 - 2021-03-07 17:00 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-03-07 16:59 - 2021-03-10 02:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-07 16:53 - 2021-03-10 09:27 - 000000000 ____D C:\Windows\Panther
2021-03-07 11:31 - 2021-03-08 21:42 - 000000000 ____D C:\Users\Administrador\Documents\8-ISO

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-03-10 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-03-10 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-10 09:27 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-03-10 09:23 - 2020-11-19 00:46 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-10 09:23 - 2020-11-19 00:46 - 000003416 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-10 08:15 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-03-10 08:11 - 2020-11-19 00:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-10 08:10 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-03-10 03:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-03-10 02:32 - 2020-11-18 23:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-03-09 16:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-03-09 00:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2021-03-09 00:46 - 2019-12-07 15:55 - 000752148 _____ C:\Windows\system32\perfh00A.dat
2021-03-09 00:46 - 2019-12-07 15:55 - 000147826 _____ C:\Windows\system32\perfc00A.dat
2021-03-08 21:42 - 2020-11-19 00:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Macromed
2021-03-08 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-03-08 21:42 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-03-08 21:41 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-08 21:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\registration
2021-03-08 21:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2021-03-08 20:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-03-08 07:51 - 2019-04-21 15:53 - 000000000 ____D C:\Users\Administrador\Documents\@CANTASIA ESTUDIO
2021-03-08 07:47 - 2021-01-19 15:22 - 000000000 ____D C:\Users\Administrador\Documents\2-VIDEOS ROSA
2021-03-08 07:45 - 2021-01-19 15:24 - 000000000 ____D C:\Users\Administrador\Documents\2-MIS IMAGENES ROSA
2021-03-08 06:34 - 2020-11-19 00:44 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-03-08 06:34 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-08 06:25 - 2020-11-19 00:48 - 000000000 ____D C:\ProgramData\Packages
2021-03-08 00:21 - 2020-11-18 23:44 - 000343680 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-07 21:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-07 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System
2021-03-07 18:23 - 2020-11-19 00:46 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-07 17:09 - 2019-12-07 15:56 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-03-07 17:09 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-03-07 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-07 17:02 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-03-07 17:02 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-03-07 16:51 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== Archivos en la raíz de algunos directorios ========

2021-03-10 07:35 - 2021-03-10 07:41 - 000000128 _____ () C:\Users\begod\AppData\Roaming\winscp.rnd
2021-03-10 08:23 - 2021-03-10 08:28 - 000004608 _____ () C:\Users\begod\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Nina_Tusabe · 10 Marzo, 2021 09:21


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-02-2021
Ejecutado por begod (10-03-2021 09:57:31)
Ejecutado desde C:\Users\begod\Desktop
Windows 10 Pro Versión 20H2 19042.631 (X64) (2021-03-07 16:08:03)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1517860726-1647753564-1699257484-500 - Administrator - Disabled)
begod (S-1-5-21-1517860726-1647753564-1699257484-1002 - Administrator - Enabled) => C:\Users\begod
DefaultAccount (S-1-5-21-1517860726-1647753564-1699257484-503 - Limited - Disabled)
Invitado (S-1-5-21-1517860726-1647753564-1699257484-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1517860726-1647753564-1699257484-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro Antivirus+ (Disabled - Up to date) {76C8F930-C23E-653D-16C6-49C7176F8B9D}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HouseCall for Home Networks (HKLM\...\DRScanner) (Version: 5.3.1192 - Trend Micro Inc.)
Internet Download Accelerator version 6.19.5 (HKLM-x32\...\Internet Download Accelerator_is1) (Version: 6.19.5 - WestByte)
jAlbum (HKLM\...\{C318132A-5215-40B2-85BF-F4418310EE8D}) (Version: 23.2.4 - Jalbum AB)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1517860726-1647753564-1699257484-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PhotoScape X Pro (HKLM\...\{B6F94770-08EF-466A-B987-447A9E5EE1D9}) (Version: 4.0.2 - Mooii Tech) Hidden
PhotoScape X Pro (HKLM\...\PhotoScape X Pro 4.0.2) (Version: 4.0.2 - Mooii Tech)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 4.3.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.8 - VS Revo Group, Ltd.)
Trend Micro Antivirus+ (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 17.0 - Trend Micro Inc.)
Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0 - Trend Micro Inc.)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Vivaldi (HKU\S-1-5-21-1517860726-1647753564-1699257484-1002\...\Vivaldi) (Version: 3.6.2165.40 - Vivaldi Technologies AS.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)

Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation) [MS Ad]
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-03-08] (Skype)
Tu Teléfono -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1517860726-1647753564-1699257484-1002_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\begod\AppData\Local\Vivaldi\Application\3.6.2165.40\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ShellIconOverlayIdentifiers: [  FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1_S-1-5-21-1517860726-1647753564-1699257484-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4_S-1-5-21-1517860726-1647753564-1699257484-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers5_S-1-5-21-1517860726-1647753564-1699257484-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2021-03-07 21:26 - 2020-12-21 13:44 - 000226304 _____ () [Archivo no firmado] C:\Program Files (x86)\IDA\Plugins\videoserv.dll
2021-03-07 21:26 - 2016-03-16 15:58 - 000275456 _____ (WestByte) [Archivo no firmado] C:\Program Files (x86)\IDA\Plugins\advscheduler.dll
2021-03-07 21:26 - 2016-10-20 11:35 - 001070080 _____ (WestByte) [Archivo no firmado] C:\Program Files (x86)\IDA\Plugins\botmaster.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO-x32: IE 4.x-6.x BHO for Internet Download Accelerator -> {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} -> C:\Program Files (x86)\IDA\idaiehlp.dll [2018-10-12] (Download Master -> WestByte)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-1517860726-1647753564-1699257484-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1517860726-1647753564-1699257484-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 84.200.69.80 - 84.200.70.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [MsiScsi-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [vm-monitoring-rpc] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [vm-monitoring-dcom] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [NETDIS-SSDPSrv-In-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [NETDIS-FDPHOST-In-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [NETDIS-DAS-In-UDP] => (Block) C:\Windows\system32\dashost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [NETDIS-LLMNR-In-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [NETDIS-FDRESPUB-WSD-In-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Collab-PNRP-In-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Collab-PNRP-SSDPSrv-In-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Block) C:\Windows\system32\wininit.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Block) C:\Windows\system32\wininit.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope] => (Block) C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WMPNSS-In-UDP-NoScope] => (Block) C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{572B8144-0277-459B-BFCB-81ABD02B7E8E}] => (Block) LPort=445
FirewallRules: [NVS-FrameServer-In-UDP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [NVS-FrameServer-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [RemoteFwAdmin-RPCSS-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [RemoteFwAdmin-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [RemoteEventLogSvc-RPCSS-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [RemoteEventLogSvc-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [RemoteSvcAdmin-RPCSS-In-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [RemoteSvcAdmin-In-TCP-NoScope] => (Block) C:\Windows\system32\services.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{B04BD32E-D5A5-44F8-85B1-C33817BA19B6}] => (Block) LPort=445
FirewallRules: [{FFFF89DC-8BE7-4C70-B136-20CA2DFBC7D5}] => (Block) LPort=445
FirewallRules: [{0A9CD260-74FC-45AF-8A29-0585F95A84E1}] => (Block) LPort=445
FirewallRules: [TCP Query User{7C52E09D-6276-464B-9729-E136E29B468E}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{62E4FB77-E878-49B1-819D-75D84A02C0A9}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B4FA9479-2C12-4403-BD9F-A9A6F6114FE9}C:\program files (x86)\trend micro\drscanner\drscanner.exe] => (Allow) C:\program files (x86)\trend micro\drscanner\drscanner.exe (Trend Micro, Inc. -> Trend Micro Inc.)
FirewallRules: [UDP Query User{AD1A1D93-C5F2-4B13-9643-119D9A307BA8}C:\program files (x86)\trend micro\drscanner\drscanner.exe] => (Allow) C:\program files (x86)\trend micro\drscanner\drscanner.exe (Trend Micro, Inc. -> Trend Micro Inc.)
FirewallRules: [{ADC77425-62D2-4173-9E29-07364839081F}] => (Allow) C:\Users\begod\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{4064BB97-512D-4E3A-B771-F1691E523C35}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{47BE4B3D-37C8-417A-8C27-9E21D3FC3CB3}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{BF5A8D0E-1EB7-49DA-A8FA-8DCCB6296FD6}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{8B5E4933-B959-4307-B442-D4DFA67AD50B}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3EDC136A-9E26-4DCF-811B-23BAD3703D2E}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3E6115BE-0594-4655-B5E5-138194DA45D4}] => (Block) C:\Windows\system32\services.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{402C23A6-54C5-49CE-AEAB-2AAB2036AB83}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{D1432706-2029-41C4-9383-46B633EC9DD8}] => (Block) C:\Windows\system32\wininit.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3349591F-7E9F-4C29-8229-447F26FE0A35}] => (Block) C:\Windows\system32\wininit.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{9CC96736-97B2-4E87-9658-761827EC1F69}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{DAE217EB-2968-4762-AD4E-199299662C50}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{863AC9B8-3323-497D-8E9A-6C133E2A0678}] => (Block) C:\Windows\system32\dashost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3472CD73-190B-4BC1-A9C8-DF0DAA0CF3F5}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{8D926898-0C09-4E09-A0E2-944B66051317}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{8C780623-D756-4FCD-BD1F-04987967B636}] => (Block) LPort=445
FirewallRules: [{777276C3-4499-4935-B782-5BDB9A5C56EA}] => (Block) C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{96219C28-D7C7-4B40-B8A1-8945B73D9725}] => (Block) C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DBC11DF2-8894-47E8-B2FD-4EA042AB827A}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{D04D1FDE-8469-4637-B86A-0879AF282CF1}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{C67CBAD6-109C-4527-AEC7-B7F016D327AD}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{831213C3-DE9F-44B4-95B9-76C04CC88040}] => (Allow) C:\Users\begod\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{469C9F12-728D-4DBD-92DF-AC7EB0E3D095}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{715C19D4-28A9-4636-8C02-FF29169A0278}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{9A3C22BC-88AC-466C-860A-0A4D2D0E6D56}C:\program files (x86)\microsoft office\office11\frontpg.exe] => (Allow) C:\program files (x86)\microsoft office\office11\frontpg.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{28D0E979-C877-4ACF-96B7-599D140991B4}C:\program files (x86)\microsoft office\office11\frontpg.exe] => (Allow) C:\program files (x86)\microsoft office\office11\frontpg.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Puerto serie PCI
Description: Puerto serie PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/10/2021 09:28:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\ProgramData\Package Cache\{97cfdb6c-2faa-43ba-afbc-469e01845e99}\DokanSetup.exe Cache\{97cfdb6c-2faa-43ba-afbc-469e01845e99}\DokanSetup.exe" -q -burn.elevated BurnPipe.{9E058AFC-DA54-4850-868A-DACFF908A28B} {6637EF95-0181-48B0-BFBD-3E96D3CD819A} 7572; descripción = Dokan Library 1.4.0.1000 Bundle; error = 0x80070514).

Error: (03/10/2021 09:20:42 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\ProgramData\Package Cache\{6d486473-5700-4c11-b312-8602053cac74}\DiskDrillSetup.4.2.568.0.exe Cache\{6d486473-5700-4c11-b312-8602053cac74}\DiskDrillSetup.4.2.568.0.exe" -q -burn.elevated BurnPipe.{2E9E6C8C-149C-43AC-B81B-B37ED2C9A138} {E4644E99-7252-45FB-8EE4-920DAB20846F} 3940; descripción = Disk Drill 4.2.568.0; error = 0x80070514).

Error: (03/10/2021 08:10:28 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (03/10/2021 08:10:28 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (03/10/2021 08:10:28 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (03/10/2021 08:10:28 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (03/09/2021 05:05:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SystemSettingsBroker.exe, versión: 10.0.19041.329, marca de tiempo: 0xba2b5c08
Nombre del módulo con errores: ucrtbase.dll, versión: 10.0.19041.546, marca de tiempo: 0x43cbc11d
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000007287e
Identificador del proceso con errores: 0x2a74
Hora de inicio de la aplicación con errores: 0x01d714fdf3b26d38
Ruta de acceso de la aplicación con errores: C:\Windows\System32\SystemSettingsBroker.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\ucrtbase.dll
Identificador del informe: 33c900e7-1d91-4d09-838f-8766c42c27d8
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/09/2021 04:27:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\EUUnZip.exe". Error en el archivo de manifiesto o directiva "C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\Microsoft.VC90.MFC.MANIFEST" en la línea 4.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
La definición es Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Use sxstrace.exe para obtener un diagnóstico detallado.


Errores del sistema:
=============
Error: (03/10/2021 09:27:30 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-SKPCUQG)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/10/2021 08:10:23 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {9BA05972-F6A8-11CF-A442-00A0C90A8F39} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/10/2021 07:42:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SKPCUQG)
Description: El servidor Microsoft.Windows.CloudExperienceHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/10/2021 07:42:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SKPCUQG)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/10/2021 07:15:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SKPCUQG)
Description: El servidor {89FE4A00-AA37-4F01-9D3E-62672984EEEE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/10/2021 07:13:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SKPCUQG)
Description: El servidor {89FE4A00-AA37-4F01-9D3E-62672984EEEE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/10/2021 07:11:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SKPCUQG)
Description: El servidor {89FE4A00-AA37-4F01-9D3E-62672984EEEE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/10/2021 07:09:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SKPCUQG)
Description: El servidor {89FE4A00-AA37-4F01-9D3E-62672984EEEE} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
================
Date: 2021-03-08 20:11:51
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {1275D587-32B2-48D9-B61C-E76416F76661}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-10 09:10:27
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-10 09:10:27
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: Dell Inc. A22 06/11/2012
Placa base: Dell Inc. 0PU052
Procesador: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Porcentaje de memoria en uso: 42%
RAM física total: 6004.61 MB
RAM física disponible: 3478.39 MB
Virtual total: 12148.61 MB
Virtual disponible: 9447.99 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:80.25 GB) (Free:16.75 GB) NTFS
Drive d: (WIFISLAX-4_) (Removable) (Total:3.73 GB) (Free:0.98 GB) FAT32
Drive f: (PRESARIO) (Fixed) (Total:152.63 GB) (Free:35.86 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: A51E234C)
Partition 1: (Not Active) - (Size=80.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=152.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 012A6E90)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== Final de Addition.txt =======================

A ver si lo he pegado bien ?

Nina_Tusabe · 10 Marzo, 2021 10:02

Hola Hola Marr0n .Muchísimas gracias por responderme .No sabes que ganas tenia. Te he pegado los raport si alguna cosa no he hecho bien me dices .

Que desde cuando tengo este problema ? unos 50 días . Es una historia bastante larguísima ,te la resumo para que te hagas una idea . En enero empecé a notar que alguien estaba dentro de mi pantalla .No se explicar muy bien esto pero si. Yo notaba "sentia " enseguida cada vez que entraba. Empecé a revisar todo el sistema , y no encontraba nada, revisando el disco duro empecé a encontrar cosas que no eran mías.El Windws Multipoint server con mi nombre de usuario conectado a ese programa .Encontré Keylogger ,raports que contenian absolutamente toda mi información obtenida con Log Collector de ESeT.y no se cuantas cosas mas de este tipo. Pero bastantes mas ehhh .Nada de esto era mío claro . Se registraba como administrador y creaba grupos y mas usuarios .Y yo no podía hacer.siendo yo el que paga la factura del wifi . nada . Enseguida descubrió que yo lo había descubierto y me quiso hacer ver que todo eran programas de Windows y programas limpios . Que como me transmitia esto .Pues cada vez que yo arrancaba el ordenador lo primero que me salía eran eran una paginas o documentos perfectamente colocadas para que se leyera ese articulo o esa noticia . A que es cosa de lokos ?Pues tengo clarisimo que el me veia y me escuchaba , Luego vi que solo actuaba de noche ,a través del visor de sucesos iba viendo todos sus pasos y durante el día yo los arreglaba o protegía mi PC. Nada ,al día siguiente tenia todo otra vez igual y encima me capo el visor de sucesos para que no viera yo .Cada vez que conseguía proteger mi pc e impedir el acceso remoto mi PC se apagaba y no volvia a arrancar mas ni probando todas maneras conocidas de reparacion de inicio de win .Nada oye ,pantalla negra y aformatear de nuevo . Importante, descubrí que tenia la ISO de instalación infectada .Otro dia me modifico la BIOS y le puso contraseña apara que no pudiera arrancar yo desde USB y de estas una diaria pot 5’0 dias ? . Es mas largo pero para terminar .Si no encontrábamos nada en el disco duro Donde estaba ? Pues donde no habíamos mirado nunca …En Router. Encontré una vulnerabilidad en el router .Así que aislé el router para que no escapara y achicharre el software ,ni actualizar a la ultima versión ni gaitas .Vamos que lo reinicie a estado de fabrica. Y oiga ,funciono . Aparentemente se acabaron los problemas. Y digo aparentemente por ya no me fio de nada . Mi nivel de estado de alerta es paranoico ya Así que todo lo que me digas estaré sumamente agradecido Venga un saldo y gracias señor

Nina_Tusabe · 10 Marzo, 2021 10:16

Perdona no te he respondido a si sospecho de donde puede venir todo esto . Pues no es que sospeche ,es que se perfectamente de que programa se trata . Como te he contado cuando conseguí eliminar la amenaza y fui tomando confianza ,empecé a instalar mis programas que utilizo habitualmente. que no son mas que editores de video e imagen . Todo limpio por que una vez le pille con el ultraísmo modificandome un programa . Asi instalando programas ,PLASSssss me volvio a aprecer .Ya sabia lo que tenia que hacer ,Eliminar el ultimo programa instalado y formatear el router .Operacion larga y tediosa ,buffff Hasta que desccubri que quitando tal programa dejaba de tener el inquilino . Por cierto ,mi detector lo llamaba RIST

Gracias de nuevo señor

MIXU · 11 Marzo, 2021 02:35

Hola @Nina_Tusabe

Sí. Perfecto.

OK.

Referente a todo lo que cuentas, pues vaya historia. Me surgen algunas dudas:

¿Cómo descubriste que la ISO de instalación del Sistema Operativo estaba infectada/comprometida?

¿Esta es legítima proporcionada por Microsoft? o ¿Es pirata vete a saber de donde/de que lugar?

Esto ya no es tan fácil de hacer.

OK. ¿Una vez reiniciado lo actualizaste a la última versión estable del FirmWare del router? ¿Cómo descubriste que era de una Vulnerabilidad del Router? ¿Qué vulnerabilidad CVE-xxxx-xxxx concreta es? ¿Configuraste correctamente tu Router?

¿Tienes otros dispositivos a la Red que tengan simpatomas de estar infectados / comprometidos?

¿Son piratas algunos de ellos? ¿Verdad?

No entiendo lo de ultraísmo

¿Cómo se llamaba dicho programa que descubriste?

He visto muchas cosas varias del FRST de sus logs que no me gustan nada. De todas formas ahora procederemos de la siguiente forma, ya volveremos más a delante a FRST.

EN BUSCA / ELIMINACIÓN DE MALWARE

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Inicia el equipo desde el Modo Seguro – con funciones de Red, de Windows. Si no funcionasen los métodos que se explican en el anterior post, prueba estos otros. Más concretamente, primero el 3 (Seleccionando Red en lugar de Mínimo) y si no el 2 (también Red).

Una vez iniciado en este modo, empiezas haciendo todos los pasos que te pondré a continuación.

P.D.: Si el quipo no te arrancase en Modo seguro (cosa que puede pasar), me lo dices e intentaremos arreglar el sistema para que arranque en Modo Seguro. Pues hay malwares que ya se encargaran de que no puedas iniciar en Modo Seguro o que si que dejan iniciar, pero después este no se carga correctamente. De todas formas, sino inicia en Modo Seguro con Red, pues realizas dichos Análisis en Modo Normal y me lo dices de que no va el Safe Mode (Modo Seguro).

Realizas lo siguiente:

Manual Malwarebytes Anti-Rootkit Beta sigues las instrucciones de su manual y me traes sus correspondientes Informes de análisis: Mbar-log.txt y System-log.txt tal como se indica en su manual.
Descarga, instala y ejecuta TDSKiller de acuerdo a su Manual TDSKiller. Marca todas las casillas (Loaded Modules, Verify file digital signatures y Detect TDLFS file system). Sí te pide reiniciar lo haces, ejecutas de nuevo la herramienta y al marcar nuevamente las casillas que te he dicho, ya te dejara analizar.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

EN TU PRÓXIMA RESPUESTA

Respondes a las preguntas que te haya realizado a lo largo del post.
Traes los reportes de Malwarebytes Anti-Rootkit y TDSKiller.
Comentas el estado en general del ordenador respecto al problema inicial planteado.

Salu2.

Nina_Tusabe · 11 Marzo, 2021 16:15

Hola de nuevo y gracias por la paciencia . Otra vez me tiro ayer. Se apago el ordenador y no volvió a encender .He tenido que ir a una bar a descargar otra copia ISO . por que es que no puedo conectarme a internet Cada vez que escribo a alguien pidiendo ayuda acabo con el sistema roto .Ya me estoy desesperando . Ahora tengo el sistema nuevecito y solo he instalado el antivirus de Trend Micro y un visualizador de imágenes FastStone Image Viewer para enseñarte las capturas .Lo descargo de su pagina oficial. El antivirus ya me esta dando RISK en rúter .puerto 445.

A ver si respondo a todo una a una .descubrí la ISO por la fecha del ultimo acceso. Yo ese día no había andado en esas carpetas Luego solo mire el árbol de carpetas y me encontré una carpeta nueva (dentro de la ISO) llamada "Rafael Asensio"y todo un directorio de mi c: que no tengo ni idea de quien es ese señor .Tengo la captura para que veas pero no se como ponerla aquí . Todas las ISO que boteo están recién descargadas de Microsoft. Es mas ,hoy he tardado una hora o hora y media entre la descarga y sacarla boteada y ya estaba corrupta .Ya no dejo el Pendrid metido ni cinco minutos .

Utilizo Rufus de la pagina oficial también descargado en ese instante para el boteo . El router siempre después de reiniciarlo le busco el Firnware ultima versión ,pero este router no tiene mas versiones que la que trae ,aun así le digo buscar .Utilizo un No se poner la imagen. Se llama HouseCallforHomeNetworks y va dando indicaciones de puertos que mire o lo que sea.Me pide actualizar mi Windows y me va revisando los perifericos .

SI SI Luego configuro el router ,Las ip de los dispositivos el firewal del router ,e incluso como pongo el firewal del router a máxima seguridad creo una regla NAT-Pat para salida FTP, le cambio la contraseña ,oculto la SSiD del wifi .

Tengo una Ricoh Aficion MD 3350 pero la he desconectado de la red por que creaba colas de impresión y por si acaso la tengo fuera de la red. Mis móviles no los conecto al wifi nunca .Un portatil super antiguo que tenia aquí guardado y lo conecte un dia para sacar algo y se me infecto por completo .Ahora lo tengo limpio y fuera de red .

ULTRAISO quería decir Ultraiso Cuando digo que le vi un día con el ULTRAISO (creo que lo escribí mal ) un programilla que te crea imanes ISO .Ese día estaba abierto el programa pero no llegue a ver que estaba editando ,pero vamos . Los programas que instalo ,sobre todo desde diciembre hasta hoy son de paginas oficiales. No he vuelto a tocar un programa con crack ni de coña .Y aunque guardo algún programa no instalo dos veces el mismo .

El programa que me dio los problemas se llama IObit Unlocker descargado de la pagina oficial .Eso esta comprobado si no no diría nada .

Como puedes ver esto es de lokos ,pero créeme por que tengo las imágenes por que ni yo mismo me creo lo que veo .

He mandado email de ayuda a varias compañías antivirus y sigo igual . Un detalle ,escribiendo a Policia Nacional se me empezo a parar la pagina ,se congelo y nunca mas pude entrar .Escribía www.Marca.es o Real Mdrid y eso me funcionaba perfectamente pero escribia Policia o Guadia Civil , delitos informaticos y se bloqueaba el ordenador por completo .Fue muy curioso ese dia .

Asi que gracias señor . Voy a comenzar a ver que me has pedido .y te lo preparo ahora mismo

Saludos

.

Nina_Tusabe · 11 Marzo, 2021 20:05

Hola …va el primero

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

Database version: main: v2021.03.11.06 rootkit: v2021.03.11.06

Windows 10 x64 NTFS (Safe Mode/Networking) Internet Explorer 11.630.19041.0 tor :: DESKTOP-KLPEOIN [administrator]

11/03/2021 17:44:19 mbar-log-2021-03-11 (17-44-19).txt

Memory Processes Detected: 0 (No malicious items detected)

Memory Modules Detected: 0 (No malicious items detected)

Registry Keys Detected: 0 (No malicious items detected)

Registry Values Detected: 0 (No malicious items detected)

Registry Data Items Detected: 0 (No malicious items detected)

Folders Detected: 0 (No malicious items detected)

Files Detected: 0 (No malicious items detected)

Physical Sectors Detected: 0 (No malicious items detected)

(end)

Nina_Tusabe · 11 Marzo, 2021 20:06

segundo

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.992000 GHz Memory total: 6296285184, free: 5021642752

Downloaded database version: v2021.03.11.06 Downloaded database version: v2021.03.11.06 Downloaded database version: v2018.01.20.01

Initializing… Driver version: 4.3.0.15 ------------ Kernel report ------------ 03/11/2021 17:43:31 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\System32\drivers\FLTMGR.SYS \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\System32\drivers\ksecdd.sys \SystemRoot\System32\drivers\clipsp.sys \SystemRoot\System32\drivers\cmimcext.sys \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\ntosext.sys \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\cng.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\WppRecorder.sys \SystemRoot\system32\drivers\SleepStudyHelper.sys \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\system32\drivers\SgrmAgent.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\system32\drivers\WindowsTrustedRT.sys \SystemRoot\System32\drivers\IntelTA.sys \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\isapnp.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\ucx01000.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\system32\drivers\CEA.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\evbda.sys \SystemRoot\System32\drivers\pcmcia.sys \SystemRoot\System32\drivers\pciide.sys \SystemRoot\System32\drivers\PCIIDEX.SYS \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\intelide.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\sdbus.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\vmbus.sys \SystemRoot\System32\drivers\NDIS.SYS \SystemRoot\System32\drivers\NETIO.SYS \SystemRoot\System32\drivers\hvsocket.sys \SystemRoot\System32\drivers\vmbkmcl.sys \SystemRoot\System32\drivers\winhv.sys \SystemRoot\System32\drivers\vpci.sys \SystemRoot\System32\drivers\bxvbda.sys \SystemRoot\System32\drivers\nvraid.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\system32\drivers\urscx01000.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorV.sys \SystemRoot\System32\drivers\vsmraid.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\3ware.sys \SystemRoot\System32\drivers\amdsata.sys \SystemRoot\System32\drivers\amdxata.sys \SystemRoot\System32\drivers\amdsbs.sys \SystemRoot\System32\drivers\arcsas.sys \SystemRoot\System32\drivers\ItSas35i.sys \SystemRoot\System32\drivers\lsi_sas.sys \SystemRoot\System32\drivers\lsi_sas2i.sys \SystemRoot\System32\drivers\lsi_sas3i.sys \SystemRoot\System32\drivers\lsi_sss.sys \SystemRoot\System32\drivers\megasas.sys \SystemRoot\System32\drivers\MegaSas2i.sys \SystemRoot\System32\drivers\megasas35i.sys \SystemRoot\System32\drivers\megasr.sys \SystemRoot\System32\drivers\mvumis.sys \SystemRoot\System32\drivers\nvstor.sys \SystemRoot\System32\drivers\percsas2i.sys \SystemRoot\System32\drivers\percsas3i.sys \SystemRoot\System32\drivers\SiSRaid2.sys \SystemRoot\System32\drivers\sisraid4.sys \SystemRoot\System32\drivers\vstxraid.sys \SystemRoot\System32\drivers\stexstor.sys \SystemRoot\System32\drivers\cht4sx64.sys \SystemRoot\System32\drivers\iaStorAVC.sys \SystemRoot\System32\drivers\atapi.sys \SystemRoot\System32\drivers\ataport.SYS \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\stornvme.sys \SystemRoot\System32\drivers\ADP80XX.SYS \SystemRoot\System32\drivers\HpSAMD.sys \SystemRoot\System32\drivers\SmartSAMD.sys \SystemRoot\System32\drivers\nvdimm.sys \SystemRoot\System32\drivers\EhStorTcgDrv.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys \SystemRoot\System32\drivers\storvsc.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\System32\drivers\wfplwfs.sys \SystemRoot\System32\drivers\vmstorfl.sys \SystemRoot\system32\DRIVERS\TMEBC64.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\bttflt.sys \SystemRoot\System32\drivers\volume.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\uaspstor.sys \SystemRoot\System32\drivers\storufs.sys \SystemRoot\System32\drivers\sdstor.sys \SystemRoot\System32\drivers\scmbus.sys \SystemRoot\System32\drivers\sbp2port.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\system32\DRIVERS\ramdisk.sys \SystemRoot\System32\drivers\pmem.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\iorate.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\CimFS.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afunix.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\drivers\vwififlt.sys \SystemRoot\System32\drivers\pacer.sys \SystemRoot\System32\drivers\ndiscap.sys \SystemRoot\system32\drivers\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys \SystemRoot\System32\drivers\kdnic.sys \SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys \SystemRoot\System32\drivers\e1e6032e.sys \SystemRoot\System32\drivers\usbuhci.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\portcls.sys \SystemRoot\System32\drivers\drmk.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\fdc.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\HdAudio.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32kbase.sys \SystemRoot\System32\win32kfull.sys \SystemRoot\System32\drivers\dxgmms2.sys \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\msquic.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\drivers\condrv.sys ??\C:\Windows\system32\drivers\mbamchameleon.sys \SystemRoot\System32\drivers\mouhid.sys ??\C:\Windows\system32\drivers\3665F423.sys ----------- End ----------- Done!

Scan started Database versions: main: v2021.03.11.06 rootkit: v2021.03.11.06

<<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffff908df0d2a060, DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
--------- Disk Stack ------ DevicePointer: 0xffff908df0b50040, DeviceName: Unknown, DriverName: \Driver\partmgr
DevicePointer: 0xffff908df0d2a060, DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
DevicePointer: 0xffff908df0b92050, DeviceName: \Device\00000021, DriverName: \Driver\storahci
------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers… Done! Drive 0 This is a System drive Scanning MBR on drive 0… Inspecting partition table: MBR Signature: 55AA Disk Signature: A51E234C

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048  Numsec = 168302592
Partition is not bootable
Partition file system is NTFS

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 168305672  Numsec = 320091496
Partition is bootable
Partition file system is NTFS

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Disk Size: 250059350016 bytes Sector size: 512 bytes

Done! Scan Interrupted Scan was aborted.

Scan started Database versions: main: v2021.03.11.06 rootkit: v2021.03.11.06

<<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers… Done! Drive 0 This is a System drive Scanning MBR on drive 0… Inspecting partition table: MBR Signature: 55AA Disk Signature: A51E234C

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048  Numsec = 168302592
Partition is not bootable
Partition file system is NTFS

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 168305672  Numsec = 320091496
Partition is bootable
Partition file system is NTFS

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Disk Size: 250059350016 bytes Sector size: 512 bytes

Done! Scan Interrupted Scan was aborted.

Removal queue found; removal started Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\MBR-0-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\VBR-0-0-2048-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\VBR-0-1-168305672-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\MBR-0-r.mbam… Removal finished

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.992000 GHz Memory total: 6296285184, free: 5164609536

=======================================

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.992000 GHz Memory total: 6296285184, free: 4730818560

Downloaded database version: v2021.03.11.07 Downloaded database version: v2021.03.11.07 Downloaded database version: v2018.01.20.01

Initializing… Driver version: 4.3.0.15 ------------ Kernel report ------------ 03/11/2021 19:19:19 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\System32\drivers\FLTMGR.SYS \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\System32\drivers\ksecdd.sys \SystemRoot\System32\drivers\clipsp.sys \SystemRoot\System32\drivers\cmimcext.sys \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\ntosext.sys \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\cng.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\WppRecorder.sys \SystemRoot\system32\drivers\SleepStudyHelper.sys \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\system32\drivers\SgrmAgent.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\system32\drivers\WindowsTrustedRT.sys \SystemRoot\System32\drivers\IntelTA.sys \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\isapnp.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\ucx01000.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\system32\drivers\CEA.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\evbda.sys \SystemRoot\System32\drivers\pcmcia.sys \SystemRoot\System32\drivers\pciide.sys \SystemRoot\System32\drivers\PCIIDEX.SYS \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\intelide.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\sdbus.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\vmbus.sys \SystemRoot\System32\drivers\NDIS.SYS \SystemRoot\System32\drivers\NETIO.SYS \SystemRoot\System32\drivers\hvsocket.sys \SystemRoot\System32\drivers\vmbkmcl.sys \SystemRoot\System32\drivers\winhv.sys \SystemRoot\System32\drivers\vpci.sys \SystemRoot\System32\drivers\bxvbda.sys \SystemRoot\System32\drivers\nvraid.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\system32\drivers\urscx01000.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorV.sys \SystemRoot\System32\drivers\vsmraid.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\3ware.sys \SystemRoot\System32\drivers\amdsata.sys \SystemRoot\System32\drivers\amdxata.sys \SystemRoot\System32\drivers\amdsbs.sys \SystemRoot\System32\drivers\arcsas.sys \SystemRoot\System32\drivers\ItSas35i.sys \SystemRoot\System32\drivers\lsi_sas.sys \SystemRoot\System32\drivers\lsi_sas2i.sys \SystemRoot\System32\drivers\lsi_sas3i.sys \SystemRoot\System32\drivers\lsi_sss.sys \SystemRoot\System32\drivers\megasas.sys \SystemRoot\System32\drivers\MegaSas2i.sys \SystemRoot\System32\drivers\megasas35i.sys \SystemRoot\System32\drivers\megasr.sys \SystemRoot\System32\drivers\mvumis.sys \SystemRoot\System32\drivers\nvstor.sys \SystemRoot\System32\drivers\percsas2i.sys \SystemRoot\System32\drivers\percsas3i.sys \SystemRoot\System32\drivers\SiSRaid2.sys \SystemRoot\System32\drivers\sisraid4.sys \SystemRoot\System32\drivers\vstxraid.sys \SystemRoot\System32\drivers\stexstor.sys \SystemRoot\System32\drivers\cht4sx64.sys \SystemRoot\System32\drivers\iaStorAVC.sys \SystemRoot\System32\drivers\atapi.sys \SystemRoot\System32\drivers\ataport.SYS \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\stornvme.sys \SystemRoot\System32\drivers\ADP80XX.SYS \SystemRoot\System32\drivers\HpSAMD.sys \SystemRoot\System32\drivers\SmartSAMD.sys \SystemRoot\System32\drivers\nvdimm.sys \SystemRoot\System32\drivers\EhStorTcgDrv.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys \SystemRoot\System32\drivers\storvsc.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\System32\drivers\wfplwfs.sys \SystemRoot\System32\drivers\vmstorfl.sys \SystemRoot\system32\DRIVERS\TMEBC64.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\bttflt.sys \SystemRoot\System32\drivers\volume.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\uaspstor.sys \SystemRoot\System32\drivers\storufs.sys \SystemRoot\System32\drivers\sdstor.sys \SystemRoot\System32\drivers\scmbus.sys \SystemRoot\System32\drivers\sbp2port.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\system32\DRIVERS\ramdisk.sys \SystemRoot\System32\drivers\pmem.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\iorate.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\CimFS.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afunix.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\drivers\vwififlt.sys \SystemRoot\System32\drivers\pacer.sys \SystemRoot\System32\drivers\ndiscap.sys \SystemRoot\system32\drivers\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys \SystemRoot\System32\drivers\kdnic.sys \SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys \SystemRoot\System32\drivers\e1e6032e.sys \SystemRoot\System32\drivers\usbuhci.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\portcls.sys \SystemRoot\System32\drivers\drmk.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\fdc.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\HdAudio.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32kbase.sys \SystemRoot\System32\win32kfull.sys \SystemRoot\System32\drivers\dxgmms2.sys \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\msquic.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\condrv.sys ??\C:\Windows\system32\drivers\mbamchameleon.sys ??\C:\Windows\system32\drivers\722307C0.sys ----------- End ----------- Done!

Scan started Database versions: main: v2021.03.11.07 rootkit: v2021.03.11.07

<<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffb90e8b51d060, DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
--------- Disk Stack ------ DevicePointer: 0xffffb90e8b4c9040, DeviceName: Unknown, DriverName: \Driver\partmgr
DevicePointer: 0xffffb90e8b51d060, DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
DevicePointer: 0xffffb90e8b379050, DeviceName: \Device\00000021, DriverName: \Driver\storahci
------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers… Done! Drive 0 This is a System drive Scanning MBR on drive 0… Inspecting partition table: MBR Signature: 55AA Disk Signature: A51E234C

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048  Numsec = 168302592
Partition is not bootable
Partition file system is NTFS

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 168305672  Numsec = 320091496
Partition is bootable
Partition file system is NTFS

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Disk Size: 250059350016 bytes Sector size: 512 bytes

Done! Scan Interrupted Scan was aborted.

Removal queue found; removal started Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\MBR-0-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\VBR-0-0-2048-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\VBR-0-1-168305672-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\MBR-0-r.mbam… Removal finished

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.992000 GHz Memory total: 6296285184, free: 3520303104

Downloaded database version: v2021.03.11.07 Downloaded database version: v2021.03.11.07 Downloaded database version: v2018.01.20.01 Initializing…

Driver version: 4.3.0.15 ------------ Kernel report ------------ 03/11/2021 19:57:15 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\System32\drivers\FLTMGR.SYS \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\System32\drivers\ksecdd.sys \SystemRoot\System32\drivers\clipsp.sys \SystemRoot\System32\drivers\cmimcext.sys \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\ntosext.sys \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\cng.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\WppRecorder.sys \SystemRoot\system32\drivers\SleepStudyHelper.sys \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\system32\drivers\mssecflt.sys \SystemRoot\system32\drivers\SgrmAgent.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\system32\drivers\WindowsTrustedRT.sys \SystemRoot\System32\drivers\IntelTA.sys \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys \SystemRoot\system32\drivers\48434194.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\system32\drivers\CEA.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\pciide.sys \SystemRoot\System32\drivers\PCIIDEX.SYS \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\atapi.sys \SystemRoot\System32\drivers\ataport.SYS \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\System32\drivers\wfplwfs.sys \SystemRoot\system32\DRIVERS\TMEBC64.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volume.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\iorate.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\filecrypt.sys \SystemRoot\system32\drivers\tbs.sys \SystemRoot\system32\DRIVERS\TMUMH.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\CimFS.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afunix.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\drivers\vwififlt.sys \SystemRoot\System32\drivers\pacer.sys \SystemRoot\System32\drivers\ndiscap.sys \SystemRoot\system32\drivers\netbios.sys \SystemRoot\system32\DRIVERS\tmeyes.sys \SystemRoot\System32\drivers\Vid.sys \SystemRoot\System32\drivers\winhvr.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\gpuenergydrv.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\drivers\bam.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys \SystemRoot\System32\drivers\kdnic.sys \SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\e1e6032e.sys \SystemRoot\System32\drivers\usbuhci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\portcls.sys \SystemRoot\System32\drivers\drmk.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\fdc.sys \SystemRoot\System32\drivers\parport.sys \SystemRoot\System32\drivers\serial.sys \SystemRoot\System32\drivers\serenum.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\drivers\HdAudio.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32kbase.sys \SystemRoot\System32\win32kfull.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\drivers\dxgmms2.sys \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\wcifs.sys \SystemRoot\system32\drivers\cldflt.sys \SystemRoot\system32\drivers\storqosflt.sys \SystemRoot\system32\drivers\bindflt.sys \SystemRoot\system32\drivers\mslldp.sys \SystemRoot\system32\drivers\msquic.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\drivers\lltdio.sys \SystemRoot\system32\drivers\rspndr.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\drivers\mmcss.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\DRIVERS\tmeevw.sys \SystemRoot\system32\DRIVERS\tmnciesc.sys \SystemRoot\system32\DRIVERS\tmusa.sys ??\C:\Windows\system32\drivers\mbamchameleon.sys ??\C:\Windows\system32\drivers\526363C8.sys ----------- End ----------- Done!

Scan started Database versions: main: v2021.03.11.07 rootkit: v2021.03.11.07

<<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffe00a4ca020a0, DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
--------- Disk Stack ------ DevicePointer: 0xffffe00a4c9398f0, DeviceName: Unknown, DriverName: \Driver\partmgr
DevicePointer: 0xffffe00a4ca020a0, DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
DevicePointer: 0xffffe00a4c818050, DeviceName: \Device\00000021, DriverName: \Driver\storahci
------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0, DriverName: \Driver\disk
Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers… Done! Drive 0 This is a System drive Scanning MBR on drive 0… Inspecting partition table: MBR Signature: 55AA Disk Signature: A51E234C

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048  Numsec = 168302592
Partition is not bootable
Partition file system is NTFS

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 168305672  Numsec = 320091496
Partition is bootable
Partition file system is NTFS

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0  Numsec = 0
Partition is not bootable

Disk Size: 250059350016 bytes Sector size: 512 bytes

Done! Scan finished

Removal queue found; removal started Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\MBR-0-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\VBR-0-0-2048-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\VBR-0-1-168305672-i.mbam… Removing C:\ProgramData\Malwarebytes’ Anti-Malware (portable)\MBR-0-r.mbam… Removal finished

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.992000 GHz Memory total: 6296285184, free: 3398131712

=======================================

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.992000 GHz Memory total: 6296285184, free: 3424157696

No address found

Nina_Tusabe · 11 Marzo, 2021 20:10

Este he de mandarlo a trozos por que no cabe —Parte 1 de 250 lineas

20:43:14.0836 0x0428 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46 20:43:21.0638 0x0428 ============================================================ 20:43:21.0638 0x0428 Current date / time: 2021/03/11 20:43:21.0638 20:43:21.0638 0x0428 SystemInfo: 20:43:21.0638 0x0428
20:43:21.0638 0x0428 OS Version: 10.0.19042 ServicePack: 0.0 20:43:21.0638 0x0428 Product type: Workstation 20:43:21.0638 0x0428 ComputerName: DESKTOP-KLPEOIN 20:43:21.0638 0x0428 UserName: tor 20:43:21.0638 0x0428 Windows directory: C:\Windows 20:43:21.0638 0x0428 System windows directory: C:\Windows 20:43:21.0638 0x0428 Running under WOW64 20:43:21.0638 0x0428 Processor architecture: Intel x64 20:43:21.0638 0x0428 Number of processors: 2 20:43:21.0638 0x0428 Page size: 0x1000 20:43:21.0638 0x0428 Boot type: Normal boot 20:43:21.0638 0x0428 CodeIntegrityOptions = 0x00000001 20:43:21.0638 0x0428 ============================================================ 20:43:21.0638 0x0428 KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D 20:43:21.0638 0x0428 KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D 20:43:21.0638 0x0428 BG loaded 20:43:21.0919 0x0428 System UUID: {BA94422A-1F47-6FB8-AEEA-24EED0F2273B} 20:43:22.0334 0x0428 !crdlk 20:43:22.0350 0x0428 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘A’ 20:43:22.0381 0x0428 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 ( 3.73 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘W’ 20:43:22.0381 0x0428 ============================================================ 20:43:22.0381 0x0428 \Device\Harddisk0\DR0: 20:43:22.0381 0x0428 MBR partitions: 20:43:22.0381 0x0428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA081800 20:43:22.0381 0x0428 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA082408, BlocksNum 0x13143568 20:43:22.0397 0x0428 \Device\Harddisk1\DR1: 20:43:22.0397 0x0428 MBR partitions: 20:43:22.0397 0x0428 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x777800 20:43:22.0397 0x0428 ============================================================ 20:43:22.0444 0x0428 C: <-> \Device\Harddisk0\DR0\Partition2 20:43:22.0491 0x0428 D: <-> \Device\Harddisk0\DR0\Partition1 20:43:22.0491 0x0428 ============================================================ 20:43:22.0491 0x0428 Initialize success 20:43:22.0491 0x0428 ============================================================ 20:43:33.0334 0x19a4 ============================================================ 20:43:33.0334 0x19a4 Scan started 20:43:33.0334 0x19a4 Mode: Manual; SigCheck; TDLFS; 20:43:33.0334 0x19a4 ============================================================ 20:43:33.0334 0x19a4 KSN ping started 20:43:33.0350 0x19a4 KSN ping finished: false 20:43:39.0897 0x19a4 ================ Scan BIOS ================================= 20:43:39.0897 0x19a4 BIOS info: vendor = Dell Inc., version = A22, releaseDate = 06/11/2012 20:43:39.0897 0x19a4 Base board info: manufacturer = Dell Inc., product = 0PU052, version =
20:43:41.0616 0x19a4 [ D6BD0BF88551CC1EF133EB4B63CBE0EC, 239A4D9B2DEBF85674DAEE15A3E8B8AE939E13C46B7A10A63D35433F7A1DFA13 ] BIOS 20:43:41.0616 0x19a4 BIOS - ok 20:43:41.0616 0x19a4 ================ Scan system memory ======================== 20:43:41.0616 0x19a4 System memory - ok 20:43:41.0616 0x19a4 ================ Scan services ============================= 20:43:42.0162 0x19a4 [ AF50A9D10FF7B1D999BA99D00CC128B3, 3D6E0579821BFA91B7F0A6E6DDC6E03BD3389202AD1A079B825D18D2A76250A0 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 20:43:42.0256 0x19a4 1394ohci - ok 20:43:42.0287 0x19a4 [ 1C29610EDF5FE3C9D313207BD65BCDD0, 5A29D80AF47D08998125CB81BC1D4E84093291A74DE422B63F7BBDA7BDE95311 ] 3ware C:\Windows\system32\drivers\3ware.sys 20:43:42.0303 0x19a4 3ware - ok 20:43:42.0350 0x19a4 [ D8BDBDF122082678D8270E7280453034, 448C70AEBFDDEAE47CD01178CC1A2D5A374D644B998178DB187F6558AC38F7CA ] AarSvc C:\Windows\System32\AarSvc.dll 20:43:42.0397 0x19a4 AarSvc - ok 20:43:42.0537 0x19a4 [ 76DB2803F668B0D9023422DBD429C2B3, 916C2525BF27CEC3C29D51FC0AE67E6CB8D73D5A323118145DC0BAD00B592609 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:43:42.0584 0x19a4 ACPI - ok 20:43:42.0600 0x19a4 [ 6A424E6ABD1970E23ECF3DA85725B6BF, 1D576471A8035AD3FF5B0616F47B79E43AA367ECDF009D7CADDA0F11F13A1345 ] AcpiDev C:\Windows\System32\drivers\AcpiDev.sys 20:43:42.0631 0x19a4 AcpiDev - ok 20:43:42.0647 0x19a4 [ 70D9FC69CED08E86B888717CC5C37367, 34856C805B67F3EE4ABFD81B61879112344C343BC7E76A7A466FAD276E0E5165 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 20:43:42.0678 0x19a4 acpiex - ok 20:43:42.0694 0x19a4 [ EF7CB34FB2D56305EF942012499AB8F7, 3A9A504797FD22BB5447BB36597D5001320ABC0D4A1853D478C038EAC6847913 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 20:43:42.0709 0x19a4 acpipagr - ok 20:43:42.0725 0x19a4 [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 20:43:42.0756 0x19a4 AcpiPmi - ok 20:43:42.0756 0x19a4 [ 85A86944A6163F0B7A8B10203B70CB9A, 72D35F5DB8714D38E4050A7F7A457C4AD99E3EA212040704F1C1ECBB70E865E9 ] acpitime C:\Windows\System32\drivers\acpitime.sys 20:43:42.0787 0x19a4 acpitime - ok 20:43:42.0819 0x19a4 [ 0A5B95079E8854FFDB8ABC057812AD8B, 897A9C367AD464F0CB4DEB4E53CD788D75673B0F84241D5CEE2DBE64BE038818 ] Acx01000 C:\Windows\system32\drivers\Acx01000.sys 20:43:42.0850 0x19a4 Acx01000 - ok 20:43:42.0912 0x19a4 [ B4B75D49BFBCFB2762593F77E5BD7789, B83072D77685F973701EC6629D8AC2626FDEFD657A4DB9AA7D532960A29FC67C ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 20:43:42.0975 0x19a4 ADP80XX - ok 20:43:43.0022 0x19a4 [ 6F082A5EB40F9BFD6873F3796F10F866, C50D7B309C446058140F0A714F9267B58B144E63AE845B09E51572D09960236B ] AFD C:\Windows\system32\drivers\afd.sys 20:43:43.0069 0x19a4 AFD - ok 20:43:43.0084 0x19a4 [ F7EE34360235227A7AC164215A583EE6, D83B788A59F84071260695A6C71ACF6AD4760C11F0E249E266A666E4648B3C9A ] afunix C:\Windows\system32\drivers\afunix.sys 20:43:43.0116 0x19a4 afunix - ok 20:43:43.0147 0x19a4 [ 852B17846D11304E043E4C8A71323D5E, BC3A37CEB86D2B1970A9F4ABA31F958A1FE07C246F4F127334BB19719893ED91 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 20:43:43.0194 0x19a4 ahcache - ok 20:43:43.0209 0x19a4 [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter C:\Windows\System32\AJRouter.dll 20:43:43.0241 0x19a4 AJRouter - ok 20:43:43.0256 0x19a4 [ EE6E3DCACA515C8E507236E4FAC225DE, AC42E63AB0DF0D5329506900D4CBE188BB3A24AEBEE368F9FF413A2C464AD656 ] ALG C:\Windows\System32\alg.exe 20:43:43.0287 0x19a4 ALG - ok 20:43:43.0303 0x19a4 [ 55578CF027B0AE9F0D653B209C9F1B6D, 46A53925BAA34FA9D87E7C3157504A4557D81CD8B8608E7AB6CAF02F482F7792 ] amdgpio2 C:\Windows\System32\drivers\amdgpio2.sys 20:43:43.0319 0x19a4 amdgpio2 - ok 20:43:43.0334 0x19a4 [ D0E26E590DE1424CCC4F77D1687049EF, 387811D57DEF06C9736D9F0BAB0DFB0F83DBAB19E5489BF9A6DCDCBD682DD8FE ] amdi2c C:\Windows\System32\drivers\amdi2c.sys 20:43:43.0350 0x19a4 amdi2c - ok 20:43:43.0381 0x19a4 [ 532C470012279A4E43BB2ECFB5485F95, 1DE9419C351546F4B8747AA46422311F8D1610CCA4FD050D2E2D63B6A5A839C3 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 20:43:43.0397 0x19a4 AmdK8 - ok 20:43:43.0412 0x19a4 [ 6EAC24D762ED653A5FB78B9BD871C200, DBAA893F1889C5B433786A1F0A5491389A8ED465E1BF2E9C486605F0D4F054CF ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 20:43:43.0444 0x19a4 AmdPPM - ok 20:43:43.0475 0x19a4 [ 70D7BE6BB8D22A38AD0040A1EC41C1FE, D5231F97E5432234A8A19904E59C324E825AF04881AA195C19CCC9E6A7684B14 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:43:43.0491 0x19a4 amdsata - ok 20:43:43.0506 0x19a4 [ C47EDC5D81546677A772CFC86281ED29, 71C7E7E5AA74596A6725D8F70F1DE9A0C63D3C3E120D9CCF8A508854AC340A23 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 20:43:43.0537 0x19a4 amdsbs - ok 20:43:43.0553 0x19a4 [ F1A1CA86A1E3782A0CABB07EF3663C70, 1FC1D4287DB56A387BDF917C0CB3BFC30CA5D792A350E2EDBBDDEBF8127E1AF9 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:43:43.0584 0x19a4 amdxata - ok 20:43:43.0834 0x19a4 [ C7DADDC82BC02F9A085282461068381B, BF7322C657EB0469D9DE05D9CF2E13FC7CFBCD5AE753DBE06166774E6C7F53DD ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe 20:43:43.0897 0x19a4 Amsp - ok 20:43:43.0991 0x19a4 [ A557C1577BB5EF801E0D96458D0BBE57, 043B8941418474A1DD8BB0C7C37B9F97ABB7380A7AC0DD40650EEE0EF4DED638 ] AMSPTLM C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe 20:43:44.0006 0x19a4 AMSPTLM - ok 20:43:44.0037 0x19a4 [ 035BB2BA72A86B0965039218E63607CB, 44B1727270D03795B639BC42B879BB3268BA6111E00DA228191CAD8E9BD90D72 ] AppID C:\Windows\system32\drivers\appid.sys 20:43:44.0069 0x19a4 AppID - ok 20:43:44.0084 0x19a4 [ F73958729C9F712DFA1844A80C13D9EF, 3575F696BDEF22FD2855308BE56DEB173D537DC35128FE2B038E76B407560505 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:43:44.0116 0x19a4 AppIDSvc - ok 20:43:44.0131 0x19a4 [ 5A0F23E5ACD2B4CC68A817FAB63E7894, D66E7A133279048EDCE4946AAEDDAF59871B7572B0E8D4914A51CE7538FF9B77 ] Appinfo C:\Windows\System32\appinfo.dll 20:43:44.0162 0x19a4 Appinfo - ok 20:43:44.0178 0x19a4 [ 736774D0D8EBD02D09E95D31091F0046, 1E8729E07A039CB6D0FC911911FE8E5BB1DA977181703B48C9F95DE8B1756629 ] applockerfltr C:\Windows\system32\drivers\applockerfltr.sys 20:43:44.0209 0x19a4 applockerfltr - ok 20:43:44.0241 0x19a4 [ 9F7F9EF3CB7B2DB1DE97A8DC2A8053E7, 51EB3E2C8266AE07FDB1B69E3550FFD7B8500E0469A33D2064C4ECCAA942988C ] AppMgmt C:\Windows\System32\appmgmts.dll 20:43:44.0272 0x19a4 AppMgmt - ok 20:43:44.0319 0x19a4 [ 6820A80FD9A3B3A6AB7063FA2208DBEA, 3D473187AEEC744A8BEDB114CB802DB37543694E5518B7E1767ACF74AA34F34C ] AppReadiness C:\Windows\system32\AppReadiness.dll 20:43:44.0366 0x19a4 AppReadiness - ok 20:43:44.0397 0x19a4 [ DC06815F02B8E4F5BFDD44D29DE33047, 03BC40C526BA6C67474DF13A61D724F7E01C39342D66C5F4BE7FC3F8A0F5A662 ] AppVClient C:\Windows\system32\AppVClient.exe 20:43:44.0444 0x19a4 AppVClient - ok 20:43:44.0475 0x19a4 [ 6859368DBF5BD69B25B34AA1475258EC, 15763D9C6EC89DBA974C41BDB362D82F23A550FF78943D8B2E158518DB899A14 ] AppvStrm C:\Windows\system32\drivers\AppvStrm.sys 20:43:44.0506 0x19a4 AppvStrm - ok 20:43:44.0522 0x19a4 [ E4F5D59DC7E64CF1194BE21313F9F06B, FCF60C3C9A5A864AAAFBEF0FC3BE098EF3B28F89B92CCDAF7902D5022E9BB2CF ] AppvVemgr C:\Windows\system32\drivers\AppvVemgr.sys 20:43:44.0537 0x19a4 AppvVemgr - ok 20:43:44.0553 0x19a4 [ 0D69102DA6BCC3297F8C1BA77AB87F73, E073804F721AD6067D54C6604945C5365E45935C76AC5EC5DBC1ED1F91CA1878 ] AppvVfs C:\Windows\system32\drivers\AppvVfs.sys 20:43:44.0584 0x19a4 AppvVfs - ok 20:43:44.0741 0x19a4 [ B57D83A652664128B7ADE7855F1821B1, 434F2F17000DB67524FA71722875B3D928434B9847D0241B7803DD44D570A709 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 20:43:44.0944 0x19a4 AppXSvc - ok 20:43:45.0225 0x19a4 [ 46FD8469080917EE12425AF692C4BC20, 96DCA25AE619F38640B22702A10BC3191626F3A36DE0E1B0EDA3B079EA9DEB24 ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:43:45.0303 0x19a4 arcsas - ok 20:43:45.0350 0x19a4 [ 6CB75AC5FA454560CDA3ADF81EFEFE93, BB0CFC9C365D7BB25EDD1D73467B09A107603CF2D66F5E57F076E1BAFF3E9D0F ] AssignedAccessManagerSvc C:\Windows\System32\assignedaccessmanagersvc.dll 20:43:45.0412 0x19a4 AssignedAccessManagerSvc - ok 20:43:45.0428 0x19a4 [ D930AAE80A55116D07C41E95DE5671DB, 14985D6D2D52689C1B012F64ED0D7C9C5F6BADB51C4528BF6456D3EAE2FE69A7 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys 20:43:45.0459 0x19a4 AsyncMac - ok 20:43:45.0475 0x19a4 [ C394B2347795AB247F4F4FFAB46B8935, 640B9E84035441BF4B116A9D6A31B457F6A07EEFF6E7CAD0FE6E688B219F0275 ] atapi C:\Windows\system32\drivers\atapi.sys 20:43:45.0491 0x19a4 atapi - ok 20:43:45.0537 0x19a4 [ 20008956FCE838B8A6BC65DC946A1D70, 9E2F96A68FEE104804A7AEBEACD1F12063173957A5440F8EB083515D0DA2DBB2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 20:43:45.0584 0x19a4 AudioEndpointBuilder - ok 20:43:45.0662 0x19a4 [ 09A598D8A38AA58B713C0CBAF94D8F3B, AB642749C095A72A684227C65010C27F090D2F1A38BE7235E0673DABF1E1184A ] Audiosrv C:\Windows\System32\Audiosrv.dll 20:43:45.0756 0x19a4 Audiosrv - ok 20:43:45.0787 0x19a4 [ 5842D10A7461B7F1E456666A22611089, 7E0D27F365B3E1C89FA88EE28A8AE69ABB959083E6D151BBED87E9D41B743033 ] autotimesvc C:\Windows\System32\autotimesvc.dll 20:43:45.0803 0x19a4 autotimesvc - ok 20:43:45.0834 0x19a4 [ 33A4AE9880A55320D6922FF9193190CC, 98E1D7AF4B14BE99F0786170E6C1B4562672E535BBA5984658DA00D6F4DD70F9 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:43:45.0866 0x19a4 AxInstSV - ok 20:43:45.0912 0x19a4 [ 638C59D330A7AF943074678A70F22E7C, FEB2771428706126FEA1CC9A50EBE3CF4F8E8FB6FCB3CA19996497CA44FDAC45 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 20:43:45.0944 0x19a4 b06bdrv - ok 20:43:45.0975 0x19a4 [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam C:\Windows\system32\drivers\bam.sys 20:43:45.0991 0x19a4 bam - ok 20:43:46.0178 0x19a4 [ 0A9D38310E9683EB13C7DB9F289DDD70, B39BF3F5877613A05088B57B218D8342129DB86FD064B3DC25D1FB2B0611EBA3 ] BasicDisplay C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys 20:43:46.0209 0x19a4 BasicDisplay - ok 20:43:46.0225 0x19a4 [ D6854E27F8E52524BAD0DDB0B06057E3, 77CD4ED4D9EADF350E5015F5DB4146D981ECF38491C52CF26CD9C3E95918DD80 ] BasicRender C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys 20:43:46.0241 0x19a4 BasicRender - ok 20:43:46.0303 0x19a4 [ 7D1FEE3400150B5C5B6A2DB49FC8CF8D, 36162C9969ECE92D6E08123A7F117BB11D735213242F78B0EE50AAB141CB8291 ] BcastDVRUserService C:\Windows\System32\BcastDVRUserService.dll 20:43:46.0381 0x19a4 BcastDVRUserService - ok 20:43:46.0412 0x19a4 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 20:43:46.0428 0x19a4 bcmfn2 - ok 20:43:46.0475 0x19a4 [ C846E52621DEAA0AD5C4B3CC8A1394F1, 570F3A3257BA910A77E58C2BBED9913F784E63CE242B28EFE7760315F2228CFE ] BDESVC C:\Windows\System32\bdesvc.dll 20:43:46.0522 0x19a4 BDESVC - ok 20:43:46.0537 0x19a4 [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep C:\Windows\system32\drivers\Beep.sys 20:43:46.0553 0x19a4 Beep - ok 20:43:46.0600 0x19a4 [ CC27FDD3DB5D94BD43D63DE904EC5D85, 7BC61FEE59B667B15837807A5815BAC8F7E3CA160138C8E973B7A79C4C049EF9 ] BFE C:\Windows\System32\bfe.dll 20:43:46.0647 0x19a4 BFE - ok 20:43:46.0678 0x19a4 [ EEA21C915F325FD6E029DB7927D95C11, 071E0B7204947AC13CAF3994267D0ADA31EA862F62BD3A0BC98F6A96C29EAC61 ] bindflt C:\Windows\system32\drivers\bindflt.sys 20:43:46.0694 0x19a4 bindflt - ok 20:43:46.0772 0x19a4 [ A2C0C8EF1FC90B476BF6E74F18BE81CA, F2395DE2D6DD848C42C8510ED91F11B9D6F74D62AF7852B30010E39FF021E30D ] BITS C:\Windows\System32\qmgr.dll 20:43:46.0866 0x19a4 BITS - ok 20:43:46.0912 0x19a4 [ 75EAE89BE11B0C8DF8F05CF8AE335ABF, F88B7BDEEF51523BF155E8ED24D88FCA73483ECA09CD34D20AD098C83A3F3721 ] BluetoothUserService C:\Windows\System32\Microsoft.Bluetooth.UserService.dll 20:43:46.0975 0x19a4 BluetoothUserService - ok 20:43:46.0991 0x19a4 [ 56283073404C55F35FD182B2A8025405, 78312CD9CADB24DEE22413F2F0642A8FF10C91200D7ABB17C1C2D2D7B30E18D8 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:43:47.0022 0x19a4 bowser - ok 20:43:47.0053 0x19a4 [ B05E170935BC210B8607ADEE21634466, 4B1F1480D606E7DD894C0EACBB24A4A03807ADEAC1228E25D0592CEDBC1C4956 ] BrokerInfrastructure C:\Windows\System32\psmsrv.dll 20:43:47.0084 0x19a4 BrokerInfrastructure - ok 20:43:47.0147 0x19a4 [ 05A729433AA8B89CDE3F2C5AC9D126B4, 7051B96E0A9C0AF075165DBCBB79BD145F066C5FD4FCD69676E99A41B54F0E34 ] BTAGService C:\Windows\System32\BTAGService.dll 20:43:47.0209 0x19a4 BTAGService - ok 20:43:47.0225 0x19a4 [ 7F09708B8C651A0C0E2A2725136BA254, 0442A18BBED4E323265C66561C8F8C171D8E934E9089C12B94D1DFDBB057B737 ] BthA2dp C:\Windows\System32\drivers\BthA2dp.sys 20:43:47.0241 0x19a4 BthA2dp - detected UnsignedFile.Multi.Generic ( 1 ) 20:43:47.0319 0x19a4 BthA2dp ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0319 0x19a4 Force sending object to P2P due to detect: BthA2dp 20:43:47.0319 0x19a4 Object send P2P result: false 20:43:47.0366 0x19a4 [ 7BF7F35786BC3BA6B80FC5CED70D5735, AC601B53D6B36EA3F3E0C7698085A0937957920691495264305B05730B4D44BD ] BthAvctpSvc C:\Windows\System32\BthAvctpSvc.dll 20:43:47.0397 0x19a4 BthAvctpSvc - ok 20:43:47.0428 0x19a4 [ 9C2D1FD2D00EF01D8406880047A22D74, 3F0BB374C945608F65317F102575DC13F5F396AE81BE94E982F62E50A5DE91BF ] BthEnum C:\Windows\System32\drivers\BthEnum.sys 20:43:47.0459 0x19a4 BthEnum - ok 20:43:47.0475 0x19a4 [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 20:43:47.0506 0x19a4 BthHFEnum - ok 20:43:47.0553 0x19a4 [ 0825C3B0D4A788E95DE80739E52C9174, 7B2C116DB586ADF3175AE4DC630C2BB9043CF3EE57A22A8DBFE55127F6065A51 ] BthLEEnum C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys 20:43:47.0569 0x19a4 BthLEEnum - ok 20:43:47.0584 0x19a4 [ C343EC4406E0F039F52CA6F24430C743, 359D002E3DF422F79C3923A14D22F02D0719ED7AA61D2C0FD98BF898E374A72F ] BthMini C:\Windows\System32\drivers\BTHMINI.sys 20:43:47.0616 0x19a4 BthMini - ok 20:43:47.0631 0x19a4 [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 20:43:47.0662 0x19a4 BTHMODEM - ok 20:43:47.0741 0x19a4 [ D635BD9DB05B9BC15EAED46086857259, D9983ABF59B55DE955A3ADE7292DA7152EDD93B44E8CD69D3DE18298ED6669E9 ] BTHPORT C:\Windows\System32\drivers\BTHport.sys 20:43:47.0834 0x19a4 BTHPORT - ok 20:43:47.0866 0x19a4 [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv C:\Windows\system32\bthserv.dll 20:43:47.0897 0x19a4 bthserv - ok 20:43:47.0912 0x19a4 [ D4FB176D0E89BBBDECA6D2D99FBE6803, 07BBED68F17FABF4E3040B07BD39CF1566C16A8B3C2CC3C8B95CC7C589128A1C ] BTHUSB C:\Windows\System32\drivers\BTHUSB.sys 20:43:47.0928 0x19a4 BTHUSB - ok 20:43:47.0959 0x19a4 [ 4FF20E869FE2B5A0B8CE2E8BE61C7F7F, 8DE3B7C87D88CF375417355A7C5052B2DE38805B563D61D0E483DB4AD96BD741 ] bttflt C:\Windows\system32\drivers\bttflt.sys 20:43:47.0975 0x19a4 bttflt - ok 20:43:47.0991 0x19a4 [ EF2A1F3C5EC4EFFFBE9A69B892FBA29C, 16A900FBAB30D008F01F4CAE96347BF313D9D13C7FE430249A0BF4322534CB18 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys 20:43:48.0006 0x19a4 buttonconverter - ok 20:43:48.0006 0x19a4 [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD C:\Windows\System32\drivers\CAD.sys 20:43:48.0037 0x19a4 CAD - ok 20:43:48.0084 0x19a4 [ 6BFF62BA360EAF372BE4E3C2B2BE8806, 267265782A252C2F87EE0DF5FA71EEE2EE61A271E58DF98F520478220051ABF0 ] camsvc C:\Windows\system32\CapabilityAccessManager.dll 20:43:48.0116 0x19a4 camsvc - ok 20:43:48.0147 0x19a4 [ 2105AA8FE3EFA084BCDB3D4541FCF3C2, 0ADE641090361B6B67EFC7F1771312173BCDD293C3E54132378768CBE46A9A60 ] CaptureService C:\Windows\System32\CaptureService.dll 20:43:48.0178 0x19a4 CaptureService - ok 20:43:48.0256 0x19a4 [ 8FA9D78ED249291F43EE74B0A2B6D1EA, 0FD22505CBF690E9BC735B87422D6F9E5EBB3F6290900AB903CCDAAB5A947D8D ] cbdhsvc C:\Windows\System32\cbdhsvc.dll 20:43:48.0319 0x19a4 cbdhsvc - ok 20:43:48.0381 0x19a4 [ 764FE2149251A246F6B047A0F09F5F0B, 9E0B3102BE75FB571A884D8CDD79F3A104DD63A53C8A6815C0992232A888321E ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:43:48.0397 0x19a4 cdfs - ok 20:43:48.0444 0x19a4 [ 816639F929BF3E6565B2EF2F648CAFB2, CC875B573C91E4AD428112DE6A106C231D3B67B16588DC5A5E83FCEC4092BECE ] CDPSvc C:\Windows\System32\CDPSvc.dll 20:43:48.0491 0x19a4 CDPSvc - ok 20:43:48.0522 0x19a4 [ 138FFFAB8437B62B47E41B293E029B39, 7FE5A05E7FB284C14F7746E1444C0080C62FF41B9E2A06D01879A11A39AE7FF2 ] CDPUserSvc C:\Windows\System32\CDPUserSvc.dll 20:43:48.0584 0x19a4 CDPUserSvc - ok 20:43:48.0631 0x19a4 [ 26255C953A69CCD32EF4491411737904, 1DA759586E92BD5987AA28B697401D76BABECABBF214D08D71C27FCDBF5ADBA1 ] cdrom C:\Windows\System32\drivers\cdrom.sys 20:43:48.0662 0x19a4 cdrom - ok 20:43:48.0709 0x19a4 [ DD2EC7B5912830CB181F101FD8025259, 1B5E3D24CBD58014433258AB8168C96B67B9812D5CD0ECAB3F877E2E02AEDA7F ] CertPropSvc C:\Windows\System32\certprop.dll 20:43:48.0741 0x19a4 CertPropSvc - ok 20:43:48.0772 0x19a4 [ 198D403332FB8F2DA289BEBFEC8199AD, 5A7FD2D58C433B9B498A1B37A2F2D877061215360D8E6A752601F2ED4F283A8F ] cht4iscsi C:\Windows\system32\drivers\cht4sx64.sys 20:43:48.0819 0x19a4 cht4iscsi - ok 20:43:48.0881 0x19a4 [ 77065056FBE4E29054CB1D20303B9F59, 83E2C81274DDBE695EF845E541F7A2DB60EF5E195AE14FACDEEEBD30C0EF4E67 ] cht4vbd C:\Windows\System32\drivers\cht4vx64.sys 20:43:48.0975 0x19a4 cht4vbd - ok 20:43:49.0006 0x19a4 [ 50D960D26425BB435B2DF67CBC14E084, 9F9C129F4BA9B71B2213BB97991C45273A1A76C83340EA37B6ED81E3972E7B6A ] CimFS C:\Windows\system32\drivers\CimFS.sys 20:43:49.0037 0x19a4 CimFS - ok 20:43:49.0053 0x19a4 [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass C:\Windows\System32\drivers\circlass.sys 20:43:49.0084 0x19a4 circlass - ok 20:43:49.0131 0x19a4 [ DF80BD76E307ABDFF6688408864B681C, 9B66F655C70BFA6ABC763653D634677A6B5FE61C2E935C533DA4B6354D297DBA ] CldFlt C:\Windows\system32\drivers\cldflt.sys 20:43:49.0178 0x19a4 CldFlt - ok 20:43:49.0194 0x19a4 [ 5E541D37F070CBBE9A6D5296BCFEA2BE, C89AD0019EF3EE2EBD9C242A54E49D446BFE7F2BFCD15718A5E09D9776E0A562 ] CLFS C:\Windows\system32\drivers\CLFS.sys 20:43:49.0225 0x19a4 CLFS - ok 20:43:49.0303 0x19a4 [ B792EDA312291B2F6BA1475C19BE66CF, 92DE718E7B9D54200416CBA2ABAC2532537E88EF0D4C1C59DD6CC120A8E81C7D ] ClipSVC C:\Windows\System32\ClipSVC.dll 20:43:49.0366 0x19a4 ClipSVC - ok 20:43:49.0397 0x19a4 [ E127E772A705CD32BE34166F679C61C8, 209723632369404308EF6DF734077A99A295C2E380DB85AD1F8498CC8DFBC88A ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 20:43:49.0412 0x19a4 CmBatt - ok 20:43:49.0459 0x19a4 [ 7319C802C90A3B8D6A38035800EFFF8B, 4A03AFBF6F9A81FBFF61D2AC0058EBBA6397DBEA9AF585048026210B211DDB1E ] CNG C:\Windows\system32\Drivers\cng.sys 20:43:49.0506 0x19a4 CNG - ok 20:43:49.0537 0x19a4 [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys 20:43:49.0553 0x19a4 cnghwassist - ok 20:43:49.0600 0x19a4 [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys 20:43:49.0616 0x19a4 CompositeBus - ok 20:43:49.0631 0x19a4 COMSysApp - ok 20:43:49.0647 0x19a4 [ 57B0E791DACAD9D9524248CF240EC5F2, 2530BA7E4E7D92A3E03EFD5A50A787993A73B170619E2E4B1B37655914CD46C1 ] condrv C:\Windows\system32\drivers\condrv.sys 20:43:49.0662 0x19a4 condrv - ok 20:43:49.0709 0x19a4 [ 777D606906DC4273B75D64EBFE456EF7, 38341ED0CC47B41ACF7ACDC2A345B29847A4FB48E38ACEAB1BCF89D12E6ED8AA ] ConsentUxUserSvc C:\Windows\System32\ConsentUxClient.dll 20:43:49.0741 0x19a4 ConsentUxUserSvc - ok 20:43:49.0819 0x19a4 [ 0C943AD6840A4C7B3572B7C84BF5FA1F, 0DDD0B0920A1175C1558CF3315E526F98C84A5699E96BDB7A8D4EA997A47C217 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll 20:43:49.0866 0x19a4 CoreMessagingRegistrar - ok 20:43:49.0897 0x19a4 [ 54798227D5409CB924DFD28EB740A1D4, F3896F6F5F51061AC47687AF886D3E8170CEF75D221FA2E4FAC2368DF51990DE ] CredentialEnrollmentManagerUserSvc C:\Windows\system32\CredentialEnrollmentManager.exe 20:43:49.0928 0x19a4 CredentialEnrollmentManagerUserSvc - ok 20:43:49.0944 0x19a4 [ 54798227D5409CB924DFD28EB740A1D4, F3896F6F5F51061AC47687AF886D3E8170CEF75D221FA2E4FAC2368DF51990DE ] CredentialEnrollmentManagerUserSvc_3a9bd C:\Windows\system32\CredentialEnrollmentManager.exe 20:43:49.0975 0x19a4 CredentialEnrollmentManagerUserSvc_3a9bd - ok

Nina_Tusabe · 11 Marzo, 2021 20:14

parte 4 de 751 a 1000

20:44:08.0885 0x19a4 Platinum Host Service - ok 20:44:08.0916 0x19a4 [ C0DE6E29F7E1B79F70D68988A8711BEE, 5FF829925CCA1584DA97FCF24E6EA87485E33267C1FC5483B224856F98C7C96E ] PlugPlay 20:44:08.0932 0x19a4 PlugPlay - ok 20:44:08.0963 0x19a4 [ 8D8575D069381877BAED88D2FC98EC11, 0C0C05CD071BADD691C99CB08EF6CEEB1DF9B0F011F4499C22BBE4636E7521A3 ] pmem 20:44:08.0979 0x19a4 pmem - ok 20:44:08.0994 0x19a4 [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM 20:44:09.0025 0x19a4 PNPMEM - ok 20:44:09.0041 0x19a4 [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg 20:44:09.0072 0x19a4 PNRPAutoReg - ok 20:44:09.0104 0x19a4 [ F8CE0B4F1BC5E4FBDD66C1CAC4D58314, E7DC2FBA4CDBB0A35CC58E0FDF37D68891F18A80E449C0AA2C66C43A596EC4A9 ] PNRPsvc 20:44:09.0135 0x19a4 PNRPsvc - ok 20:44:09.0182 0x19a4 [ D3A3E00336BBFF8408D33ACB4F2A6FAF, 4CBDCDB3A67E6B546298244373D4664B0824DF3E1196FB9DB5C521F4865FEB71 ] PolicyAgent 20:44:09.0229 0x19a4 PolicyAgent - ok 20:44:09.0244 0x19a4 [ 562B9409AA8777204E78C629647344EC, 65C33D25E0C00731D7DEF3F127523AA5178133481915287F3267A52C74577572 ] portcfg 20:44:09.0275 0x19a4 portcfg - ok 20:44:09.0322 0x19a4 [ 8A2AFF98B3647DCF4F228870F8E0D766, 3BBA7D8716D9F09EAD591472266150D56BB17C82ACF2D06DEFA3942B7A24D9B9 ] Power 20:44:09.0354 0x19a4 Power - ok 20:44:09.0385 0x19a4 [ CC6EDCFAF5A19B948C46F92791AC452F, 9124AF703B5032254AAA9F42A2CC9FE5B26C0048B4C21FF14382935797F4D245 ] PptpMiniport 20:44:09.0416 0x19a4 PptpMiniport - ok 20:44:09.0697 0x19a4 [ 35544D99939E7B04B1E677BFBD198B80, 731E4A7DD5AC2678961C67D3AE555A3CFAD8256A07D46F8725E4F6DAE5B7B6BA ] PrintNotify 20:44:09.0900 0x19a4 PrintNotify - ok 20:44:09.0932 0x19a4 [ B1F462C619CF0CCFB86537B3813BBD60, 56E40C7008271A28E518CF4273930E8C7ABCE4E7AA536617BD778F292D68411F 20:44:09.0963 0x19a4 PrintWorkflowUserSvc - ok 20:44:10.0010 0x19a4 [ 60D37A270C6787EE0A1B6C88DD221A55, CCA7B29F8C552E48FD6B4D45DDDB2A8428E82747FB2ED847F3A54F87B4325DC8 ] Processor 20:44:10.0025 0x19a4 Processor - ok 20:44:10.0057 0x19a4 [ 827CC434B3597B315348FDAC698B2588, 559D39BEBDC02C06E11279908256E934B8E30D75934A6980F4EA779F6BFC06D7 ] ProfSvc 20:44:10.0104 0x19a4 ProfSvc - ok 20:44:10.0135 0x19a4 [ 4E750557E2310F3875CC8CEAB4CCA2CB, 7906E70262F7D47A22CC18361749106E5B377660EF17A0F2AEB44B019F825A95 ] Psched 20:44:10.0166 0x19a4 Psched - ok 20:44:10.0197 0x19a4 [ 0DDF3517BE8C79074A43CE6DA888E534, CB35B0742FFD753AB4734214C5B50F880EEC371DF32EC9D6BB58A7196BAB7D9A ] PushToInstall 20:44:10.0244 0x19a4 PushToInstall - ok 20:44:10.0260 0x19a4 [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE 20:44:10.0291 0x19a4 QWAVE - ok 20:44:10.0354 0x19a4 [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv 20:44:10.0416 0x19a4 QWAVEdrv - ok 20:44:10.0479 0x19a4 [ 9D377A5872A0A7A33E258FFCBDB3F25F, D461798C6348C5D96EA002E4A1AC588B87A1A9B01AD84AB1FA6D9C6393616892 ] Ramdisk 20:44:10.0510 0x19a4 Ramdisk - ok 20:44:10.0525 0x19a4 [ 9500BA0F8F8E48449810BA0E802DF2CA, 3A79A1C48768C72B49913647336BF75CAFC10DCB8C6C54E4D05FBDC88FDADBCA ] RasAcd 20:44:10.0557 0x19a4 RasAcd - ok 20:44:10.0588 0x19a4 [ EDE2F093CA143740A1B1CD2B27F1797A, 35C819F74CE7E93A7E14482D53729653F88277FD93D452F73A6A635CB8B98229 ] RasAgileVpn 20:44:10.0604 0x19a4 RasAgileVpn - ok 20:44:10.0619 0x19a4 [ AC0179CC701DEBE60FF3ABACF1EFE18E, B9970819DB91FDF78D655A9A8A03ED9EE020B1F722DC4AB9D003CA0B3287FCCD ] RasAuto 20:44:10.0650 0x19a4 RasAuto - ok 20:44:10.0682 0x19a4 [ 40CBDB4B80284451536C8CA49561E5CD, 69F7181CB25E6E32E7B9C68BC76F21A5C7311ADAF6CD35B0B54EC4B7095B46CC ] Rasl2tp 20:44:10.0697 0x19a4 Rasl2tp - ok 20:44:10.0760 0x19a4 [ 62DF77D0FA3769993516B23887CA32B5, 2294463FE07BDF21AB76C1678762CD2541C413BDA50974F3A1F95BC564F80304 ] RasMan 20:44:10.0822 0x19a4 RasMan - ok 20:44:10.0838 0x19a4 [ E250ADBB0C3E564BAF7CBBA4BAFE0A60, 83B6ABFC0C5700089EA967939564EF5FA2F5C40D2CA378D427CE59FFACD99D71 ] RasPppoe 20:44:10.0869 0x19a4 RasPppoe - ok 20:44:10.0885 0x19a4 [ FCF941424AB1AB3EF57B0ABE6DBCDF77, 6EC56F7E87D4D6241DD0E94148E388816EF9613B482DBD1891E698B2E7F0F585 ] RasSstp 20:44:10.0916 0x19a4 RasSstp - ok 20:44:10.0932 0x19a4 [ 7EA9C32797A03CEF152D10CF146D6C3E, F3AEE3FED02E9ED4DA7685D0335E660E001858F178AABF7D191776AFB3A9DDA0 ] rdbss 20:44:10.0979 0x19a4 rdbss - ok 20:44:10.0994 0x19a4 [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus 20:44:11.0041 0x19a4 rdpbus - ok 20:44:11.0072 0x19a4 [ 5C322D590CEBCAF2F333EBE70E178AB4, 9A31AA9C179FF4D4EE4128B3E28D1921709EB2AFA0A6B9CB5A2703B4DE4CBFCF ] RDPDR 20:44:11.0088 0x19a4 RDPDR - ok 20:44:11.0104 0x19a4 [ B3C2433FC1E532D927A3871385610FBC, 7DE51633A3E59FFC0769D46BF44D8E39847333EA7581E49F148646F3CD24D4AA 20:44:11.0135 0x19a4 RdpVideoMiniport - ok 20:44:11.0150 0x19a4 [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost 20:44:11.0182 0x19a4 rdyboost - ok 20:44:11.0260 0x19a4 [ 57736A8A8E492F393060C683A8CA1B69, 73E49BE4C6DB192073C42233F8CDFA01A7DC629806B824EAAC1557935083F43A ] ReFS 20:44:11.0322 0x19a4 ReFS - ok 20:44:11.0385 0x19a4 [ B193441867F5CF0F06798A4A2F15E17F, 8FD6A0A6442424630655EA07841B4601716D867D53B91E8BB7ECE51336642630 ] ReFSv1 20:44:11.0416 0x19a4 ReFSv1 - ok 20:44:11.0463 0x19a4 [ 9B3B3A7120AD9636E6C5BE1F135F93DA, DB4B23DB6B1E9041293024309181461CFF6B3696CF16DFA9BE0ADC4D64826D48 ] RemoteAccess 20:44:11.0510 0x19a4 RemoteAccess - ok 20:44:11.0541 0x19a4 [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry 20:44:11.0572 0x19a4 RemoteRegistry - ok 20:44:11.0635 0x19a4 [ 5E1E8C86D95D927FA1A4386063DAB0A5, F924C9A5D1BE07E593856A501A604CEC6A1DD6A0EBE2DF8A84F41DAAFF67D7CE ] RetailDemo 20:44:11.0682 0x19a4 RetailDemo - ok 20:44:11.0697 0x19a4 [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM 20:44:11.0729 0x19a4 RFCOMM - ok 20:44:11.0760 0x19a4 [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy 20:44:11.0791 0x19a4 rhproxy - ok 20:44:11.0822 0x19a4 [ ED03402939D0815CE4F29F9DCDF8D667, 79C19A4897914B1CC5ED79BEB6B47ECC1330AAA4C6F44F6B9D5D9B31D91A7EF0 ] RmSvc 20:44:11.0854 0x19a4 RmSvc - ok 20:44:11.0869 0x19a4 [ 6D81DCC4175DB8DC4D073C8E086EB870, 04C35895346359FDA5F3AD6DD727EF6E6905DCB98937908B6329771ACBE6E92C ] RpcEptMapper 20:44:11.0900 0x19a4 RpcEptMapper - ok 20:44:11.0932 0x19a4 [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator 20:44:11.0947 0x19a4 RpcLocator - ok 20:44:12.0025 0x19a4 [ D0C11ABFD6C7E4C58CED7B12953565E8, 2CBB149227419D4C9718A8528E914148A7F5BABD9DE3ADDA218DF9D25F0A4E11 ] RpcSs 20:44:12.0088 0x19a4 RpcSs - ok 20:44:12.0119 0x19a4 [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr 20:44:12.0135 0x19a4 rspndr - ok 20:44:12.0166 0x19a4 [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap 20:44:12.0182 0x19a4 s3cap - ok 20:44:12.0213 0x19a4 [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] SamSs 20:44:12.0229 0x19a4 SamSs - ok 20:44:12.0244 0x19a4 [ 14AC9857435A1D1C632816AA2B8E63F3, 2670CD9FEF92CD591B0A79D0DB7ADAD77030291C8CBC13F219CA70EF69BC7638 ] sbp2port 20:44:12.0260 0x19a4 sbp2port - ok 20:44:12.0307 0x19a4 [ D9D28F013BC9D9A409FA77569939B5A9, B71D1ACDDCD6497953C0293AA9749F0F2D8FDE3344EEC9C016DF8BBA4D66C72D ] SCardSvr 20:44:12.0354 0x19a4 SCardSvr - ok 20:44:12.0369 0x19a4 [ F9866CA2D5D29856830AE706031C3E7E, D298E9C851240919CCE50B30DBC53E1948170850DD0BDA7DB77CD6BF88E5010D ] ScDeviceEnum 20:44:12.0400 0x19a4 ScDeviceEnum - ok 20:44:12.0432 0x19a4 [ 1F8BE1A39B1171911D8E0EB3A27B1670, 69F9182AED276DFB7248F3107F3B59BF18279532EE52593A2BA9E0FA06351D5F ] scfilter 20:44:12.0447 0x19a4 scfilter - ok 20:44:12.0494 0x19a4 [ 4A8697C83B8B7F217A333B79267ECD15, 12B90839EC61EC96A6299E3F8B0F5F2834E8834FF4E14E5CBC61EEE0830DAED2 ] Schedule 20:44:12.0557 0x19a4 Schedule - ok 20:44:12.0588 0x19a4 [ 14DD371343EFEC95013A273DEBCFE96F, A321C20A1221AC1F6D7BDEF9FAF0C6AE138353EF5F859EBF1ECF55A97414FBA3 ] scmbus 20:44:12.0619 0x19a4 scmbus - ok 20:44:12.0650 0x19a4 [ DD2EC7B5912830CB181F101FD8025259, 1B5E3D24CBD58014433258AB8168C96B67B9812D5CD0ECAB3F877E2E02AEDA7F ] SCPolicySvc 20:44:12.0682 0x19a4 SCPolicySvc - ok 20:44:12.0713 0x19a4 [ 5449081DC6601B5EC3C47CBE1C2149B6, 76D49340F98787348A4D39A5364AB14479D938ECF1AC3D8383642B6CE2EA39B7 ] sdbus 20:44:12.0729 0x19a4 sdbus - ok 20:44:12.0760 0x19a4 [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd 20:44:12.0775 0x19a4 SDFRd - ok 20:44:12.0807 0x19a4 [ CC3C2E05F0BACF5459F60170FFB78620, B08AF578C5B90F33768EF1DBC00282412A51F3F2B99C29ED75C06F0A24D3184E ] SDRSVC 20:44:12.0838 0x19a4 SDRSVC - ok 20:44:12.0869 0x19a4 [ 8B4B79B8B5CB5F83092487200FE173E2, 2466CC86C390417498EF3EF881E40B814E4E25B451AA1874683059B4273925F3 ] sdstor 20:44:12.0885 0x19a4 sdstor - ok 20:44:12.0900 0x19a4 [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon 20:44:12.0916 0x19a4 seclogon - ok 20:44:12.0979 0x19a4 [ 4F1EEF1FF02D11D9134E26478C88749A, 265D4D30A5998C7F38BA187300CAC868107826DC93A82E4009A887CAC26B1FEF 20:44:13.0025 0x19a4 SecurityHealthService - ok 20:44:13.0088 0x19a4 [ 10FCA5CAE37D6E7E6E95A7334EF6FFF1, E943394D5286B280E916D19DEBF44219C474C86BD413944C9300A8808BF775EB ] SEMgrSvc 20:44:13.0166 0x19a4 SEMgrSvc - ok 20:44:13.0182 0x19a4 [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS 20:44:13.0213 0x19a4 SENS - ok 20:44:13.0260 0x19a4 Sense - ok 20:44:13.0307 0x19a4 [ 38339304CB5D1154A10699A526ABDF4F, B7027BFF6DBFC68315CCE2B6E8F4A5854A94C388D7AF71FE4F59B58F43C742C1 20:44:13.0416 0x19a4 SensorDataService - ok 20:44:13.0463 0x19a4 [ 207FA2E4C1C74D930C61F01E3DD8EAD6, FD98FF3DF2A33E4893D0E8E8E48F88DEC42443B9CDA289EA755D53471988488A ] SensorService 20:44:13.0494 0x19a4 SensorService - ok 20:44:13.0525 0x19a4 [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc 20:44:13.0557 0x19a4 SensrSvc - ok 20:44:13.0604 0x19a4 [ 22068CA363EAF69A8EF6EBBBD580A8E8, 45F87C7D04B8F20290BBA8517BACE138D1E2112A268CCFFC2DFC407A81C0A197 ] SerCx 20:44:13.0619 0x19a4 SerCx - ok 20:44:13.0650 0x19a4 [ A5E6D99D319610030C3CA982DCAA3624, 8F1BCEDC5FEA5AF0260B573EE171E1D895EBAB5A51BEA1F84D3043F6612050A9 ] SerCx2 20:44:13.0666 0x19a4 SerCx2 - ok 20:44:13.0682 0x19a4 [ 7A289A4FFAA43D81F091A302512059A6, 9A4EC5EAF65ECB6518C462E837EB76286F1BA7A8C9E26DC46586DC4F189BD1B7 ] Serenum 20:44:13.0713 0x19a4 Serenum - ok 20:44:13.0729 0x19a4 [ DCE5D050F3B06D30985EE126257DEEB6, 024C1F9FBEFDCBC174733A5C97B121A6D7AD30E836C1820054BCB45F99FB4373 ] Serial 20:44:13.0744 0x19a4 Serial - ok 20:44:13.0760 0x19a4 [ B13F5A8574F0B71B2E4C84B171C28724, C812F61726BDFEFFE468DFA3491E5F465D22835C54E3559E04B452940C0EEEEE ] sermouse 20:44:13.0791 0x19a4 sermouse - ok 20:44:13.0838 0x19a4 [ 4856CC4E3433A8FD246E8978A02653FA, E3B6E15917C86EC95E9BB0EB206F17DD277CEEE1B00854A791BB23C7F6C06E2E ] SessionEnv 20:44:13.0869 0x19a4 SessionEnv - ok 20:44:13.0900 0x19a4 [ AD1B790A42984A825068B849A88AD322, 63881202D6D900656F50A0E40CB743D0769C2AD9810FE96387E9DAF2BC89E4C5 ] sfloppy 20:44:13.0947 0x19a4 sfloppy - ok 20:44:13.0963 0x19a4 [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent 20:44:13.0994 0x19a4 SgrmAgent - ok 20:44:14.0041 0x19a4 [ 3BA1A18A0DC30A0545E7765CB97D8E63, F9CBF1FF87D6F11920C4B7367EA2178BF13AA276C65D918950683983F268BC1F ] SgrmBroker 20:44:14.0072 0x19a4 SgrmBroker - ok 20:44:14.0135 0x19a4 [ 695E536B9372B209473FC3B29343DB27, EFD82274D4555457A44E8A9C7FC2A767075196218FD62790D9DEEED1732B2A86 ] SharedAccess 20:44:14.0197 0x19a4 SharedAccess - ok 20:44:14.0260 0x19a4 [ E2D2F7C700B870E69942E064865A21B9, C8CBD40A7AF8CE2CA6DAF640FF866E2BE42E5CFA618E2E2DA0EE2B96969648F0 20:44:14.0291 0x19a4 SharedRealitySvc - ok 20:44:14.0338 0x19a4 [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 20:44:14.0369 0x19a4 ShellHWDetection - ok 20:44:14.0400 0x19a4 [ AB967036084AA5823656775377B9A1A7, B334D0A75E570AF67A6EEE4CAF56374430A1C20275F97A829942065E75B10E5D ] shpamsvc 20:44:14.0432 0x19a4 shpamsvc - ok 20:44:14.0447 0x19a4 [ 9AB1BADC5A324DA39186B81BC6CE6E2E, 567710C90BD71600A31A3408DB065B43C844DCFD12045FDE04CD59D932DC8353 ] SiSRaid2 20:44:14.0479 0x19a4 SiSRaid2 - ok 20:44:14.0510 0x19a4 [ 60213AF297023C005453E1CBF7CB6FE7, 718C833E5EDFE642F3B254515E29641BF2D8E56E22F6B795024BF64721AB874E ] SiSRaid4 20:44:14.0525 0x19a4 SiSRaid4 - ok 20:44:14.0541 0x19a4 [ 196A46BA842A219EC6DE7B7B7D9AAB7E, 4EF7BE37F92557C8B0D30999541F284CC4A3E8FD98E0D78146F9F00D54E11BB9 ] SmartSAMD 20:44:14.0572 0x19a4 SmartSAMD - ok 20:44:14.0619 0x19a4 [ FF75E3F42E77904238AED44E4E03BAEF, 535013A9E3324198E1016963EBF306F3D34583F7031EE753EC6095B15E2D492C ] smbdirect 20:44:14.0650 0x19a4 smbdirect - ok 20:44:14.0682 0x19a4 [ ABE0BC275C8A19EEE06B94DD2EAC572E, 13534ED002D2CB6CDA138D925618774DB9FD60D9BD1B7E0499A23D904AE0F8FA ] smphost 20:44:14.0697 0x19a4 smphost - ok 20:44:14.0744 0x19a4 [ 4E3C693505FDCC0D33DB214699A9EAE6, 1C873640728B4585CC8D2AE92AF4745BD090E38365C8B212CB5E1C8A8482C0A5 ] SmsRouter 20:44:14.0807 0x19a4 SmsRouter - ok 20:44:14.0822 0x19a4 [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP 20:44:14.0854 0x19a4 SNMPTRAP - ok 20:44:14.0854 0x19a4 [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser 20:44:14.0885 0x19a4 spaceparser - ok 20:44:14.0932 0x19a4 [ 422A7B5E41AD97859AB5E809C179AA8E, FD75C737ACC4DDFE097997722FD50667AFA8D53739FBEF13252F96824FF279ED ] spaceport 20:44:14.0963 0x19a4 spaceport - ok 20:44:14.0994 0x19a4 [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 20:44:15.0010 0x19a4 SpatialGraphFilter - ok 20:44:15.0010 0x19a4 [ B6029A86D8DE5AE85E01506E0222A491, E8A7BB7D299B457EF9E3E32893E5DCF3DEE1704B9E02A0583439941CA6E1C9AD ] SpbCx 20:44:15.0041 0x19a4 SpbCx - ok 20:44:15.0104 0x19a4 [ BAB70FA030162B32CED3DA7D034940B8, AFF3D4AB8B126FA099E6B7C6899C0C7FCCD04401C5AC1890C96C689A65CD16B1 ] spectrum 20:44:15.0166 0x19a4 spectrum - ok 20:44:15.0213 0x19a4 [ C98A3A0395AE60D108CBED7ACEBC0531, 00AC7E58DFC2F6757C0C2268EB441E4E8FB317427840971A1049011CD2888A35 ] Spooler 20:44:15.0260 0x19a4 Spooler - ok 20:44:15.0432 0x19a4 [ C9217EC960E1ADF901F4791D3AA0E67A, F9BBD70F8F47043B4F2921C388C27303F7201F553D590612273A99D9D4D07D4E ] sppsvc 20:44:15.0650 0x19a4 sppsvc - ok 20:44:15.0713 0x19a4 [ DDDE13CEE41510E53F38352E27DA5840, F18AD182C67E013AA8A082A00036D7E752D35C96FFA13003AB532D179FCE5EAE ] srv2 20:44:15.0775 0x19a4 srv2 - ok 20:44:15.0807 0x19a4 [ 8D2B538242293A4D780A0FB9C9284285, 7BF32FC6AAE0FD7AFBC7596500C288BA8A42443920BD34592B08ECD2ACC2CFDD ] srvnet 20:44:15.0854 0x19a4 srvnet - ok 20:44:15.0885 0x19a4 [ E0BB3096066C93526D1D0D11C66816D4, DD2FBC55954C590EFFF7FFF46585ABCE23192B026C0B67D14441FE95D5BF35C8 ] SSDPSRV 20:44:15.0916 0x19a4 SSDPSRV - ok 20:44:16.0010 0x19a4 [ 9FFECD197D09FF33B00D5E5B78A48146, 79C03E83B42E3C0402680B47A2493C3C506E2D212062859BD7C4EBACA46F3AD5 ] ssh-agent 20:44:16.0057 0x19a4 ssh-agent - ok 20:44:16.0072 0x19a4 [ 2775EF3E0E76D9A44AB60D6143FA92A5, EDAE87919A509204967AFD9500021DCAE4EE9DC2D89DEF7960D5DDB1A594C9D3 ] SstpSvc 20:44:16.0104 0x19a4 SstpSvc - ok 20:44:16.0322 0x19a4 [ 43310DA49A7EA5B2378B151B19261250, D9947F6BA1CEFE9A18631E39F3446002A487F22B469727E95A585B0A398F2821 20:44:16.0557 0x19a4 StateRepository - ok 20:44:16.0588 0x19a4 [ 09DC471B4573F3D01D7E448B526AE70A, 766FD1E1D2F73DE202FB337F6A6A5BA0317772AAAA644E9103BB5DF438162F51 ] stexstor 20:44:16.0604 0x19a4 stexstor - ok 20:44:16.0666 0x19a4 [ 27CCDFB300302826F5CCFF0678F20D80, 84816CB7033FDEDA560E03995C254577E5BB23E15C7C03FB68074C2E60F31B66 ] stisvc 20:44:16.0729 0x19a4 stisvc - ok 20:44:16.0744 0x19a4 [ DAE16968F831E8B08B377F73DC803100, F815758988130495D69C76AAB393829EBBEA2F603D3626DD8FEE97471E74B9E8 ] storahci 20:44:16.0775 0x19a4 storahci - ok 20:44:16.0791 0x19a4 [ BC29C374F70367C2631EF4D41B59C608, 9254A5E6D879F4E22595D0A07B38BD1516C0362DEDC7CA00AF6F52F822AF4E2A ] storflt 20:44:16.0822 0x19a4 storflt - ok 20:44:16.0838 0x19a4 [ 015CE8E4FBA9A7F916741C58239FFA63, BCC688F0A9C17E944D594AD393B44A011E1FF48DBDE7B559CB2E75AACD8A4BDD ] stornvme 20:44:16.0869 0x19a4 stornvme - ok 20:44:16.0885 0x19a4 [ 995F082126674C6D1423E29FBCEA9F39, E86386156F982B59C00991D40A6E1862CA322F151BF965B14572D13AA207D614 ] storqosflt 20:44:16.0916 0x19a4 storqosflt - ok 20:44:16.0963 0x19a4 [ 53C84C80A8B4F10C6FED03A360FF3CC5, 0F55BE6F77D9ECA08AE09E2B15BB733A51832139BAB89F6C0BC4CB47CA26AD7C ] StorSvc 20:44:17.0041 0x19a4 StorSvc - ok 20:44:17.0072 0x19a4 [ B4455289CE91DC29BED94436E485567F, 17E6C911A33DF6F4D08AABD3ED15DC5FBA255A6735F9F21EE46E4D3437129A2F ] storufs 20:44:17.0088 0x19a4 storufs - ok 20:44:17.0104 0x19a4 [ 0A13C67C267BFA1A0D1FE72A9D65BD5F, B44327F3134FA0166ED9E31BC724120B642AE5E96CEFF599867F03463ABB1406 ] storvsc 20:44:17.0119 0x19a4 storvsc - ok 20:44:17.0166 0x19a4 [ D73F83E795F3BC100C21EDA2BD6DE307, 0DC828C46E057ADA9934424BF00067B17EEB8E0108CE1E309C8DEA4CC42448BA ] svsvc 20:44:17.0182 0x19a4 svsvc - ok 20:44:17.0369 0x19a4 [ 0547BB19EFA07BEF0F679A054EB5CFEC, D618F57B78B3FFEC29E8C4472E0AA72EF1CA0C83DE968373B818ABA4D9747E2D ] swenum 20:44:17.0385 0x19a4 swenum - ok 20:44:17.0432 0x19a4 [ B17F6115D4ACD4BE197587CCDAF1A855, 96AF73089C14C0E2DE58ED8D1D76942562C70A00807CF5EB86CC4B1C120D0886 ] swprv 20:44:17.0479 0x19a4 swprv - ok 20:44:17.0510 0x19a4 [ 39DA98A21DF2129DB71B58786F37FE16, C395FD230A9295500C0A8675D67791E9CE8A33B7B7633BE459AC55C0F33C1500 ] Synth3dVsc 20:44:17.0541 0x19a4 Synth3dVsc - ok 20:44:17.0572 0x19a4 [ A9DD6E780BA80D2AB45DB61D21F7361F, DD606D82397D7C15DF560075B083A4EFBDEECD8975E7FD44283BF95BEBEAF581 ] SysMain 20:44:17.0650 0x19a4 SysMain - ok 20:44:17.0682 0x19a4 [ 7787C9D459D5975D225C94B4450D6D63, 812618A679354712F137E70DE8F51C689987A5D69242B8DCD4A32E5EDAD0A18B 20:44:17.0729 0x19a4 SystemEventsBroker - ok 20:44:17.0760 0x19a4 [ E2F4F8D0984BD41CB5D7288533819721, 7DE2195CCB7491BC065B621F050DCB5B4D6FAAEB94AF7758C7234195CF682B65 20:44:17.0791 0x19a4 TabletInputService - ok 20:44:17.0807 0x19a4 [ 20CEAECE4ECDEBC89C82F1998696D596, 439559DE34BE096824CB70A97524E843CE2802092A9C882167F4CB08FE9664A7 ] TapiSrv 20:44:17.0854 0x19a4 TapiSrv - ok 20:44:17.0979 0x19a4 [ 1F92CD7ACCB878C54B5D9B7C7237DACD, E667D58DC7B2A9C03F9B537B64D6A15E1F745722741F31908004FF780113BCDF ] Tcpip 20:44:18.0104 0x19a4 Tcpip - ok 20:44:18.0197 0x19a4 [ 1F92CD7ACCB878C54B5D9B7C7237DACD, E667D58DC7B2A9C03F9B537B64D6A15E1F745722741F31908004FF780113BCDF ] Tcpip6 20:44:18.0291 0x19a4 Tcpip6 - ok 20:44:18.0322 0x19a4 [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg 20:44:18.0338 0x19a4 tcpipreg - ok 20:44:18.0369 0x19a4 [ 9C4C6E0C590F789CECB7A6D437E5A284, 6516ED3DF480BA6071C8D97EFC0A7E2C78182BC7546B7DBEFCD010E9F3CC9500 ] tdx 20:44:18.0385 0x19a4 tdx - ok 20:44:18.0416 0x19a4 [ 2213610676B404B157ADFFE312567458, B2E02C5049357A2DFF1CF4F6F64AC6E1DCCEDC245E96D5BC0585E88E7622D1B9 ] Telemetry 20:44:18.0432 0x19a4 Telemetry - ok 20:44:18.0447 0x19a4 [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt 20:44:18.0479 0x19a4 terminpt - ok 20:44:18.0557 0x19a4 [ 780512970B44C32A56044AEFF90BF838, 0AD0D87284D8C29F6DEEA82951F4EECE7EC94C58BBABBE1CF8DF75EE5AA47D1B ] TermService 20:44:18.0604 0x19a4 TermService - ok 20:44:18.0635 0x19a4 [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes 20:44:18.0650 0x19a4 Themes - ok 20:44:18.0682 0x19a4 [ 7005BF7DC5F068712F4A4A1DDD5C4719, 2B871B446CD18D9F8461E5E7C56C2FD3530F06FDED609B8E5A145348C27CB53F 20:44:18.0729 0x19a4 TieringEngineService - ok 20:44:18.0729 0x19a4 [ 95E6896BD99F11DF044182D21AE55A9C, 7F64A68E5399FE7BDC928212058C630D26EF4ACA9D63AF32610F14FC25115E49 ] TimeBrokerSvc 20:44:18.0775 0x19a4 TimeBrokerSvc - ok 20:44:18.0822 0x19a4 [ B509E42D45A040FCB7F1307FC57700DA, 1443B3C5ECF2CBC0AB8FEA0D33CAD6188991943D911B5E4A7C842DF9A28C036E ] TMEBC 20:44:18.0838 0x19a4 TMEBC - ok 20:44:18.0869 0x19a4 [ AB5BE8B68B02FF0A4343A6221F9F9723, AE3FF6E9CEEC34B6956EA898FC10669C40F6C15D9AE52DE7365C8573B3D16987 ] tmeevw 20:44:18.0885 0x19a4 tmeevw - ok C:\Windows\system32\umpnpmgr.dll C:\Windows\system32\drivers\pmem.sys C:\Windows\System32\drivers\pnpmem.sys C:\Windows\system32\pnrpauto.dll C:\Windows\system32\pnrpsvc.dll C:\Windows\System32\ipsecsvc.dll C:\Windows\System32\drivers\portcfg.sys C:\Windows\system32\umpo.dll C:\Windows\System32\drivers\raspptp.sys C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll ] PrintWorkflowUserSvc C:\Windows\System32\PrintWorkflowService.dll C:\Windows\System32\drivers\processr.sys C:\Windows\system32\profsvc.dll C:\Windows\system32\drivers\pacer.sys C:\Windows\system32\PushToInstall.dll C:\Windows\system32\qwave.dll C:\Windows\system32\drivers\qwavedrv.sys C:\Windows\system32\DRIVERS\ramdisk.sys C:\Windows\system32\DRIVERS\rasacd.sys C:\Windows\System32\drivers\AgileVpn.sys C:\Windows\System32\rasauto.dll C:\Windows\System32\drivers\rasl2tp.sys C:\Windows\System32\rasmans.dll C:\Windows\System32\drivers\raspppoe.sys C:\Windows\System32\drivers\rassstp.sys C:\Windows\system32\DRIVERS\rdbss.sys C:\Windows\System32\drivers\rdpbus.sys C:\Windows\system32\drivers\rdpdr.sys ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys C:\Windows\system32\drivers\rdyboost.sys C:\Windows\system32\drivers\ReFS.sys C:\Windows\system32\drivers\ReFSv1.sys C:\Windows\System32\mprdim.dll C:\Windows\system32\regsvc.dll C:\Windows\system32\RDXService.dll C:\Windows\System32\drivers\rfcomm.sys C:\Windows\System32\drivers\rhproxy.sys C:\Windows\System32\RMapi.dll C:\Windows\System32\RpcEpMap.dll C:\Windows\system32\locator.exe C:\Windows\system32\rpcss.dll C:\Windows\system32\drivers\rspndr.sys C:\Windows\System32\drivers\vms3cap.sys C:\Windows\system32\lsass.exe C:\Windows\system32\drivers\sbp2port.sys C:\Windows\System32\SCardSvr.dll C:\Windows\System32\ScDeviceEnum.dll C:\Windows\system32\DRIVERS\scfilter.sys C:\Windows\system32\schedsvc.dll C:\Windows\system32\drivers\scmbus.sys C:\Windows\System32\certprop.dll C:\Windows\System32\drivers\sdbus.sys C:\Windows\System32\drivers\SDFRd.sys C:\Windows\System32\SDRSVC.dll C:\Windows\System32\drivers\sdstor.sys C:\Windows\system32\seclogon.dll ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe C:\Windows\system32\SEMgrSvc.dll C:\Windows\System32\sens.dll ] SensorDataService C:\Windows\System32\SensorDataService.exe C:\Windows\system32\SensorService.dll C:\Windows\system32\sensrsvc.dll C:\Windows\system32\drivers\SerCx.sys C:\Windows\system32\drivers\SerCx2.sys C:\Windows\System32\drivers\serenum.sys C:\Windows\System32\drivers\serial.sys C:\Windows\System32\drivers\sermouse.sys C:\Windows\system32\sessenv.dll C:\Windows\System32\drivers\sfloppy.sys C:\Windows\system32\drivers\SgrmAgent.sys C:\Windows\system32\SgrmBroker.exe C:\Windows\System32\ipnathlp.dll ] SharedRealitySvc C:\Windows\System32\SharedRealitySvc.dll ] ShellHWDetection C:\Windows\System32\shsvcs.dll C:\Windows\system32\Windows.SharedPC.AccountManager.dll C:\Windows\system32\drivers\SiSRaid2.sys C:\Windows\system32\drivers\sisraid4.sys C:\Windows\system32\drivers\SmartSAMD.sys C:\Windows\system32\DRIVERS\smbdirect.sys C:\Windows\System32\smphost.dll C:\Windows\system32\SmsRouterSvc.dll C:\Windows\System32\snmptrap.exe C:\Windows\system32\drivers\spaceparser.sys C:\Windows\system32\drivers\spaceport.sys ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys C:\Windows\system32\drivers\SpbCx.sys C:\Windows\system32\spectrum.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\DRIVERS\srv2.sys C:\Windows\system32\DRIVERS\srvnet.sys C:\Windows\System32\ssdpsrv.dll C:\Windows\System32\OpenSSH\ssh-agent.exe C:\Windows\system32\sstpsvc.dll ] StateRepository C:\Windows\system32\windows.staterepository.dll C:\Windows\system32\drivers\stexstor.sys C:\Windows\System32\wiaservc.dll C:\Windows\system32\drivers\storahci.sys C:\Windows\system32\drivers\vmstorfl.sys C:\Windows\system32\drivers\stornvme.sys C:\Windows\system32\drivers\storqosflt.sys C:\Windows\system32\storsvc.dll C:\Windows\system32\drivers\storufs.sys C:\Windows\system32\drivers\storvsc.sys C:\Windows\system32\svsvc.dll C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys C:\Windows\System32\swprv.dll C:\Windows\System32\drivers\Synth3dVsc.sys C:\Windows\system32\sysmain.dll ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll ] TabletInputService C:\Windows\System32\TabSvc.dll C:\Windows\System32\tapisrv.dll C:\Windows\system32\drivers\tcpip.sys C:\Windows\system32\drivers\tcpip.sys C:\Windows\system32\drivers\tcpipreg.sys C:\Windows\system32\DRIVERS\tdx.sys C:\Windows\system32\drivers\IntelTA.sys C:\Windows\System32\drivers\terminpt.sys C:\Windows\System32\termsrv.dll C:\Windows\system32\themeservice.dll ] TieringEngineService C:\Windows\system32\TieringEngineService.exe C:\Windows\System32\TimeBrokerServer.dll C:\Windows\system32\DRIVERS\TMEBC64.sys C:\Windows\system32\DRIVERS\tmeevw.sys

Nina_Tusabe · 11 Marzo, 2021 20:15

parte 5 de 1000 a 1350 que es el fin

20:44:18.0932 0x19a4 [ F387120E6C87100C370BB03883A8FEC7, 752BA4D596779364490693921E3936801E3161C07C920172076611A0F05CE76D ] tmel C:\Windows\system32\DRIVERS\tmel.sys 20:44:18.0947 0x19a4 tmel - ok 20:44:18.0979 0x19a4 [ AE984709F70B2E344CF2E39FCBA1549A, 80B3E2629FD8377D03535BDFBAB4F49D3F52AAC329F26043219F34615B766C9F ] tmeyes C:\Windows\system32\DRIVERS\tmeyes.sys 20:44:19.0025 0x19a4 tmeyes - ok 20:44:19.0057 0x19a4 [ D2BFC815669DB17547DFEA5F26194021, 88B430CFA2D7E0C723FDCFF90157F851D2836A923263B67BE1B2AD6520E2FB8F ] tmnciesc C:\Windows\system32\DRIVERS\tmnciesc.sys 20:44:19.0104 0x19a4 tmnciesc - ok 20:44:19.0150 0x19a4 [ EDA8579253501C3A6850677B87C84B4C, D656F0042B610EB90F9DCA6720E561971127F058C78280A9DE5BEC22ED97BC59 ] tmumh C:\Windows\system32\DRIVERS\TMUMH.sys 20:44:19.0166 0x19a4 tmumh - ok 20:44:19.0197 0x19a4 [ FF64696439507835F42970A7A9550D89, 5A387973BB2AFA846DD6BD2980D2178B022357ADFE96F7A97C8ED32575274352 ] tmusa C:\Windows\system32\DRIVERS\tmusa.sys 20:44:19.0213 0x19a4 tmusa - ok 20:44:19.0275 0x19a4 [ 3E10BB1E2A372F960CCB39855609D484, 22E00104CCE24E5B3EF029B1269FBA09C43F1F967CA33E20415CC5F52475198A ] TmWscSvc C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe 20:44:19.0307 0x19a4 TmWscSvc - ok 20:44:19.0385 0x19a4 [ 1F02FC35C2EA09699C8061DB093ADD93, 0F64C6228601DF5D392BE19AB9BF35A5A74DF1C7D422D1726AF3A5914D601220 ] TokenBroker C:\Windows\System32\TokenBroker.dll 20:44:19.0479 0x19a4 TokenBroker - ok 20:44:19.0525 0x19a4 [ 42C4888166F5457C71D9E1A90316DACC, 9B29E730DC86DE5DD7B76AC5C494E8D59CA1A24616E919C0F81FDA35AD8F2826 ] TPM C:\Windows\System32\drivers\tpm.sys 20:44:19.0557 0x19a4 TPM - ok 20:44:19.0572 0x19a4 [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks C:\Windows\System32\trkwks.dll 20:44:19.0604 0x19a4 TrkWks - ok 20:44:19.0666 0x19a4 [ 6914359F7B2B19E7DD118C7D1AD73148, 62AD2A1BC45980F985EC6ED94568484BD58833591C836545D0AA167A2E98CDFD ] TroubleshootingSvc C:\Windows\system32\MitigationClient.dll 20:44:19.0697 0x19a4 TroubleshootingSvc - ok 20:44:19.0791 0x19a4 [ DC3AB5A5B71E02F90B45D72681203CAB, 0440C638B28703FB67CE5C8B339787AF8D67EDEB36CD577EF951ADDE787E1CC9 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:44:19.0807 0x19a4 TrustedInstaller - ok 20:44:19.0822 0x19a4 [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:44:19.0854 0x19a4 TsUsbFlt - ok 20:44:19.0869 0x19a4 [ BF1D6924E7949102DA6F14F7EFE8D2D5, EA6AE80568B8FEB5EAE213EC8222AD72FFD99D80321D7F2A52C1B42A88F583AD ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 20:44:19.0900 0x19a4 TsUsbGD - ok 20:44:19.0932 0x19a4 [ 5600A496F7E579E64E5C63E566EDD71C, 9292DAE4FAEABFB97B0E78F846A154782CF6B14629D8A8D4691FE50B4DCFB481 ] tsusbhub C:\Windows\System32\drivers\tsusbhub.sys 20:44:19.0963 0x19a4 tsusbhub - ok 20:44:19.0979 0x19a4 [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel C:\Windows\system32\drivers\tunnel.sys 20:44:20.0010 0x19a4 tunnel - ok 20:44:20.0041 0x19a4 [ 70E0D5256F4A7B893EF070A32C05E1A6, 583F541B895B7E952B19975D0866A469911542D982A999B45B5BF835EB5FFA60 ] tzautoupdate C:\Windows\system32\tzautoupdate.dll 20:44:20.0072 0x19a4 tzautoupdate - ok 20:44:20.0088 0x19a4 [ BD806DA5C342A0074B8A1DAFB6216973, 0EEC7DBD83061DB34EA3FA48D334BB734FB2EA3D00F38548B38C3544A693B690 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 20:44:20.0119 0x19a4 UASPStor - ok 20:44:20.0135 0x19a4 [ 388FE883FE8D9D307398715C508B96F4, C101A6362E6101DEC559798045CAD7A950C965693F008A4B14EE23F75796CB22 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys 20:44:20.0166 0x19a4 UcmCx0101 - ok 20:44:20.0197 0x19a4 [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101 C:\Windows\system32\Drivers\UcmTcpciCx.sys 20:44:20.0229 0x19a4 UcmTcpciCx0101 - ok 20:44:20.0244 0x19a4 [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys 20:44:20.0260 0x19a4 UcmUcsiAcpiClient - ok 20:44:20.0291 0x19a4 [ 1ADE4D1F65B4A1E52F701C69FB455769, 3E5CDCC098149853A7EFA05EA1B714182C82E4153F2DA3C50BA30DF2B3E05EB6 ] UcmUcsiCx0101 C:\Windows\system32\Drivers\UcmUcsiCx.sys 20:44:20.0322 0x19a4 UcmUcsiCx0101 - ok 20:44:20.0322 0x19a4 [ D6BEDCCB2E48589944EDC675D335677E, 2F5A5BA7AEC40C1A440C8DFF81DCE5AB0BDF9CC70ADDE48F8B652665B61F9915 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys 20:44:20.0354 0x19a4 Ucx01000 - ok 20:44:20.0385 0x19a4 [ 6861422B7FFADDEAAA64A0539C910178, 4F8193C0A3525B78CA3CAF4731AE997A214F3DF180F0A3ADCEB2D31D3217850C ] UdeCx C:\Windows\system32\drivers\udecx.sys 20:44:20.0400 0x19a4 UdeCx - ok 20:44:20.0416 0x19a4 [ 26D2727935221EFB0063B43A74B375BE, AB809F7EDC5C8A6EEE9610477A79131EA6C3D1BDD3D837B56B6AFF3572923DB7 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:44:20.0463 0x19a4 udfs - ok 20:44:20.0557 0x19a4 [ AA8B2A24FBC79C2F491B4A527B4A9A42, DC1C1827AC91760E9219E291D9EB058DB5B2000F05743F98B5F13AB13F025CE3 ] UdkUserSvc C:\Windows\System32\windowsudk.shellcommon.dll 20:44:20.0682 0x19a4 UdkUserSvc - ok 20:44:20.0729 0x19a4 [ 264C183C222EF95D4C64DFA8BA5F0479, 3EF244E91851E03BE77DE49FA7E36769DE287B0CB732CD0140C39FE5118D80B9 ] UEFI C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys 20:44:20.0744 0x19a4 UEFI - ok 20:44:20.0760 0x19a4 [ 18829AAD996E5A6A9F9B347318200385, 9000E15B7ABA7E7407FDE2A6EC025E50FCF838ADD66A9620DB15A3868FFD9F0B ] UevAgentDriver C:\Windows\system32\drivers\UevAgentDriver.sys 20:44:20.0775 0x19a4 UevAgentDriver - ok 20:44:20.0854 0x19a4 [ 5E87EEF78E014C98E5C7D137A8E25DCA, 308F7F09CD5D71F29E800F969DE053ECB134544CAE1393098B9A7126EE0BC5A9 ] UevAgentService C:\Windows\system32\AgentService.exe 20:44:20.0916 0x19a4 UevAgentService - ok 20:44:20.0979 0x19a4 [ 2B0EE2E39302B66CDCE384CB5522F3A5, 4B04EA7FCF8A719EA90E3CB2F35C606200727F87ABF7124310DC0D7226C337C3 ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys 20:44:21.0010 0x19a4 Ufx01000 - ok 20:44:21.0057 0x19a4 [ EEEECAFD642DB20A8470090C2ACAA6AC, 70FEAD3371792160701D47A808FC78786766E4C7CA7C5ED8DA356BFC991A275A ] UfxChipidea C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys 20:44:21.0072 0x19a4 UfxChipidea - ok 20:44:21.0104 0x19a4 [ 2E288D3121BB244C11A22110B29FFA36, C3B9808903EE4FEB785D3DCD368423B633C2338816AE630E7A32FAC21A62B716 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys 20:44:21.0119 0x19a4 ufxsynopsys - ok 20:44:21.0150 0x19a4 [ E0E764F688DCACBA011BAEB2017B903F, 7802DCDA6F49494245EC9304AECED7BB2E90908BED25A4D47F1FF4615B03DED0 ] umbus C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys 20:44:21.0182 0x19a4 umbus - ok 20:44:21.0197 0x19a4 [ 493AF687E60E144F59E3F5B7E27AA39B, 3062B25A7747BC417E1D498DB1B11C9631D80F57E4A048101EF5AA26206AE838 ] UmPass C:\Windows\System32\drivers\umpass.sys 20:44:21.0213 0x19a4 UmPass - ok 20:44:21.0275 0x19a4 [ 28A7C9E5B95D10B6FFD7E4046B6F4943, 68E84068FC5A895D144C1B470AA0769E52045992DAA6FE95BE6C32FDEB054A84 ] UmRdpService C:\Windows\System32\umrdp.dll 20:44:21.0307 0x19a4 UmRdpService - ok 20:44:21.0369 0x19a4 [ 4AB4C17352889F339B5CFF7B46F745E6, 15DFAC383101846D4055E15CF123707EA1C74FC6B244CF6FFA5EB37A9F1D2787 ] UnistoreSvc C:\Windows\System32\unistore.dll 20:44:21.0447 0x19a4 UnistoreSvc - ok 20:44:21.0494 0x19a4 [ F320808142031710E97358B529CF0982, 9AE68E8E07D717EBC9677077622B19B38C9521111F92B53F98B8085830B7959F ] upnphost C:\Windows\System32\upnphost.dll 20:44:21.0541 0x19a4 upnphost - ok 20:44:21.0572 0x19a4 [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys 20:44:21.0635 0x19a4 UrsChipidea - ok 20:44:21.0650 0x19a4 [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys 20:44:21.0682 0x19a4 UrsCx01000 - ok 20:44:21.0713 0x19a4 [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys 20:44:21.0729 0x19a4 UrsSynopsys - ok 20:44:21.0760 0x19a4 [ F9CDAA90C1E5E356067A88F68B2FF198, 23E2BE5B0897BD9E03EF5396A27F63635B7F40F1DD4C3D88B80030C19A0BAF96 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 20:44:21.0775 0x19a4 usbaudio - ok 20:44:21.0822 0x19a4 [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2 C:\Windows\System32\drivers\usbaudio2.sys 20:44:21.0854 0x19a4 usbaudio2 - ok 20:44:21.0869 0x19a4 [ C6D1E24E96FCE7662F7C09394241CC8F, D49772661BABE6FF688F6C1D21BA04BC0E0492432664C413F851264695A3D3A2 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 20:44:21.0885 0x19a4 usbccgp - ok 20:44:21.0916 0x19a4 [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir C:\Windows\System32\drivers\usbcir.sys 20:44:21.0947 0x19a4 usbcir - ok 20:44:21.0963 0x19a4 [ D1E576C8A94A27D896B56F923ED4E4D6, 3AE5ED5EAFBC52028D082D3EC04B526EF60F5D74BBC79DD210A22D9238C61262 ] usbehci C:\Windows\System32\drivers\usbehci.sys 20:44:21.0994 0x19a4 usbehci - ok 20:44:22.0010 0x19a4 [ 804C51B11057869624D9292040B45E56, 42404EC0F658121F6553B7DAA3511ED512B7F4B336C2032BA85CD91E8879EEAE ] usbhub C:\Windows\System32\drivers\usbhub.sys 20:44:22.0057 0x19a4 usbhub - ok 20:44:22.0119 0x19a4 [ 4AB704FD17CA7D6BAD6A442ADED6AE38, 2B902FDB35CD85DC47B5137AC91FEB14ACA097E294884D53FAD9DE3B24BF2128 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 20:44:22.0166 0x19a4 USBHUB3 - ok 20:44:22.0182 0x19a4 [ 4E8C3BD185042836203F3AA26B1DE6BC, 8E2B1A8E3F8E1F88E73AE2A34B1726B5C5F6753BAE3FAB1E7CC82C53FF7EE891 ] usbohci C:\Windows\System32\drivers\usbohci.sys 20:44:22.0213 0x19a4 usbohci - ok 20:44:22.0229 0x19a4 [ E7D67614480D6365CA96FA6919F6CFF0, 7AC5FAC0D8E0A86CBD67407EA9EF95C6A2CBAA397EB959E074B6D87E85CEBD0A ] usbprint C:\Windows\System32\drivers\usbprint.sys 20:44:22.0244 0x19a4 usbprint - ok 20:44:22.0275 0x19a4 [ C1213195609925F6422E2BA69ED6F221, C75DE7DA8C2EF42A98115BA42844C5D1C0798987A48945AF689760DDFAAC8916 ] usbser C:\Windows\System32\drivers\usbser.sys 20:44:22.0291 0x19a4 usbser - ok 20:44:22.0307 0x19a4 [ D4ECAFDBBB8312B665D3787966294C3F, 0C479303A8F5B400BCBEE32266F0EDC17C70BBEB988545C812A632D8D2DD60E6 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 20:44:22.0322 0x19a4 USBSTOR - ok 20:44:22.0338 0x19a4 [ 3D45E616CC66D475E7261875344622F1, 3D602EA3F0A83F8FA7B9FED579B21881BB92272307634B24E0423A9A482D2CD6 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 20:44:22.0369 0x19a4 usbuhci - ok 20:44:22.0400 0x19a4 [ 29F82295E9175BAF041A3570A209D855, 5239B193B3803BA5C88037DBB827BEDD298204C5E66C76D2C5A59C6B2D0900DC ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 20:44:22.0447 0x19a4 USBXHCI - ok 20:44:22.0525 0x19a4 [ 12DB5302310C244632A997D52DFAB2C6, D035B96CB61CE2BDA341D872CD4BB6093BBB260BEFABCDEE486048D0CCD0141A ] UserDataSvc C:\Windows\System32\userdataservice.dll 20:44:22.0635 0x19a4 UserDataSvc - ok 20:44:22.0697 0x19a4 [ 92C5C64001ED77E6FDAAF62F3794FACF, C78018A2A3C7A1EE8C9559CFDFD3852D2B792AC6CD44E67CA4103F372C2544B8 ] UserManager C:\Windows\System32\usermgr.dll 20:44:22.0807 0x19a4 UserManager - ok 20:44:22.0854 0x19a4 [ C14535813F05E4DE87863643098A3648, DAD6656857FCD8FD1408627850787FA8E56672E89CBA1B94E54C9614EE49C4BF ] UsoSvc C:\Windows\system32\usosvc.dll 20:44:22.0916 0x19a4 UsoSvc - ok 20:44:22.0947 0x19a4 [ EF5B200C6009FDAA6693A7DB7A1A10D0, C23E169D28539A3AAD2EFA4DA8EF2C93F0C471530A2716F309075B173F926F2A ] VacSvc C:\Windows\System32\vac.dll 20:44:22.0979 0x19a4 VacSvc - ok 20:44:22.0994 0x19a4 [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] VaultSvc C:\Windows\system32\lsass.exe 20:44:23.0010 0x19a4 VaultSvc - ok 20:44:23.0025 0x19a4 [ 661233B58190B487682839F1559A7962, 2BE132106C26A9073B6E9CB646E6A2C003558B8924ED0BDC3A0533FC98E03BF4 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:44:23.0041 0x19a4 vdrvroot - ok 20:44:23.0104 0x19a4 [ 8845765B4D416FD2835C27C58A15E99E, 8A0AA93F17FEE2C816D57ADB6B6BE38D195D87A3CDCFBDDB78E0AF0D5452BC5E ] vds C:\Windows\System32\vds.exe 20:44:23.0166 0x19a4 vds - ok 20:44:23.0182 0x19a4 [ 46684A95E908F0A6A2355AA46A3B2A77, A25DFDA0572EF014905619DF21427518EA5C01CFB13B9927ADA305B29DBBFEFE ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 20:44:23.0229 0x19a4 VerifierExt - ok 20:44:23.0275 0x19a4 [ DAFD20333BE73F8676063A6C4E9217FD, CB8501336C0D979DA8E92D477D150C1C734E08B9CA2F944C2F19B0B4937CB6BA ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 20:44:23.0338 0x19a4 vhdmp - ok 20:44:23.0369 0x19a4 [ 7F2F04A354582D3D34F5B2B4EFF07189, 98188182D328414832D06E957601A997AD2B2B0F088B089181EDE8FAB0AF733C ] vhf C:\Windows\System32\drivers\vhf.sys 20:44:23.0385 0x19a4 vhf - ok 20:44:23.0432 0x19a4 [ 8127F00C5A0B911A5969E57AC0016B7E, BAEF152D8717147BE10767798E4E2CC018C2E21EA0FBA0BC251A23E35A1E95C5 ] Vid C:\Windows\System32\drivers\Vid.sys 20:44:23.0463 0x19a4 Vid - ok 20:44:23.0494 0x19a4 [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys 20:44:23.0525 0x19a4 VirtualRender - ok 20:44:23.0557 0x19a4 [ 946A921E9CAAD64D62C5311A0B315109, F935AE2DE1E979DB589F803CD1669AA76DBABB735EAFACD217BF6DD4A7BD0226 ] vmbus C:\Windows\system32\drivers\vmbus.sys 20:44:23.0588 0x19a4 vmbus - ok 20:44:23.0604 0x19a4 [ C29F63BB3B99B3F2030113160A741684, 43DF7A6DD305D1696D28A54E12B75AE041B075E789DB5D0C8DDF250E75585AA1 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 20:44:23.0619 0x19a4 VMBusHID - ok 20:44:23.0635 0x19a4 [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid C:\Windows\System32\drivers\vmgid.sys 20:44:23.0650 0x19a4 vmgid - ok 20:44:23.0697 0x19a4 [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicguestinterface C:\Windows\System32\icsvc.dll 20:44:23.0713 0x19a4 vmicguestinterface - ok 20:44:23.0729 0x19a4 [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicheartbeat C:\Windows\System32\icsvc.dll 20:44:23.0760 0x19a4 vmicheartbeat - ok 20:44:23.0775 0x19a4 [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmickvpexchange C:\Windows\System32\icsvc.dll 20:44:23.0807 0x19a4 vmickvpexchange - ok 20:44:23.0822 0x19a4 [ 518D84A37E7F1A298C8888FF08B3B0DE, A8B9515704B1B17112BFC03E27251833AE9A580079963DE9B71B5202004060BD ] vmicrdv C:\Windows\System32\icsvcext.dll 20:44:23.0854 0x19a4 vmicrdv - ok 20:44:23.0885 0x19a4 [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicshutdown C:\Windows\System32\icsvc.dll 20:44:23.0916 0x19a4 vmicshutdown - ok 20:44:23.0932 0x19a4 [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmictimesync C:\Windows\System32\icsvc.dll 20:44:23.0947 0x19a4 vmictimesync - ok 20:44:23.0963 0x19a4 [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicvmsession C:\Windows\System32\icsvc.dll 20:44:23.0994 0x19a4 vmicvmsession - ok 20:44:24.0025 0x19a4 [ 518D84A37E7F1A298C8888FF08B3B0DE, A8B9515704B1B17112BFC03E27251833AE9A580079963DE9B71B5202004060BD ] vmicvss C:\Windows\System32\icsvcext.dll 20:44:24.0057 0x19a4 vmicvss - ok 20:44:24.0072 0x19a4 [ 03C916697B40262CCCE75ACD83CDFC9B, 0CE0D5A0274E3F710F35D72F925F23E1C7697E46A2CF1C08ACC1A7658BB4B898 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:44:24.0088 0x19a4 volmgr - ok 20:44:24.0119 0x19a4 [ 796F1C83861C02A97571D0EDAB490B70, 71CE8D930AE82C2B2628CBF3BB3AE1A8CF039BD702BDE912D499FCF45332F5A6 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:44:24.0166 0x19a4 volmgrx - ok 20:44:24.0182 0x19a4 [ 988A7A685BB51BAC62F4E176BE5432AC, CFEE4616C10EB0CDA65D4FCC2488B879D577E0F95B5E9AB9B61258F249ED6AC6 ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:44:24.0229 0x19a4 volsnap - ok 20:44:24.0260 0x19a4 [ 770E710BEA3CCC595EE3703297B40D76, C03E3367B92307993BC169583CB298265FC1C35CF5973EC352C1E08FFCFD1928 ] volume C:\Windows\system32\drivers\volume.sys 20:44:24.0275 0x19a4 volume - ok 20:44:24.0291 0x19a4 [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci C:\Windows\system32\drivers\vpci.sys 20:44:24.0322 0x19a4 vpci - ok 20:44:24.0322 0x19a4 [ 1A4D9FAED669BC42E5A1CD8442729AB2, E70778AF6B0C9709CB8CEF655C6DD8B5A61CC70BFD35A43304C1308EA478C550 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:44:24.0354 0x19a4 vsmraid - ok 20:44:24.0432 0x19a4 [ 2A6BB06A14D810601F8CA02A98A3E16F, 0BA31F101507CD279108F7845AA7EF38B7ADC2E595921F6A1C09954A2315409D ] VSS C:\Windows\system32\vssvc.exe 20:44:24.0541 0x19a4 VSS - ok 20:44:24.0557 0x19a4 [ 6E0092973E35BE6A1F5ED5CBDD202036, 33DAF53C81D5BAF9337192A84DF50C108BAE9B8A858081E2208939CCFF2622F8 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 20:44:24.0588 0x19a4 VSTXRAID - ok 20:44:24.0619 0x19a4 [ 7BC30ADCCC9BCF2B0A29A320A395EC3B, 373C85F659F07366649697823B4A8B14313F0042A7A04E932429D049D18C7646 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:44:24.0635 0x19a4 vwifibus - ok 20:44:24.0650 0x19a4 [ E52E3DD859D4095E314E3EC78F9AD4E4, 2ABE2311C9C429308BA0D6BC490AC1C9570ECBC83D9BEDC561E438B7BB4436B2 ] vwififlt C:\Windows\system32\drivers\vwififlt.sys 20:44:24.0682 0x19a4 vwififlt - ok 20:44:24.0744 0x19a4 [ F547820151D4E231184F1625CF6A5086, EDABA8F659EBEC01487D1A5B85ACC355EA79EE3E493E313E9DB786C1CB24CDFD ] W32Time C:\Windows\system32\w32time.dll 20:44:24.0791 0x19a4 W32Time - ok 20:44:24.0822 0x19a4 [ 8418FEFDF1EEF9E5109000104B3C7785, D30A04C1521B85F0269ED86C1BE7BC26A7E1B16E5D098B90EB577130E12D342F ] WaaSMedicSvc C:\Windows\System32\WaaSMedicSvc.dll 20:44:24.0854 0x19a4 WaaSMedicSvc - ok 20:44:24.0885 0x19a4 [ 1F16C8283230EF1F1C4E135D1C2C859B, E4F672C7E58490F82F859CAEEDD57D8ABCC31DE62A42A956BEE47113D365BE35 ] WacomPen C:\Windows\System32\drivers\wacompen.sys 20:44:24.0900 0x19a4 WacomPen - ok 20:44:24.0916 0x19a4 [ B10C6531F8BF492147787356A7AA826D, 1AE402C387A4E8B005FF3E5B705D6F318551C0E4C19DE09DC826FC5FDF75D2EA ] WalletService C:\Windows\system32\WalletService.dll 20:44:24.0979 0x19a4 WalletService - ok 20:44:24.0994 0x19a4 [ 438B3E55D9D700C1C0424642872C2E28, 161F9F1F666717D95AF7EC984DDDC4D7E13844617108346FFC49A4EE99AE812F ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys 20:44:25.0025 0x19a4 wanarp - ok 20:44:25.0041 0x19a4 [ 438B3E55D9D700C1C0424642872C2E28, 161F9F1F666717D95AF7EC984DDDC4D7E13844617108346FFC49A4EE99AE812F ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:44:25.0057 0x19a4 wanarpv6 - ok 20:44:25.0104 0x19a4 [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc C:\Windows\System32\Windows.WARP.JITService.dll 20:44:25.0119 0x19a4 WarpJITSvc - ok 20:44:25.0213 0x19a4 [ 9CA1D999F01E0F8AEDDE2CFC187B2C0B, 5AE95F3F77AAED3067CBA39C5B2CD1790B949027E837B5AF580F2A8D4714FB68 ] wbengine C:\Windows\system32\wbengine.exe 20:44:25.0307 0x19a4 wbengine - ok 20:44:25.0354 0x19a4 [ 95A860926377DB7C749FD381363E5F3D, 8A77EA20EB4640CBF243A479DFA8DE5ED4D2B7FC05043C10C9FFD85C71FDE9C1 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:44:25.0432 0x19a4 WbioSrvc - ok 20:44:25.0463 0x19a4 [ A6356145807BB9C5CE67C4C4754DE380, 09C73BE55A555501E359E7E27ECD2CC76C2C8B7EC41950EFC3E80E85ADA6385E ] wcifs C:\Windows\system32\drivers\wcifs.sys 20:44:25.0479 0x19a4 wcifs - ok 20:44:25.0557 0x19a4 [ 2E5A66AB07AC6199B25A895EB8FA8867, 8312EAB3A0587E355EF83BEC477B8CE0A59226585E57EAF569263F5BDB3DBBB7 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 20:44:25.0619 0x19a4 Wcmsvc - ok 20:44:25.0650 0x19a4 [ 04C1AC3629DB555D2F4613FD05DE3576, 312E318190CF6B1D6C0A7DD85FFCBF188CB6C9AFC88E0C8F69804476A53713F2 ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:44:25.0697 0x19a4 wcncsvc - ok 20:44:25.0713 0x19a4 [ 356B1367E6F162D27E61438B528E5590, EAFB2B30184C0BB71D11A079BACB7112C006FEFF8FD9444D17DBB9511E2367A5 ] wcnfs C:\Windows\system32\drivers\wcnfs.sys 20:44:25.0760 0x19a4 wcnfs - ok 20:44:25.0775 0x19a4 [ 5925250BDDB94B0A5FA0E7FEED36C520, 0845344F7BFAA94AF90920A5346078E6261EEA3A1A77795DDA5B70B38609348B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 20:44:25.0807 0x19a4 WdBoot - ok 20:44:25.0869 0x19a4 [ 47DCD64DED164A9148F83A9E7FC0E62C, 1BE1287FAD8F8E38B8D66E718150F4D3F6183091D06222D73633566289377E2D ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:44:25.0932 0x19a4 Wdf01000 - ok 20:44:25.0963 0x19a4 [ C150CD7072592B0BCBB7DACFFC6904CD, 0F4D31410401CC564A5D1FCEF5ED2898DAFB7418C1B39D746E88451CC3518ACA ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 20:44:25.0979 0x19a4 WdFilter - ok 20:44:26.0025 0x19a4 [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost C:\Windows\system32\wdi.dll 20:44:26.0057 0x19a4 WdiServiceHost - ok 20:44:26.0072 0x19a4 [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost C:\Windows\system32\wdi.dll 20:44:26.0104 0x19a4 WdiSystemHost - ok 20:44:26.0166 0x19a4 [ 891FFBD96763CCBEA7CDC8D098E63BD2, 72E1174041B97199E99AF54A47567E233B14BBE2C8608A214D0CBAA92135591C ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys 20:44:26.0244 0x19a4 wdiwifi - ok 20:44:26.0275 0x19a4 [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\Windows\system32\drivers\WdmCompanionFilter.sys 20:44:26.0291 0x19a4 WdmCompanionFilter - ok 20:44:26.0307 0x19a4 [ C5552A3A54408AB9A0DC341E21F5EF67, 67838896B7E04EBBE2AA089F09913789A5E8C4B7E7436397135F1F68BB86F03A ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 20:44:26.0322 0x19a4 WdNisDrv - ok 20:44:26.0338 0x19a4 WdNisSvc - ok 20:44:26.0369 0x19a4 [ 4A81FA6E29A3909FC620EC8B7AE0C8FF, 89F67C978A7F58FF1E51CE6DE17FE8FAF64A52A2E96BD188E911517AF1949275 ] WebClient C:\Windows\System32\webclnt.dll 20:44:26.0400 0x19a4 WebClient - ok 20:44:26.0447 0x19a4 [ C2F1D4628C22E298F3A3A06B6DC97588, F8CF9237AC6B5B90D9D0B71C9EEAEB3C1E1CFF3362A9C0A2DEB5B14180254155 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:44:26.0479 0x19a4 Wecsvc - ok 20:44:26.0510 0x19a4 [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 20:44:26.0525 0x19a4 WEPHOSTSVC - ok 20:44:26.0557 0x19a4 [ 0CA02EBDA174768BE1BFA3FB9090448F, A9D569B6B06B2DD4880ED62D2D9520BB10828E0EA65F1ACF9C8C4134611D1C58 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:44:26.0588 0x19a4 wercplsupport - ok 20:44:26.0604 0x19a4 [ 24FD4F8F7BBC74C74D2552E16384FFC3, 6E6B3A8A9E33CAE73F69B1D2D1543FEE9CDEEE6AC12C52765BA6304D88F06D58 ] WerSvc C:\Windows\System32\WerSvc.dll 20:44:26.0650 0x19a4 WerSvc - ok 20:44:26.0697 0x19a4 [ 39B758E2093B9FB42A086BF4BB1B8BEC, 473C61E7F4D734AE9C4BD2E111C6DCE595E9EF167C001CEDC35E53213F2987F6 ] WFDSConMgrSvc C:\Windows\System32\wfdsconmgrsvc.dll 20:44:26.0744 0x19a4 WFDSConMgrSvc - ok 20:44:26.0791 0x19a4 [ 42FEB0B8FC61E3A46F74FBFDB390D830, D4539D1BB2C3FF931FC578741004962601E1311B2A485E24732093A9C3F6219F ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys 20:44:26.0807 0x19a4 WFPLWFS - ok 20:44:26.0854 0x19a4 [ 7AE4D5A054C5EEF9EF9F42926B52FA47, A58CB62992AB846A31E197DF5161F50323D120DF73B7D33FE7D5F5B1AF209291 ] WiaRpc C:\Windows\System32\wiarpc.dll 20:44:26.0885 0x19a4 WiaRpc - ok 20:44:26.0900 0x19a4 [ 58100AE414B011D141C31B7B9910366E, 2B46EA353D4CED8AF30C01DFED474673416F51279B63EB7D6460EFB9CA145370 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:44:26.0916 0x19a4 WIMMount - ok 20:44:26.0916 0x19a4 WinDefend - ok 20:44:26.0963 0x19a4 [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys 20:44:26.0994 0x19a4 WindowsTrustedRT - ok 20:44:27.0010 0x19a4 [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys 20:44:27.0025 0x19a4 WindowsTrustedRTProxy - ok 20:44:27.0088 0x19a4 [ B07120967D869D4F10769457E310627B, C7EEB870BFF131493E8DD5B5AA93988E7544D802B8F6F7C8D71424000E708EA4 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 20:44:27.0135 0x19a4 WinHttpAutoProxySvc - ok 20:44:27.0166 0x19a4 [ 0816C30E3395E667EFFFB92B4EA66A05, F6A9E7026AA60A6627680F232AE785EA9CF55FE970708E6E49151F601CC42FEE ] WinMad C:\Windows\System32\drivers\winmad.sys 20:44:27.0182 0x19a4 WinMad - ok 20:44:27.0307 0x19a4 [ 3FA4EB137F055D27DC16389CC839CCF9, BC04B13993C1B83D33FEA5C201F12DCF3F557E4EBFC7B85B3FB189F1F5FE10C7 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:44:27.0338 0x19a4 Winmgmt - ok 20:44:27.0369 0x19a4 [ C1D2CB775388E10E62C50C8F2A9F9E1D, 55EEB473EEC8F45713E9B7D4B459BA474F848745037EF19C037B4A08A05703EF ] WinNat C:\Windows\system32\drivers\winnat.sys 20:44:27.0416 0x19a4 WinNat - ok 20:44:27.0510 0x19a4 [ 9B4A636BF5A154AC938B1C3617BF0C3F, 68255F3B00FDF44D2B911095A714203B1BE7B05840F66BED883317E55B06C4CA ] WinRM C:\Windows\system32\WsmSvc.dll 20:44:27.0666 0x19a4 WinRM - ok 20:44:27.0713 0x19a4 [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS 20:44:27.0729 0x19a4 WINUSB - ok 20:44:27.0744 0x19a4 [ F4C4FD42F8DD657157823DB617CC3A3D, D2A5ED039ED83010E0BB4BB1A69F9D142D42BE2C75E56CFCF3F157A735CB688E ] WinVerbs C:\Windows\System32\drivers\winverbs.sys 20:44:27.0760 0x19a4 WinVerbs - ok 20:44:27.0822 0x19a4 [ EC37C67EA953F7F7C595DDC1CE90CF13, 67753D07AE6D98FC0CB730B912D757F1F7527A34BFDB24187F0307245D0A85B1 ] wisvc C:\Windows\system32\flightsettings.dll 20:44:27.0885 0x19a4 wisvc - ok 20:44:27.0994 0x19a4 [ 7F9F87DB848F9F755187C963B5029ABE, 8A5656EF5B95E8E84C33D447460D37F7C7AAFBEB3154FDD717EEADBD1140D803 ] WlanSvc C:\Windows\System32\wlansvc.dll 20:44:28.0150 0x19a4 WlanSvc - ok 20:44:28.0244 0x19a4 [ 48AE66A72ECA846D1A0216D4CE2955E6, 1885F8AC0F95A3B891833A07193819894E3F6E00790B51C0E55AA63D57BD3FB0 ] wlidsvc C:\Windows\system32\wlidsvc.dll 20:44:28.0369 0x19a4 wlidsvc - ok 20:44:28.0447 0x19a4 [ DB67CDBAACE4F4C7BED667070322B19D, 29A862177DD0C9BAC4145503E8A669A759492EF9B928D571E0D2A18330F45ACA ] wlpasvc C:\Windows\System32\lpasvc.dll 20:44:28.0541 0x19a4 wlpasvc - ok 20:44:28.0588 0x19a4 [ 4A737D7249405BC932D45A401EC0CEDC, 00E7ECB208E4002DB3C924B0ADC5667D5FD111306E72A5A7570AAC4051AB9EC8 ] WManSvc C:\Windows\system32\Windows.Management.Service.dll 20:44:28.0666 0x19a4 WManSvc - ok 20:44:28.0682 0x19a4 [ E4F25E6E790747073A09F9F8C997889C, 98455DD24AE076A2413EA599F83E0894F608C335F3FF2F3624A17E8EAF3B3C42 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 20:44:28.0713 0x19a4 WmiAcpi - ok 20:44:28.0760 0x19a4 [ 6389D05C6AAE73AD218CDC8153647CBB, 2A05EA2653CE6EE43E02B1CC26530D3292D314BE8D31A4641DE333FA6B093CCA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:44:28.0791 0x19a4 wmiApSrv - ok 20:44:28.0822 0x19a4 WMPNetworkSvc - ok 20:44:28.0885 0x19a4 [ 68022EB06DCFD1521802D94C8901AF15, 57C8A7D84BBACF87FEAB052D25FF3AED764AC0EE249E0FCF69183803A0D7B59E ] Wof C:\Windows\system32\drivers\Wof.sys 20:44:28.0900 0x19a4 Wof - ok 20:44:28.0994 0x19a4 [ 81F1F5F02973F44749F0C2B449C6955E, BA122C63CA361E0C372B84C9A710746C10B2B89ECB04FA66714C6DC08D4666DD ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 20:44:29.0104 0x19a4 workfolderssvc - ok 20:44:29.0182 0x19a4 [ B46C9D33621E4AE427312F6B4AC819D7, 955041A21B3ECD01D028037B62E64BC8F1C1248C165CD294F3B66F89076AC7C5 ] WpcMonSvc C:\Windows\System32\WpcDesktopMonSvc.dll 20:44:29.0307 0x19a4 WpcMonSvc - ok 20:44:29.0338 0x19a4 [ 02876C4F9F4EEC8AC30BBCFFE3447AB6, 0744CBBD9F2B867DF456E2B0E113897B654F07E1C96FCB32D4B4B57BE6A3BE81 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:44:29.0369 0x19a4 WPDBusEnum - ok 20:44:29.0400 0x19a4 [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 20:44:29.0416 0x19a4 WpdUpFltr - ok 20:44:29.0447 0x19a4 [ 040F7FA155A799B9F642DE9808234CB5, 808871E4211460A9273E6F8386FF764D504FAC183D74FE98AEED3911CD8CACE6 ] WpnService C:\Windows\system32\WpnService.dll 20:44:29.0479 0x19a4 WpnService - ok 20:44:29.0510 0x19a4 [ B9401D6EC47178619E4E21701E3567BD, 53F6CE17E02A85E41327DA2D5FD299D5BAF2BD48DDE22DE6688D3EA410C75144 ] WpnUserService C:\Windows\System32\WpnUserService.dll 20:44:29.0525 0x19a4 WpnUserService - ok 20:44:29.0557 0x19a4 [ 2B98DFC181823C8D8AA39C4CC577DE3E, DAFF7CE8868299AF5EFA844C2E1F84B7EE7E498B1AFF16965CE41C2E75B2F4E4 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:44:29.0588 0x19a4 ws2ifsl - ok 20:44:29.0619 0x19a4 [ E2BDC4D8D6090ED797FBD39FC097576F, 2BE313764D9830C9B4072A2CF98B4895A66BD83200A350D7ED7C8764AB2316D7 ] wscsvc C:\Windows\System32\wscsvc.dll 20:44:29.0650 0x19a4 wscsvc - ok 20:44:29.0666 0x19a4 WSearch - ok 20:44:29.0791 0x19a4 [ 548E5FAA852134C7F380DC45C6A0A0B8, FEBFF6F35E59BD16227D2067101C352C860B3B45C4CFAB3D6C94C092C9D8B9D0 ] wuauserv C:\Windows\system32\wuaueng.dll 20:44:29.0979 0x19a4 wuauserv - ok 20:44:30.0010 0x19a4 [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:44:30.0041 0x19a4 WudfPf - ok 20:44:30.0072 0x19a4 [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 20:44:30.0104 0x19a4 WUDFRd - ok 20:44:30.0150 0x19a4 [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys 20:44:30.0182 0x19a4 WUDFWpdFs - ok 20:44:30.0244 0x19a4 [ E534D45BAD11D7CCD0F84A3E5BE3A636, AFADF5674AB05059C8BF5026825EBFADC0E883B9EE97F0F3DAC675F735E9AC45 ] WwanSvc C:\Windows\System32\wwansvc.dll 20:44:30.0354 0x19a4 WwanSvc - ok 20:44:30.0400 0x19a4 [ 5C7422C70CBD981C38D282EA264CF939, CCE1584461A6683515A766CA6061FBC53A03314328221761204E3ABBD398FCCF ] XblAuthManager C:\Windows\System32\XblAuthManager.dll 20:44:30.0463 0x19a4 XblAuthManager - ok 20:44:30.0510 0x19a4 [ C9E2CB63271BA466EA761AA43AB075C7, 0A83D06D8DB0915E73E78CFC4ABE4A03909E5210A190A05CF6BF9FD54C3F9F9A ] XblGameSave C:\Windows\System32\XblGameSave.dll 20:44:30.0604 0x19a4 XblGameSave - ok 20:44:30.0635 0x19a4 [ DFE835AAC709E9A53998CDB2DE3F00D2, 0468F2C7D30E768CC05F7649E12B9A3AE9D4680E59476D1286F6C0767C73E3DA ] xboxgip C:\Windows\System32\drivers\xboxgip.sys 20:44:30.0666 0x19a4 xboxgip - ok 20:44:30.0697 0x19a4 [ 4107565488585C924FEEE766F0EB6193, 87BA1A8CB0D3053B30426045CC126A1E0EBC968C2A266B3AF057B286CB12D9B5 ] XboxGipSvc C:\Windows\System32\XboxGipSvc.dll 20:44:30.0713 0x19a4 XboxGipSvc - ok 20:44:30.0775 0x19a4 [ E0FB1A64CE1A2151BBEA934DBCD212E4, 91704C163C7A8009DA642E39512797429DDDCC6357FEA99F0D5CED4BCA19C111 ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll 20:44:30.0854 0x19a4 XboxNetApiSvc - ok 20:44:30.0885 0x19a4 [ 8D8EAA6B1418F44479ECD8D010062F1E, 9D82CA4D087739CE004D1033970A036616A1EEBA618D1033D45FEC895D08D0C6 ] xinputhid C:\Windows\System32\drivers\xinputhid.sys 20:44:30.0900 0x19a4 xinputhid - ok 20:44:30.0900 0x19a4 ================ Scan global =============================== 20:44:30.0963 0x19a4 [ 522F9EFF8C957F906154B91A8DA698AE, FCB686BB58782506BA6A8C4F924B0872608249091C8FF9DD7129D0146ACC2BFE ] C:\Windows\system32\basesrv.dll 20:44:31.0010 0x19a4 [ 19979E1729CFA0E56EB4CCCB198DFD05, 7F2A683F28877562409D810946DDCA2F069715CDFB249602251DFA50065FFF7A ] C:\Windows\system32\winsrv.dll 20:44:31.0041 0x19a4 [ 1985068B049D1FFBB8D3F837393DF81F, B99151A18AAA83C0D6931245E6DA250346F1A61B0F8F058123E47D9BC5C12BE8 ] C:\Windows\system32\sxssrv.dll 20:44:31.0104 0x19a4 [ 448CC197BC3B10D3E36A2CD30CF32DFE, 2E18DC3466566DF55792D6AFAD818D1E28FFA2C32017770A959419736DB577EE ] C:\Windows\system32\services.exe 20:44:31.0182 0x19a4 [ Global ] - ok 20:44:31.0182 0x19a4 ================ Scan MBR ================================== 20:44:31.0197 0x19a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:44:31.0650 0x19a4 \Device\Harddisk0\DR0 - ok 20:44:31.0650 0x19a4 [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1 20:44:31.0744 0x19a4 \Device\Harddisk1\DR1 - ok 20:44:31.0744 0x19a4 ================ Scan VBR ================================== 20:44:31.0775 0x19a4 [ BCB9B1EEF0026C2C2AC46F92E319DCA0 ] \Device\Harddisk0\DR0\Partition1 20:44:31.0775 0x19a4 \Device\Harddisk0\DR0\Partition1 - ok 20:44:31.0791 0x19a4 [ 4AEB3DBB7D8676AFB2EFD12AA212BA87 ] \Device\Harddisk0\DR0\Partition2 20:44:31.0791 0x19a4 \Device\Harddisk0\DR0\Partition2 - ok 20:44:31.0807 0x19a4 [ E311ADE92C2A16B735743214AC0DA2C2 ] \Device\Harddisk1\DR1\Partition1 20:44:31.0807 0x19a4 \Device\Harddisk1\DR1\Partition1 - ok 20:44:31.0807 0x19a4 ================ Scan active images ======================== 20:44:31.0807 0x19a4 ================ Scan generic autorun ====================== 20:44:31.0838 0x19a4 [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\Windows\system32\SecurityHealthSystray.exe 20:44:31.0869 0x19a4 SecurityHealth - ok 20:44:31.0963 0x19a4 [ E3A80B002CC0C5A9C89EACA762D0EB6B, 722982AD49D2A7BC705BC6AC2A3B1BA62BD182DA642A4E7F4E83774F03E25344 ] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe 20:44:31.0979 0x19a4 Trend Micro Client Framework - ok 20:44:32.0150 0x19a4 [ D5E126F4D12B90E672E08A050D1822CF, 603D2A926807267A6352B06DE83A11274D3A1B449C9B8D50F16C1CF30C62B4E0 ] C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe 20:44:32.0197 0x19a4 Platinum - ok 20:44:32.0447 0x19a4 OneDriveSetup - ok 20:44:32.0447 0x19a4 OneDriveSetup - ok 20:44:32.0729 0x19a4 [ BCA6299B52F3453FF17E2255F553D030, 4C22FF31F638258BF471F4F08EF88F327FBCF1A6AC2BBAFC766A9BC491996027 ] C:\Users\tor\AppData\Local\Microsoft\OneDrive\OneDrive.exe 20:44:32.0791 0x19a4 OneDrive - ok 20:44:33.0057 0x19a4 [ 86EA564C9632E24ABE2C031A46E8EADA, 89FC49FAD82577947DF4E773DBCC1A5FA2E4D88C2DBD7295EC288B55FCF79DDC ] C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe 20:44:33.0197 0x19a4 DRScanner - ok 20:44:33.0354 0x19a4 [ 6B08251F2DC6FCE5075B1596B6A00ADE, 5AC866677AE2B92C38715761B948C362D2F388EFD5E2B85616E53A59B732E0CB ] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe 20:44:33.0479 0x19a4 615BCF63291C3BA0D218C430BAA39FA6C416F12F._service_run - ok 20:44:33.0619 0x19a4 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated ) 20:44:33.0619 0x19a4 AV detected via SS2: Trend Micro Antivirus+, C:\Program Files\Trend Micro\Titanium\TmWscSvc\wschandler.exe ( 17.0.0.1150 ), 0x41000 ( enabled : updated ) 20:44:33.0697 0x19a4 Win FW state via NFP2: enabled ( trusted ) 20:44:33.0697 0x19a4 ============================================================ 20:44:33.0697 0x19a4 Scan finished 20:44:33.0697 0x19a4 ============================================================ 20:44:33.0697 0x118c Detected object count: 1 20:44:33.0697 0x118c Actual detected object count: 1 20:45:16.0296 0x118c C:\Windows\System32\drivers\BthA2dp.sys - copied to quarantine 20:45:16.0296 0x118c BthA2dp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

Nina_Tusabe · 11 Marzo, 2021 20:19

Le ha costado muchísimo los escaneos .Si que he podido entrar en modo a prueba de fallos pero hay de congelaba el escaneo y se tiraba mas de una hora . El reiniciar también me devolvía a usuario por lo tanto NO son escaneos en safe mode .A aparecido un Risk que he mandado a cuarentena … Vale .quedo a la escucha

MIXU · 11 Marzo, 2021 20:41

Pon correctamente los reportes como en la primera vez COMO los de FRST. Ya que así no puedo leerlos bien.

Los editas y reviso todo tu caso y te digo más cosas.

MIXU · 11 Marzo, 2021 22:45

Hola @Nina_Tusabe

Ponlos correctamente por favor. (reportes).

OK. Ya sé que tipo de ataque es.

¿Qué programas exactamente tienes ahora en tu máquina instalados? No instales ningún programa ni dada más a no ser que yo te lo diga.

¿No conectes absolutamente ningún tipo de dispositivo externo (USBs, discos duros externos, Sds, NAS, San, etc)?

¿Qué dispositivos (ordenadores, móviles…) tienes ahora mismos conectados en tu red? Aparte de este PC y del propio router lógicamente. Solo deberías de tener estos dos dispositivos en tu red (Router + PC) y ya esta.

Deberemos de ser muy metódicos y asilarlo todo bien y hacer muy bien las cosas. Si no, no podremos con esto.

¿Como subir imágenes al Foro? y pones la imagen de la advertencia del antivirus.

OK.

Dime el modelo exacto de Router y la versión del Firmware que tiene instalada actualmente.

Por aquí no lo recomendamos en absoluto:

Nina_Tusabe · 11 Marzo, 2021 23:53

Antes de nada .Es muy posible que nos este leyendo. Cuenta con eso con total seguridad A tus preguntas de hoy → OK No pongo ni un programa mas El SO esta instalado de hoy al mediodía ,solo tiene Chrome
Faststene Image Viewers 7.5 Hous Call For Home Networks (de Trend Micro) Tren Micro antivirus (pongo este por que me protege de escritura todas las carpetas que quiera )

Hay varios PC mas pero los saque de la red enseguida ,quizás en enero, igual que la impresora ,igual que los teléfonos .Portátil lo acabo de cerrar ahora mismo. Solo queda este PC con un solo disco duro .Al otro lado del router no hay nada de nada .

El router es arcadyan modelo PRV 3397 B E LT HW version R01 FW version v1.03.05.211 wifi 2.4/5 GHz

Nina_Tusabe · 11 Marzo, 2021 23:54

part 1

20:43:14.0836 0x0428  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
20:43:21.0638 0x0428  ============================================================
20:43:21.0638 0x0428  Current date / time: 2021/03/11 20:43:21.0638
20:43:21.0638 0x0428  SystemInfo:
20:43:21.0638 0x0428  
20:43:21.0638 0x0428  OS Version: 10.0.19042 ServicePack: 0.0
20:43:21.0638 0x0428  Product type: Workstation
20:43:21.0638 0x0428  ComputerName: DESKTOP-KLPEOIN
20:43:21.0638 0x0428  UserName: tor
20:43:21.0638 0x0428  Windows directory: C:\Windows
20:43:21.0638 0x0428  System windows directory: C:\Windows
20:43:21.0638 0x0428  Running under WOW64
20:43:21.0638 0x0428  Processor architecture: Intel x64
20:43:21.0638 0x0428  Number of processors: 2
20:43:21.0638 0x0428  Page size: 0x1000
20:43:21.0638 0x0428  Boot type: Normal boot
20:43:21.0638 0x0428  CodeIntegrityOptions = 0x00000001
20:43:21.0638 0x0428  ============================================================
20:43:21.0638 0x0428  KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
20:43:21.0638 0x0428  KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
20:43:21.0638 0x0428  BG loaded
20:43:21.0919 0x0428  System UUID: {BA94422A-1F47-6FB8-AEEA-24EED0F2273B}
20:43:22.0334 0x0428  !crdlk
20:43:22.0350 0x0428  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
20:43:22.0381 0x0428  Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 ( 3.73 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:43:22.0381 0x0428  ============================================================
20:43:22.0381 0x0428  \Device\Harddisk0\DR0:
20:43:22.0381 0x0428  MBR partitions:
20:43:22.0381 0x0428  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA081800
20:43:22.0381 0x0428  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA082408, BlocksNum 0x13143568
20:43:22.0397 0x0428  \Device\Harddisk1\DR1:
20:43:22.0397 0x0428  MBR partitions:
20:43:22.0397 0x0428  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x777800
20:43:22.0397 0x0428  ============================================================
20:43:22.0444 0x0428  C: <-> \Device\Harddisk0\DR0\Partition2
20:43:22.0491 0x0428  D: <-> \Device\Harddisk0\DR0\Partition1
20:43:22.0491 0x0428  ============================================================
20:43:22.0491 0x0428  Initialize success
20:43:22.0491 0x0428  ============================================================
20:43:33.0334 0x19a4  ============================================================
20:43:33.0334 0x19a4  Scan started
20:43:33.0334 0x19a4  Mode: Manual; SigCheck; TDLFS; 
20:43:33.0334 0x19a4  ============================================================
20:43:33.0334 0x19a4  KSN ping started
20:43:33.0350 0x19a4  KSN ping finished: false
20:43:39.0897 0x19a4  ================ Scan BIOS =================================
20:43:39.0897 0x19a4  BIOS info: vendor = Dell Inc., version = A22, releaseDate = 06/11/2012
20:43:39.0897 0x19a4  Base board info: manufacturer = Dell Inc., product = 0PU052, version =    
20:43:41.0616 0x19a4  [ D6BD0BF88551CC1EF133EB4B63CBE0EC, 239A4D9B2DEBF85674DAEE15A3E8B8AE939E13C46B7A10A63D35433F7A1DFA13 ] BIOS
20:43:41.0616 0x19a4  BIOS - ok
20:43:41.0616 0x19a4  ================ Scan system memory ========================
20:43:41.0616 0x19a4  System memory - ok
20:43:41.0616 0x19a4  ================ Scan services =============================
20:43:42.0162 0x19a4  [ AF50A9D10FF7B1D999BA99D00CC128B3, 3D6E0579821BFA91B7F0A6E6DDC6E03BD3389202AD1A079B825D18D2A76250A0 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:43:42.0256 0x19a4  1394ohci - ok
20:43:42.0287 0x19a4  [ 1C29610EDF5FE3C9D313207BD65BCDD0, 5A29D80AF47D08998125CB81BC1D4E84093291A74DE422B63F7BBDA7BDE95311 ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:43:42.0303 0x19a4  3ware - ok
20:43:42.0350 0x19a4  [ D8BDBDF122082678D8270E7280453034, 448C70AEBFDDEAE47CD01178CC1A2D5A374D644B998178DB187F6558AC38F7CA ] AarSvc          C:\Windows\System32\AarSvc.dll
20:43:42.0397 0x19a4  AarSvc - ok
20:43:42.0537 0x19a4  [ 76DB2803F668B0D9023422DBD429C2B3, 916C2525BF27CEC3C29D51FC0AE67E6CB8D73D5A323118145DC0BAD00B592609 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:43:42.0584 0x19a4  ACPI - ok
20:43:42.0600 0x19a4  [ 6A424E6ABD1970E23ECF3DA85725B6BF, 1D576471A8035AD3FF5B0616F47B79E43AA367ECDF009D7CADDA0F11F13A1345 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
20:43:42.0631 0x19a4  AcpiDev - ok
20:43:42.0647 0x19a4  [ 70D9FC69CED08E86B888717CC5C37367, 34856C805B67F3EE4ABFD81B61879112344C343BC7E76A7A466FAD276E0E5165 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:43:42.0678 0x19a4  acpiex - ok
20:43:42.0694 0x19a4  [ EF7CB34FB2D56305EF942012499AB8F7, 3A9A504797FD22BB5447BB36597D5001320ABC0D4A1853D478C038EAC6847913 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:43:42.0709 0x19a4  acpipagr - ok
20:43:42.0725 0x19a4  [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:43:42.0756 0x19a4  AcpiPmi - ok
20:43:42.0756 0x19a4  [ 85A86944A6163F0B7A8B10203B70CB9A, 72D35F5DB8714D38E4050A7F7A457C4AD99E3EA212040704F1C1ECBB70E865E9 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:43:42.0787 0x19a4  acpitime - ok
20:43:42.0819 0x19a4  [ 0A5B95079E8854FFDB8ABC057812AD8B, 897A9C367AD464F0CB4DEB4E53CD788D75673B0F84241D5CEE2DBE64BE038818 ] Acx01000        C:\Windows\system32\drivers\Acx01000.sys
20:43:42.0850 0x19a4  Acx01000 - ok
20:43:42.0912 0x19a4  [ B4B75D49BFBCFB2762593F77E5BD7789, B83072D77685F973701EC6629D8AC2626FDEFD657A4DB9AA7D532960A29FC67C ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
20:43:42.0975 0x19a4  ADP80XX - ok
20:43:43.0022 0x19a4  [ 6F082A5EB40F9BFD6873F3796F10F866, C50D7B309C446058140F0A714F9267B58B144E63AE845B09E51572D09960236B ] AFD             C:\Windows\system32\drivers\afd.sys
20:43:43.0069 0x19a4  AFD - ok
20:43:43.0084 0x19a4  [ F7EE34360235227A7AC164215A583EE6, D83B788A59F84071260695A6C71ACF6AD4760C11F0E249E266A666E4648B3C9A ] afunix          C:\Windows\system32\drivers\afunix.sys
20:43:43.0116 0x19a4  afunix - ok
20:43:43.0147 0x19a4  [ 852B17846D11304E043E4C8A71323D5E, BC3A37CEB86D2B1970A9F4ABA31F958A1FE07C246F4F127334BB19719893ED91 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
20:43:43.0194 0x19a4  ahcache - ok
20:43:43.0209 0x19a4  [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter        C:\Windows\System32\AJRouter.dll
20:43:43.0241 0x19a4  AJRouter - ok
20:43:43.0256 0x19a4  [ EE6E3DCACA515C8E507236E4FAC225DE, AC42E63AB0DF0D5329506900D4CBE188BB3A24AEBEE368F9FF413A2C464AD656 ] ALG             C:\Windows\System32\alg.exe
20:43:43.0287 0x19a4  ALG - ok
20:43:43.0303 0x19a4  [ 55578CF027B0AE9F0D653B209C9F1B6D, 46A53925BAA34FA9D87E7C3157504A4557D81CD8B8608E7AB6CAF02F482F7792 ] amdgpio2        C:\Windows\System32\drivers\amdgpio2.sys
20:43:43.0319 0x19a4  amdgpio2 - ok
20:43:43.0334 0x19a4  [ D0E26E590DE1424CCC4F77D1687049EF, 387811D57DEF06C9736D9F0BAB0DFB0F83DBAB19E5489BF9A6DCDCBD682DD8FE ] amdi2c          C:\Windows\System32\drivers\amdi2c.sys
20:43:43.0350 0x19a4  amdi2c - ok
20:43:43.0381 0x19a4  [ 532C470012279A4E43BB2ECFB5485F95, 1DE9419C351546F4B8747AA46422311F8D1610CCA4FD050D2E2D63B6A5A839C3 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:43:43.0397 0x19a4  AmdK8 - ok
20:43:43.0412 0x19a4  [ 6EAC24D762ED653A5FB78B9BD871C200, DBAA893F1889C5B433786A1F0A5491389A8ED465E1BF2E9C486605F0D4F054CF ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:43:43.0444 0x19a4  AmdPPM - ok
20:43:43.0475 0x19a4  [ 70D7BE6BB8D22A38AD0040A1EC41C1FE, D5231F97E5432234A8A19904E59C324E825AF04881AA195C19CCC9E6A7684B14 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:43:43.0491 0x19a4  amdsata - ok
20:43:43.0506 0x19a4  [ C47EDC5D81546677A772CFC86281ED29, 71C7E7E5AA74596A6725D8F70F1DE9A0C63D3C3E120D9CCF8A508854AC340A23 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:43:43.0537 0x19a4  amdsbs - ok
20:43:43.0553 0x19a4  [ F1A1CA86A1E3782A0CABB07EF3663C70, 1FC1D4287DB56A387BDF917C0CB3BFC30CA5D792A350E2EDBBDDEBF8127E1AF9 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:43:43.0584 0x19a4  amdxata - ok
20:43:43.0834 0x19a4  [ C7DADDC82BC02F9A085282461068381B, BF7322C657EB0469D9DE05D9CF2E13FC7CFBCD5AE753DBE06166774E6C7F53DD ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
20:43:43.0897 0x19a4  Amsp - ok
20:43:43.0991 0x19a4  [ A557C1577BB5EF801E0D96458D0BBE57, 043B8941418474A1DD8BB0C7C37B9F97ABB7380A7AC0DD40650EEE0EF4DED638 ] AMSPTLM         C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe
20:43:44.0006 0x19a4  AMSPTLM - ok
20:43:44.0037 0x19a4  [ 035BB2BA72A86B0965039218E63607CB, 44B1727270D03795B639BC42B879BB3268BA6111E00DA228191CAD8E9BD90D72 ] AppID           C:\Windows\system32\drivers\appid.sys
20:43:44.0069 0x19a4  AppID - ok
20:43:44.0084 0x19a4  [ F73958729C9F712DFA1844A80C13D9EF, 3575F696BDEF22FD2855308BE56DEB173D537DC35128FE2B038E76B407560505 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:43:44.0116 0x19a4  AppIDSvc - ok
20:43:44.0131 0x19a4  [ 5A0F23E5ACD2B4CC68A817FAB63E7894, D66E7A133279048EDCE4946AAEDDAF59871B7572B0E8D4914A51CE7538FF9B77 ] Appinfo         C:\Windows\System32\appinfo.dll
20:43:44.0162 0x19a4  Appinfo - ok
20:43:44.0178 0x19a4  [ 736774D0D8EBD02D09E95D31091F0046, 1E8729E07A039CB6D0FC911911FE8E5BB1DA977181703B48C9F95DE8B1756629 ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
20:43:44.0209 0x19a4  applockerfltr - ok
20:43:44.0241 0x19a4  [ 9F7F9EF3CB7B2DB1DE97A8DC2A8053E7, 51EB3E2C8266AE07FDB1B69E3550FFD7B8500E0469A33D2064C4ECCAA942988C ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:43:44.0272 0x19a4  AppMgmt - ok
20:43:44.0319 0x19a4  [ 6820A80FD9A3B3A6AB7063FA2208DBEA, 3D473187AEEC744A8BEDB114CB802DB37543694E5518B7E1767ACF74AA34F34C ] AppReadiness    C:\Windows\system32\AppReadiness.dll
20:43:44.0366 0x19a4  AppReadiness - ok
20:43:44.0397 0x19a4  [ DC06815F02B8E4F5BFDD44D29DE33047, 03BC40C526BA6C67474DF13A61D724F7E01C39342D66C5F4BE7FC3F8A0F5A662 ] AppVClient      C:\Windows\system32\AppVClient.exe
20:43:44.0444 0x19a4  AppVClient - ok
20:43:44.0475 0x19a4  [ 6859368DBF5BD69B25B34AA1475258EC, 15763D9C6EC89DBA974C41BDB362D82F23A550FF78943D8B2E158518DB899A14 ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
20:43:44.0506 0x19a4  AppvStrm - ok
20:43:44.0522 0x19a4  [ E4F5D59DC7E64CF1194BE21313F9F06B, FCF60C3C9A5A864AAAFBEF0FC3BE098EF3B28F89B92CCDAF7902D5022E9BB2CF ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
20:43:44.0537 0x19a4  AppvVemgr - ok
20:43:44.0553 0x19a4  [ 0D69102DA6BCC3297F8C1BA77AB87F73, E073804F721AD6067D54C6604945C5365E45935C76AC5EC5DBC1ED1F91CA1878 ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
20:43:44.0584 0x19a4  AppvVfs - ok
20:43:44.0741 0x19a4  [ B57D83A652664128B7ADE7855F1821B1, 434F2F17000DB67524FA71722875B3D928434B9847D0241B7803DD44D570A709 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
20:43:44.0944 0x19a4  AppXSvc - ok
20:43:45.0225 0x19a4  [ 46FD8469080917EE12425AF692C4BC20, 96DCA25AE619F38640B22702A10BC3191626F3A36DE0E1B0EDA3B079EA9DEB24 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:43:45.0303 0x19a4  arcsas - ok
20:43:45.0350 0x19a4  [ 6CB75AC5FA454560CDA3ADF81EFEFE93, BB0CFC9C365D7BB25EDD1D73467B09A107603CF2D66F5E57F076E1BAFF3E9D0F ] AssignedAccessManagerSvc C:\Windows\System32\assignedaccessmanagersvc.dll
20:43:45.0412 0x19a4  AssignedAccessManagerSvc - ok
20:43:45.0428 0x19a4  [ D930AAE80A55116D07C41E95DE5671DB, 14985D6D2D52689C1B012F64ED0D7C9C5F6BADB51C4528BF6456D3EAE2FE69A7 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
20:43:45.0459 0x19a4  AsyncMac - ok
20:43:45.0475 0x19a4  [ C394B2347795AB247F4F4FFAB46B8935, 640B9E84035441BF4B116A9D6A31B457F6A07EEFF6E7CAD0FE6E688B219F0275 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:43:45.0491 0x19a4  atapi - ok
20:43:45.0537 0x19a4  [ 20008956FCE838B8A6BC65DC946A1D70, 9E2F96A68FEE104804A7AEBEACD1F12063173957A5440F8EB083515D0DA2DBB2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:43:45.0584 0x19a4  AudioEndpointBuilder - ok
20:43:45.0662 0x19a4  [ 09A598D8A38AA58B713C0CBAF94D8F3B, AB642749C095A72A684227C65010C27F090D2F1A38BE7235E0673DABF1E1184A ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:43:45.0756 0x19a4  Audiosrv - ok
20:43:45.0787 0x19a4  [ 5842D10A7461B7F1E456666A22611089, 7E0D27F365B3E1C89FA88EE28A8AE69ABB959083E6D151BBED87E9D41B743033 ] autotimesvc     C:\Windows\System32\autotimesvc.dll
20:43:45.0803 0x19a4  autotimesvc - ok
20:43:45.0834 0x19a4  [ 33A4AE9880A55320D6922FF9193190CC, 98E1D7AF4B14BE99F0786170E6C1B4562672E535BBA5984658DA00D6F4DD70F9 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:43:45.0866 0x19a4  AxInstSV - ok
20:43:45.0912 0x19a4  [ 638C59D330A7AF943074678A70F22E7C, FEB2771428706126FEA1CC9A50EBE3CF4F8E8FB6FCB3CA19996497CA44FDAC45 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:43:45.0944 0x19a4  b06bdrv - ok
20:43:45.0975 0x19a4  [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam             C:\Windows\system32\drivers\bam.sys
20:43:45.0991 0x19a4  bam - ok
20:43:46.0178 0x19a4  [ 0A9D38310E9683EB13C7DB9F289DDD70, B39BF3F5877613A05088B57B218D8342129DB86FD064B3DC25D1FB2B0611EBA3 ] BasicDisplay    C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys
20:43:46.0209 0x19a4  BasicDisplay - ok
20:43:46.0225 0x19a4  [ D6854E27F8E52524BAD0DDB0B06057E3, 77CD4ED4D9EADF350E5015F5DB4146D981ECF38491C52CF26CD9C3E95918DD80 ] BasicRender     C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys
20:43:46.0241 0x19a4  BasicRender - ok
20:43:46.0303 0x19a4  [ 7D1FEE3400150B5C5B6A2DB49FC8CF8D, 36162C9969ECE92D6E08123A7F117BB11D735213242F78B0EE50AAB141CB8291 ] BcastDVRUserService C:\Windows\System32\BcastDVRUserService.dll
20:43:46.0381 0x19a4  BcastDVRUserService - ok
20:43:46.0412 0x19a4  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
20:43:46.0428 0x19a4  bcmfn2 - ok
20:43:46.0475 0x19a4  [ C846E52621DEAA0AD5C4B3CC8A1394F1, 570F3A3257BA910A77E58C2BBED9913F784E63CE242B28EFE7760315F2228CFE ] BDESVC          C:\Windows\System32\bdesvc.dll
20:43:46.0522 0x19a4  BDESVC - ok
20:43:46.0537 0x19a4  [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep            C:\Windows\system32\drivers\Beep.sys
20:43:46.0553 0x19a4  Beep - ok
20:43:46.0600 0x19a4  [ CC27FDD3DB5D94BD43D63DE904EC5D85, 7BC61FEE59B667B15837807A5815BAC8F7E3CA160138C8E973B7A79C4C049EF9 ] BFE             C:\Windows\System32\bfe.dll
20:43:46.0647 0x19a4  BFE - ok
20:43:46.0678 0x19a4  [ EEA21C915F325FD6E029DB7927D95C11, 071E0B7204947AC13CAF3994267D0ADA31EA862F62BD3A0BC98F6A96C29EAC61 ] bindflt         C:\Windows\system32\drivers\bindflt.sys
20:43:46.0694 0x19a4  bindflt - ok
20:43:46.0772 0x19a4  [ A2C0C8EF1FC90B476BF6E74F18BE81CA, F2395DE2D6DD848C42C8510ED91F11B9D6F74D62AF7852B30010E39FF021E30D ] BITS            C:\Windows\System32\qmgr.dll
20:43:46.0866 0x19a4  BITS - ok
20:43:46.0912 0x19a4  [ 75EAE89BE11B0C8DF8F05CF8AE335ABF, F88B7BDEEF51523BF155E8ED24D88FCA73483ECA09CD34D20AD098C83A3F3721 ] BluetoothUserService C:\Windows\System32\Microsoft.Bluetooth.UserService.dll
20:43:46.0975 0x19a4  BluetoothUserService - ok
20:43:46.0991 0x19a4  [ 56283073404C55F35FD182B2A8025405, 78312CD9CADB24DEE22413F2F0642A8FF10C91200D7ABB17C1C2D2D7B30E18D8 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:43:47.0022 0x19a4  bowser - ok
20:43:47.0053 0x19a4  [ B05E170935BC210B8607ADEE21634466, 4B1F1480D606E7DD894C0EACBB24A4A03807ADEAC1228E25D0592CEDBC1C4956 ] BrokerInfrastructure C:\Windows\System32\psmsrv.dll
20:43:47.0084 0x19a4  BrokerInfrastructure - ok
20:43:47.0147 0x19a4  [ 05A729433AA8B89CDE3F2C5AC9D126B4, 7051B96E0A9C0AF075165DBCBB79BD145F066C5FD4FCD69676E99A41B54F0E34 ] BTAGService     C:\Windows\System32\BTAGService.dll
20:43:47.0209 0x19a4  BTAGService - ok
20:43:47.0225 0x19a4  [ 7F09708B8C651A0C0E2A2725136BA254, 0442A18BBED4E323265C66561C8F8C171D8E934E9089C12B94D1DFDBB057B737 ] BthA2dp         C:\Windows\System32\drivers\BthA2dp.sys
20:43:47.0241 0x19a4  BthA2dp - detected UnsignedFile.Multi.Generic ( 1 )
20:43:47.0319 0x19a4  BthA2dp ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0319 0x19a4  Force sending object to P2P due to detect: BthA2dp
20:43:47.0319 0x19a4  Object send P2P result: false
20:43:47.0366 0x19a4  [ 7BF7F35786BC3BA6B80FC5CED70D5735, AC601B53D6B36EA3F3E0C7698085A0937957920691495264305B05730B4D44BD ] BthAvctpSvc     C:\Windows\System32\BthAvctpSvc.dll
20:43:47.0397 0x19a4  BthAvctpSvc - ok
20:43:47.0428 0x19a4  [ 9C2D1FD2D00EF01D8406880047A22D74, 3F0BB374C945608F65317F102575DC13F5F396AE81BE94E982F62E50A5DE91BF ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
20:43:47.0459 0x19a4  BthEnum - ok
20:43:47.0475 0x19a4  [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:43:47.0506 0x19a4  BthHFEnum - ok
20:43:47.0553 0x19a4  [ 0825C3B0D4A788E95DE80739E52C9174, 7B2C116DB586ADF3175AE4DC630C2BB9043CF3EE57A22A8DBFE55127F6065A51 ] BthLEEnum       C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
20:43:47.0569 0x19a4  BthLEEnum - ok
20:43:47.0584 0x19a4  [ C343EC4406E0F039F52CA6F24430C743, 359D002E3DF422F79C3923A14D22F02D0719ED7AA61D2C0FD98BF898E374A72F ] BthMini         C:\Windows\System32\drivers\BTHMINI.sys
20:43:47.0616 0x19a4  BthMini - ok
20:43:47.0631 0x19a4  [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:43:47.0662 0x19a4  BTHMODEM - ok
20:43:47.0741 0x19a4  [ D635BD9DB05B9BC15EAED46086857259, D9983ABF59B55DE955A3ADE7292DA7152EDD93B44E8CD69D3DE18298ED6669E9 ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
20:43:47.0834 0x19a4  BTHPORT - ok
20:43:47.0866 0x19a4  [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv         C:\Windows\system32\bthserv.dll
20:43:47.0897 0x19a4  bthserv - ok
20:43:47.0912 0x19a4  [ D4FB176D0E89BBBDECA6D2D99FBE6803, 07BBED68F17FABF4E3040B07BD39CF1566C16A8B3C2CC3C8B95CC7C589128A1C ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
20:43:47.0928 0x19a4  BTHUSB - ok
20:43:47.0959 0x19a4  [ 4FF20E869FE2B5A0B8CE2E8BE61C7F7F, 8DE3B7C87D88CF375417355A7C5052B2DE38805B563D61D0E483DB4AD96BD741 ] bttflt          C:\Windows\system32\drivers\bttflt.sys
20:43:47.0975 0x19a4  bttflt - ok
20:43:47.0991 0x19a4  [ EF2A1F3C5EC4EFFFBE9A69B892FBA29C, 16A900FBAB30D008F01F4CAE96347BF313D9D13C7FE430249A0BF4322534CB18 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
20:43:48.0006 0x19a4  buttonconverter - ok
20:43:48.0006 0x19a4  [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD             C:\Windows\System32\drivers\CAD.sys
20:43:48.0037 0x19a4  CAD - ok
20:43:48.0084 0x19a4  [ 6BFF62BA360EAF372BE4E3C2B2BE8806, 267265782A252C2F87EE0DF5FA71EEE2EE61A271E58DF98F520478220051ABF0 ] camsvc          C:\Windows\system32\CapabilityAccessManager.dll
20:43:48.0116 0x19a4  camsvc - ok
20:43:48.0147 0x19a4  [ 2105AA8FE3EFA084BCDB3D4541FCF3C2, 0ADE641090361B6B67EFC7F1771312173BCDD293C3E54132378768CBE46A9A60 ] CaptureService  C:\Windows\System32\CaptureService.dll
20:43:48.0178 0x19a4  CaptureService - ok
20:43:48.0256 0x19a4  [ 8FA9D78ED249291F43EE74B0A2B6D1EA, 0FD22505CBF690E9BC735B87422D6F9E5EBB3F6290900AB903CCDAAB5A947D8D ] cbdhsvc         C:\Windows\System32\cbdhsvc.dll
20:43:48.0319 0x19a4  cbdhsvc - ok
20:43:48.0381 0x19a4  [ 764FE2149251A246F6B047A0F09F5F0B, 9E0B3102BE75FB571A884D8CDD79F3A104DD63A53C8A6815C0992232A888321E ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:43:48.0397 0x19a4  cdfs - ok
20:43:48.0444 0x19a4  [ 816639F929BF3E6565B2EF2F648CAFB2, CC875B573C91E4AD428112DE6A106C231D3B67B16588DC5A5E83FCEC4092BECE ] CDPSvc          C:\Windows\System32\CDPSvc.dll
20:43:48.0491 0x19a4  CDPSvc - ok
20:43:48.0522 0x19a4  [ 138FFFAB8437B62B47E41B293E029B39, 7FE5A05E7FB284C14F7746E1444C0080C62FF41B9E2A06D01879A11A39AE7FF2 ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
20:43:48.0584 0x19a4  CDPUserSvc - ok
20:43:48.0631 0x19a4  [ 26255C953A69CCD32EF4491411737904, 1DA759586E92BD5987AA28B697401D76BABECABBF214D08D71C27FCDBF5ADBA1 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:43:48.0662 0x19a4  cdrom - ok
20:43:48.0709 0x19a4  [ DD2EC7B5912830CB181F101FD8025259, 1B5E3D24CBD58014433258AB8168C96B67B9812D5CD0ECAB3F877E2E02AEDA7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:43:48.0741 0x19a4  CertPropSvc - ok
20:43:48.0772 0x19a4  [ 198D403332FB8F2DA289BEBFEC8199AD, 5A7FD2D58C433B9B498A1B37A2F2D877061215360D8E6A752601F2ED4F283A8F ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
20:43:48.0819 0x19a4  cht4iscsi - ok
20:43:48.0881 0x19a4  [ 77065056FBE4E29054CB1D20303B9F59, 83E2C81274DDBE695EF845E541F7A2DB60EF5E195AE14FACDEEEBD30C0EF4E67 ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
20:43:48.0975 0x19a4  cht4vbd - ok
20:43:49.0006 0x19a4  [ 50D960D26425BB435B2DF67CBC14E084, 9F9C129F4BA9B71B2213BB97991C45273A1A76C83340EA37B6ED81E3972E7B6A ] CimFS           C:\Windows\system32\drivers\CimFS.sys
20:43:49.0037 0x19a4  CimFS - ok
20:43:49.0053 0x19a4  [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass        C:\Windows\System32\drivers\circlass.sys
20:43:49.0084 0x19a4  circlass - ok
20:43:49.0131 0x19a4  [ DF80BD76E307ABDFF6688408864B681C, 9B66F655C70BFA6ABC763653D634677A6B5FE61C2E935C533DA4B6354D297DBA ] CldFlt          C:\Windows\system32\drivers\cldflt.sys
20:43:49.0178 0x19a4  CldFlt - ok
20:43:49.0194 0x19a4  [ 5E541D37F070CBBE9A6D5296BCFEA2BE, C89AD0019EF3EE2EBD9C242A54E49D446BFE7F2BFCD15718A5E09D9776E0A562 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:43:49.0225 0x19a4  CLFS - ok
20:43:49.0303 0x19a4  [ B792EDA312291B2F6BA1475C19BE66CF, 92DE718E7B9D54200416CBA2ABAC2532537E88EF0D4C1C59DD6CC120A8E81C7D ] ClipSVC         C:\Windows\System32\ClipSVC.dll
20:43:49.0366 0x19a4  ClipSVC - ok
20:43:49.0397 0x19a4  [ E127E772A705CD32BE34166F679C61C8, 209723632369404308EF6DF734077A99A295C2E380DB85AD1F8498CC8DFBC88A ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:43:49.0412 0x19a4  CmBatt - ok
20:43:49.0459 0x19a4  [ 7319C802C90A3B8D6A38035800EFFF8B, 4A03AFBF6F9A81FBFF61D2AC0058EBBA6397DBEA9AF585048026210B211DDB1E ] CNG             C:\Windows\system32\Drivers\cng.sys
20:43:49.0506 0x19a4  CNG - ok
20:43:49.0537 0x19a4  [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
20:43:49.0553 0x19a4  cnghwassist - ok
20:43:49.0600 0x19a4  [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
20:43:49.0616 0x19a4  CompositeBus - ok
20:43:49.0631 0x19a4  COMSysApp - ok
20:43:49.0647 0x19a4  [ 57B0E791DACAD9D9524248CF240EC5F2, 2530BA7E4E7D92A3E03EFD5A50A787993A73B170619E2E4B1B37655914CD46C1 ] condrv          C:\Windows\system32\drivers\condrv.sys
20:43:49.0662 0x19a4  condrv - ok
20:43:49.0709 0x19a4  [ 777D606906DC4273B75D64EBFE456EF7, 38341ED0CC47B41ACF7ACDC2A345B29847A4FB48E38ACEAB1BCF89D12E6ED8AA ] ConsentUxUserSvc C:\Windows\System32\ConsentUxClient.dll
20:43:49.0741 0x19a4  ConsentUxUserSvc - ok
20:43:49.0819 0x19a4  [ 0C943AD6840A4C7B3572B7C84BF5FA1F, 0DDD0B0920A1175C1558CF3315E526F98C84A5699E96BDB7A8D4EA997A47C217 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
20:43:49.0866 0x19a4  CoreMessagingRegistrar - ok
20:43:49.0897 0x19a4  [ 54798227D5409CB924DFD28EB740A1D4, F3896F6F5F51061AC47687AF886D3E8170CEF75D221FA2E4FAC2368DF51990DE ] CredentialEnrollmentManagerUserSvc C:\Windows\system32\CredentialEnrollmentManager.exe
20:43:49.0928 0x19a4  CredentialEnrollmentManagerUserSvc - ok
20:43:49.0944 0x19a4  [ 54798227D5409CB924DFD28EB740A1D4, F3896F6F5F51061AC47687AF886D3E8170CEF75D221FA2E4FAC2368DF51990DE ] CredentialEnrollmentManagerUserSvc_3a9bd C:\Windows\system32\CredentialEnrollmentManager.exe
20:43:49.0975 0x19a4  CredentialEnrollmentManagerUserSvc_3a9bd - ok
20:43:49.0991 0x19a4  [ 8AB3568419872D1A8A7B45153AF7B3D4, 5171ED876E0EC5CAE2BE9161ACC90F4865FF6416EFA376C82D8A5B65724A8910 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:43:50.0022 0x19a4  CryptSvc - ok
20:43:50.0053 0x19a4  [ 599F93E8365B3B21E18AA344DFBB82BA, A318D76EEE00393A3034C1AD5A045CDCFEA79DABF87D608A2D34654C4F148809 ] CSC             C:\Windows\system32\drivers\csc.sys
20:43:50.0116 0x19a4  CSC - ok
20:43:50.0178 0x19a4  [ 72E0D6777530626CACCA6D52A12EBFA9, 276033C2F83DCBE4AFAFA148099D40CF00891518C892885581E22C60B71E4D8F ] CscService      C:\Windows\System32\cscsvc.dll
20:43:50.0225 0x19a4  CscService - ok
20:43:50.0256 0x19a4  [ 612AB1277F4E89410BF1C8BE10EA1BDB, FD2CB85CDA0212C2015B1AAFEB880A4CDD4372FA843CF70C47D42984E33688B1 ] dam             C:\Windows\system32\drivers\dam.sys
20:43:50.0272 0x19a4  dam - ok
20:43:50.0366 0x19a4  [ D0C11ABFD6C7E4C58CED7B12953565E8, 2CBB149227419D4C9718A8528E914148A7F5BABD9DE3ADDA218DF9D25F0A4E11 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:43:50.0428 0x19a4  DcomLaunch - ok
20:43:50.0491 0x19a4  [ 061C67EDA879F71700F0F7C02FE36528, F2D3F16BC2E462BB538916EEA2DC997EE8ED85B0DF8A6C2FCDB6A01F8B3DBEA7 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:43:50.0537 0x19a4  defragsvc - ok
20:43:50.0553 0x19a4  [ 1A2E1A2858E6B37CC446B57E7E750B54, 52C797F763337A041157C25BAF96DCA2EBFA0115DBA39381B8029914BDBA598D ] DeviceAssociationBrokerSvc C:\Windows\System32\deviceaccess.dll
20:43:50.0584 0x19a4  DeviceAssociationBrokerSvc - ok
20:43:50.0631 0x19a4  [ 6D4E5D4E061EB6BC031FD59876C14F97, 9AE7087F93CDA1E4F739AAE37A0B3FA6D962B3E5BFE327C1D299E38E4A1BBC0B ] DeviceAssociationService C:\Windows\system32\das.dll
20:43:50.0678 0x19a4  DeviceAssociationService - ok
20:43:50.0709 0x19a4  [ C0DE6E29F7E1B79F70D68988A8711BEE, 5FF829925CCA1584DA97FCF24E6EA87485E33267C1FC5483B224856F98C7C96E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:43:50.0741 0x19a4  DeviceInstall - ok
20:43:50.0787 0x19a4  [ 5AAA176E71C78D06292ED071CE52A9B0, 35814F724A2AD9B60E07BB219AB7E6EE0985DCB2E2D56D1F3528B499132A27C8 ] DevicePickerUserSvc C:\Windows\System32\Windows.Devices.Picker.dll
20:43:50.0834 0x19a4  DevicePickerUserSvc - ok
20:43:50.0897 0x19a4  [ 59159BC40F5678E6D623A76C803EFF67, A8AA8F26B7517B0CC497D67C660E839BE9B3D8E4BC289099BB5D6EA2B684BF61 ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
20:43:50.0959 0x19a4  DevicesFlowUserSvc - ok
20:43:50.0975 0x19a4  [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
20:43:51.0006 0x19a4  DevQueryBroker - ok
20:43:51.0037 0x19a4  [ E958B2741A04DD6442F8AD0FE543D473, E26E8040A808042A0B1853D73B91081F43417979EF771E5B2ABFEE2D96B5C398 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:43:51.0069 0x19a4  Dfsc - ok
20:43:51.0116 0x19a4  [ 8AC7ACB73C07E9AEAE67CF340B2E465B, 27249AD224AE3017638E3F39411B7F2DD200F65F18484CD234D819E913AA25EF ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:43:51.0162 0x19a4  Dhcp - ok
20:43:51.0241 0x19a4  [ 917CC8AD990789A111B73284B33EAAF6, 468BA4278B1A99387A91B2652AA0FAC39784AB0460E52B2BD885F74B79A6E5A4 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:43:51.0256 0x19a4  diagnosticshub.standardcollector.service - ok
20:43:51.0303 0x19a4  [ 37BE5A95A334395E23BB0D82EE9BA778, D90E3A4C2F94F41C25B20D26C22C966A8B23AE9EFF0A2DC3192D08FAC9B8F865 ] diagsvc         C:\Windows\system32\DiagSvc.dll
20:43:51.0350 0x19a4  diagsvc - ok
20:43:51.0475 0x19a4  [ 4AA1ECE19A10114A05978D5CF01A7EC4, 6DEB1186181FCCA1A586447C98AC26FA4388F8C8883D5EA916E2236979DD8960 ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:43:51.0694 0x19a4  DiagTrack - ok
20:43:51.0725 0x19a4  [ C18DA33428A9A2B9D25324CEF58D8D7D, 77D90E76672653BAEE01278C276F5C9264B66BEDDBA9BCE130D8EB20A2F613A0 ] disk            C:\Windows\system32\drivers\disk.sys
20:43:51.0741 0x19a4  disk - ok
20:43:51.0787 0x19a4  [ 9D35D953F5461CA527840C8DD305B436, EE9E020213F16429935F9D40DAA49593CC02D5915C55729B47D6E5C889BAA8B8 ] DispBrokerDesktopSvc C:\Windows\System32\DispBroker.Desktop.dll
20:43:51.0834 0x19a4  DispBrokerDesktopSvc - ok
20:43:51.0897 0x19a4  [ 97031586FD68533A07640D7A36444D0F, 76750CC663E76D2242C0F18B67CF25E4D5D43CD4033AB7ED4C50CC612B4D5E13 ] DisplayEnhancementService C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
20:43:51.0975 0x19a4  DisplayEnhancementService - ok
20:43:52.0053 0x19a4  [ CD4D9B387CC6DDD48E283B196BB9505E, 2C35FD3FCEB2AB700FBE056B92CC2812275071FEBD93ED9FE43DB712FBDF819F ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
20:43:52.0116 0x19a4  DmEnrollmentSvc - ok
20:43:52.0131 0x19a4  [ 48AA813AAA7E347CD7D6D56FE32144C6, 6604DC0E7607E46B83F1239934646AC4ADF5CA4CC463FB9DF521B243F434579B ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:43:52.0147 0x19a4  dmvsc - ok
20:43:52.0194 0x19a4  [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
20:43:52.0209 0x19a4  dmwappushservice - ok
20:43:52.0241 0x19a4  [ E2AAE236E98A976085E79A898C252F60, 8E275BF3E43D9837161CD2C8CA31C3ACF7D2DF0354C89A39D0880E3EE583BDAE ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:43:52.0287 0x19a4  Dnscache - ok

Nina_Tusabe · 11 Marzo, 2021 23:55

part 2

20:43:52.0334 0x19a4  [ 40DCC1A8BDF620B0D3ED855D3903D5DA, 5A6E3B90347391C6447EAC2289D1F8C69C94492CD97FEEF8FDF74112C73E5D9C ] dot3svc         C:\Windows\System32\dot3svc.dll
20:43:52.0366 0x19a4  dot3svc - ok
20:43:52.0381 0x19a4  [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS             C:\Windows\system32\dps.dll
20:43:52.0412 0x19a4  DPS - ok
20:43:52.0444 0x19a4  [ E151B82A8EDDE5FF2D746E9D53661FE7, D886707894A46B10AA949D51632EA277355084C3DA4A4601744A1FBF5BD23990 ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
20:43:52.0459 0x19a4  drmkaud - ok
20:43:52.0491 0x19a4  [ E52555360B5D484B638E5F0A447A98E4, 82D55CA3AFCA0C84381F5A71A53D25EE7F66BCF72892876046F3CBE29CDB0DAD ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:43:52.0522 0x19a4  DsmSvc - ok
20:43:52.0569 0x19a4  [ 4B903583999E571ED2B3B1CB6D694605, 30B4DD37228E0FE50C200F511505C09D3FD5B3395E5AE49931E752463424C302 ] DsSvc           C:\Windows\System32\DsSvc.dll
20:43:52.0600 0x19a4  DsSvc - ok
20:43:52.0616 0x19a4  [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc         C:\Windows\System32\dusmsvc.dll
20:43:52.0647 0x19a4  DusmSvc - ok
20:43:52.0787 0x19a4  [ F4897E169E24C21B8051DAD16C881545, DFA1D636FA24A248075B16E921911F3E58AD91838EFA8CC5E8DA42C1B4530F99 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:43:52.0959 0x19a4  DXGKrnl - ok
20:43:53.0053 0x19a4  [ A056A53FBE98EDC934008DB28D3184B4, 1872134ADE262953128BF8FC07E41A5BE9AEBB58BD859D152991C1EACB9ADB41 ] e1express       C:\Windows\System32\drivers\e1e6032e.sys
20:43:53.0084 0x19a4  e1express - ok
20:43:53.0131 0x19a4  [ AF7B5676A104F8A7D87DDA84DDFD5240, C89BE2506C647924E94FA2F44AA4AF9EAA2F794FA444C8854FEA5B3F563AC185 ] Eaphost         C:\Windows\System32\eapsvc.dll
20:43:53.0147 0x19a4  Eaphost - ok
20:43:53.0287 0x19a4  [ E7B7E38AD720352CFE9A5FF3A82AB124, 48D9F61E943A7855562950FF26B866BD51A27D980757B065504FCD3F1A1D6F07 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:43:53.0439 0x19a4  ebdrv - ok
20:43:53.0546 0x19a4  [ B55AD19C6C110E9BF985BC8674F7BCB3, 9991BA022173F283EE99068B708F60AC5143FE0C81C9E3673CC7835B108A4F44 ] edgeupdate      C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
20:43:53.0571 0x19a4  edgeupdate - ok
20:43:53.0588 0x19a4  [ B55AD19C6C110E9BF985BC8674F7BCB3, 9991BA022173F283EE99068B708F60AC5143FE0C81C9E3673CC7835B108A4F44 ] edgeupdatem     C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
20:43:53.0609 0x19a4  edgeupdatem - ok
20:43:53.0642 0x19a4  [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] EFS             C:\Windows\System32\lsass.exe
20:43:53.0662 0x19a4  EFS - ok
20:43:53.0682 0x19a4  [ 43114B6F1C928B6B9518B2946AF8B056, 6C8359F008A28153906D3E2876B1356EBCFA1942F6C9CF49EE6C568FF6050203 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:43:53.0702 0x19a4  EhStorClass - ok
20:43:53.0725 0x19a4  [ 9F04CF369B93A78B2E56A3DF9B41F25F, 514A0687D2ABE6C52D6BFF8F0F5E47DD77EBEEDC4E6C6539B05BD0EC27B6704D ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:43:53.0747 0x19a4  EhStorTcgDrv - ok
20:43:53.0783 0x19a4  [ BEC04CC76D692C2604ED8A6F96CFCFA5, 20494DD87A81BECB1F5EF30E3661B058C1E9BDBDE256B2E0E3E997EFC0BFE2EA ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
20:43:53.0813 0x19a4  embeddedmode - ok
20:43:53.0858 0x19a4  [ C6E1E2B2ED1C962E82239DFCD81999F7, 8195CD7C18A1840FBDAA7DEA9F6D71B2FAC0C04D5933BC249F6BD14F6372C20C ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
20:43:53.0905 0x19a4  EntAppSvc - ok
20:43:53.0922 0x19a4  [ E87F3FA1F9133DEEC1B3692976487777, BF14DB2762B48ACE54977E98DC2A4060B8B1122B58FDEFBB4C84546ABEB410A5 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:43:53.0944 0x19a4  ErrDev - ok
20:43:54.0028 0x19a4  [ E01F46001B2EB16FB51E4E518BC1FABC, BCD010D1040BC1F3024EB4B75113C7BB683EEE3B9B7A9B45769356A82C5E2130 ] EventLog        C:\Windows\System32\wevtsvc.dll
20:43:54.0148 0x19a4  EventLog - ok
20:43:54.0217 0x19a4  [ 0760BA6539B9ED22A77D2366E8E4C5FE, B8F3E0026D2DC9F473C261209D618338CE5773DE201734BCC4609DD55BECBF21 ] EventSystem     C:\Windows\system32\es.dll
20:43:54.0252 0x19a4  EventSystem - ok
20:43:54.0302 0x19a4  [ 85B2C8DF0153F0F88BB48C9DBBA63C0B, B4C370E6A917F46EF6562091A6113E9D602A2F1B855E02690FB3359AF7B229D6 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:43:54.0322 0x19a4  exfat - ok
20:43:54.0354 0x19a4  [ 389281C466E8EAD101BF8E2CE50CD115, E7A8A4940B7015C026B2CEE1508D359EB9F2DD1D160C34C9BBD77FD11941C170 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:43:54.0385 0x19a4  fastfat - ok
20:43:54.0447 0x19a4  [ 448D27130A927F933E9B283A165300A3, D70CB3598AF18E75DB858ACCB6D3E7B4D6F6D8F68E50673BF28A45CEA1658701 ] Fax             C:\Windows\system32\fxssvc.exe
20:43:54.0510 0x19a4  Fax - ok
20:43:54.0541 0x19a4  [ F567A0C101AECF4548E0BF61EE25D332, 26BC9C2F1D42CE5BEF55E98DC0DA557F09B747186580C796003CF84229F6D151 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:43:54.0557 0x19a4  fdc - ok
20:43:54.0572 0x19a4  [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:43:54.0604 0x19a4  fdPHost - ok
20:43:54.0619 0x19a4  [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub        C:\Windows\system32\fdrespub.dll
20:43:54.0650 0x19a4  FDResPub - ok
20:43:54.0666 0x19a4  [ C014F0E25B87168982845EA57E3F2658, 58CCDAFB43C0301C4BE521CD4DA5570488090251FD30F8C999D75408E1DE0EA2 ] fhsvc           C:\Windows\system32\fhsvc.dll
20:43:54.0682 0x19a4  fhsvc - ok
20:43:54.0713 0x19a4  [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
20:43:54.0729 0x19a4  FileCrypt - ok
20:43:54.0744 0x19a4  [ EE7605E60374CBD2DDAAA120FA2E458A, 832BF32B9EFA04FBDD9638D00B209DFC88C4C69E0AEC7FF1B5AD4DDEC0F20878 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:43:54.0775 0x19a4  FileInfo - ok
20:43:54.0807 0x19a4  [ C7F6F4B73E410087C6DE5658AAD70232, 42C56B93FF52CAC5B74CE0A16D9D4425E8B3E690B3BD76A5A3C657655B62A34A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:43:54.0822 0x19a4  Filetrace - ok
20:43:54.0854 0x19a4  [ C867FE1865F45469DD96957900073361, 1534A840C56912D34DEC8F487683C0A782070A89726BF87DFAAF7F953A18A1DA ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:43:54.0869 0x19a4  flpydisk - ok
20:43:54.0900 0x19a4  [ 823F66F291F30493AD4120CDD7D377C5, 6390C3D54E955C42E73B74B1FDFB7BA45965DCBA273B34EDADAC265ADCDD9731 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:43:54.0932 0x19a4  FltMgr - ok
20:43:55.0010 0x19a4  [ CD96F44F2D09172B6F454737B90BAEE0, 1E4667509FBAB1D1BB6DA7D248736A234F11FFA151AEEFB09D20020DFAB69F53 ] FontCache       C:\Windows\system32\FntCache.dll
20:43:55.0088 0x19a4  FontCache - ok
20:43:55.0150 0x19a4  [ 9B148471AAD036A3ABE3A50562877100, A7292A5E55A15090E1B61CD4A505F3195E71D4F65B41BD24F78801CF1AD3E333 ] FrameServer     C:\Windows\system32\FrameServer.dll
20:43:55.0229 0x19a4  FrameServer - ok
20:43:55.0244 0x19a4  [ 426D997C91380977448617307BD67078, 3A0269C7E178CDF17ECCCDC49FC3AFD7665B3E45185C4D7F3B88D37FD1802DDA ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:43:55.0260 0x19a4  FsDepends - ok
20:43:55.0291 0x19a4  [ A3631ADDD926826110A436D6A04B31CA, 2073327E5C1E542EA2740CA0D43204940EB72652619B5209A2E4A4A0FB18D20A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:43:55.0307 0x19a4  Fs_Rec - ok
20:43:55.0354 0x19a4  [ 777E2ED2F090C0094988B8E24858EE84, 11E40F4B659081C2B9544C27DE67A20A18BA163FBD0955E877250EC442A87B85 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:43:55.0400 0x19a4  fvevol - ok
20:43:55.0447 0x19a4  [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:43:55.0463 0x19a4  gencounter - ok
20:43:55.0510 0x19a4  [ DF2344160D1E58AB5E1DDB174D46853D, B263D352479812A4DEB6BB8AF573150491EA9F5D55DCD00185AF6759FF2601F6 ] genericusbfn    C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys
20:43:55.0525 0x19a4  genericusbfn - ok
20:43:55.0682 0x19a4  [ 592A2555356C0ADAC99F38A9E732616C, 807DEE535E9A89788BA0557C4F92E5FEC36A23AE69B8539C1B7E9D0267823C1E ] GoogleChromeElevationService C:\Program Files\Google\Chrome\Application\89.0.4389.82\elevation_service.exe
20:43:55.0791 0x19a4  GoogleChromeElevationService - ok
20:43:55.0838 0x19a4  [ E0C0B02E56EE1E639CA3928F55D59D59, 1019FF6F1B423CBF1512F15EA72536F93D0380B052D5C679313F5FFF8BB0A4DF ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:43:55.0854 0x19a4  GPIOClx0101 - ok
20:43:55.0963 0x19a4  [ AA2F1776E1FEC6D98EC51133089D3B5E, 100277CCD289889073152205574586EE1F81F04149F4F961B720A2F9FEF59B56 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:43:56.0057 0x19a4  gpsvc - ok
20:43:56.0088 0x19a4  [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
20:43:56.0104 0x19a4  GpuEnergyDrv - ok
20:43:56.0150 0x19a4  [ A9C3C3762927473519B9F3C9847E2497, B2B5A4C7512865975BFCEE50B7CDE206D719AC5094C02E750AB436211191D12E ] GraphicsPerfSvc C:\Windows\System32\GraphicsPerfSvc.dll
20:43:56.0166 0x19a4  GraphicsPerfSvc - ok
20:43:56.0275 0x19a4  [ 59EA38ACBCA05610BFEE326DA3F2D96B, CB7F48F36C649BDB12FD09D8FCB60D99EFBFF44729515FA3CC77F4CDB18D99B7 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:43:56.0291 0x19a4  gupdate - ok
20:43:56.0307 0x19a4  [ 59EA38ACBCA05610BFEE326DA3F2D96B, CB7F48F36C649BDB12FD09D8FCB60D99EFBFF44729515FA3CC77F4CDB18D99B7 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:43:56.0322 0x19a4  gupdatem - ok
20:43:56.0369 0x19a4  [ 6A3D89AC2F01A375CC6F12FEC588EFC9, 3BAB7BEB30ED64634587B6EBE625FB78A8C58058AED4151FF83231E0D5CBEFDE ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
20:43:56.0400 0x19a4  HdAudAddService - ok
20:43:56.0432 0x19a4  [ 4BFD517F80F247590AB6C03E3FF55E1A, A73E21AE0EEF6C49D91524B3CF118148809662D7346E6AA335CEAD12164DF073 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:43:56.0463 0x19a4  HDAudBus - ok
20:43:56.0463 0x19a4  [ 05FC1B768ACB2D5CADDCA2F2E89F579C, D773640F980BF832D74FBB5E19FC1FFC06F9401C10698C0C26CFB7C067F3DB73 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:43:56.0494 0x19a4  HidBatt - ok
20:43:56.0525 0x19a4  [ BAA82FAEFCCA50270C6F38D4108403A3, 7704F6F7716D9DF1C3CD81A228B361574A5783DC89A8DFE9B27318EBE3131345 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:43:56.0541 0x19a4  HidBth - ok
20:43:56.0588 0x19a4  [ 1E129E905072A79282D6CC929284DFE5, C161D2122638690CE4DA546CE8827B4BBD96747A4A7D799A776FEC5BC57D1582 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:43:56.0604 0x19a4  hidi2c - ok
20:43:56.0619 0x19a4  [ 1E9F3C9B201614CF4816C5D5B6C570D8, 60CF06F1668FFFB870E76D8231A090AB3AD7EA44F1F45A36FC28814CC845B94D ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
20:43:56.0650 0x19a4  hidinterrupt - ok
20:43:56.0666 0x19a4  [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:43:56.0682 0x19a4  HidIr - ok
20:43:56.0713 0x19a4  [ 2A41AF60430E686985E9101C07A77B80, 2B6EC0692A09E5943C5BBA0E3AEFC746E96412E1836C84B1857B4DCF242DD28B ] hidserv         C:\Windows\system32\hidserv.dll
20:43:56.0744 0x19a4  hidserv - ok
20:43:56.0775 0x19a4  [ 8E8C163D599B0F075841893DB1CAFB4B, EBE1B4498E2214AFD03B6FD8BEF52E07017A45BC7AB1501BA4BEC563C2F16F0D ] hidspi          C:\Windows\System32\drivers\hidspi.sys
20:43:56.0807 0x19a4  hidspi - ok
20:43:56.0822 0x19a4  [ C46EE01CE7FE9FE25D83589BD9B62C1F, 10FF1288C40916110BC95112BEF8A42124486ACD0624F92D2A96A960E10905DF ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:43:56.0838 0x19a4  HidUsb - ok
20:43:56.0869 0x19a4  [ 530C0E730B5E6BA332FB4AC98F760789, 0ADE20523619D5705B941591DF0C19D6B0030F96FECEBBC7A4ADEF963A476383 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:43:56.0885 0x19a4  HpSAMD - ok
20:43:56.0963 0x19a4  [ BDBE8ACA653E1033A4355F52BE9301D8, 789244D3DA3B91CA705F335E7EC6231B9A458485BD831B13E89821864B3ECEC7 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:43:57.0041 0x19a4  HTTP - ok
20:43:57.0057 0x19a4  [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash         C:\Windows\System32\drivers\hvcrash.sys
20:43:57.0072 0x19a4  hvcrash - ok
20:43:57.0119 0x19a4  [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost          C:\Windows\System32\hvhostsvc.dll
20:43:57.0135 0x19a4  HvHost - ok
20:43:57.0182 0x19a4  [ A34A75D2254FBACB0C1E4C9D4095EB0C, C9D3CC8697B1D14949EADA85282A8121DDDCABEDA64BC633A09E3179A81F9EAB ] hvservice       C:\Windows\system32\drivers\hvservice.sys
20:43:57.0197 0x19a4  hvservice - ok
20:43:57.0244 0x19a4  [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101      C:\Windows\system32\Drivers\mshwnclx.sys
20:43:57.0260 0x19a4  HwNClx0101 - ok
20:43:57.0275 0x19a4  [ D734926DC33F9D7E306F8B3BF68EAC57, F1CCE47AEC0E653CA6DC04C21CBC78EC6C6D74D4BF329D50BE9A7497ADD1FB3F ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:43:57.0291 0x19a4  hwpolicy - ok
20:43:57.0322 0x19a4  [ 22362F7C8B7B1456DDF019BFB0523C26, 3DCA435A621FC3CD786E02D013B363ADA9399839E0A31F2969E094F69AD3A183 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:43:57.0338 0x19a4  hyperkbd - ok
20:43:57.0354 0x19a4  [ BE7559280E3327E9B35E843414957438, 157D5626090149A2F71BB483C57CB20259B98C61C35185AA7C6FCD533ABE7D90 ] HyperVideo      C:\Windows\System32\drivers\HyperVideo.sys
20:43:57.0369 0x19a4  HyperVideo - ok
20:43:57.0416 0x19a4  [ E4B36C6EAAAB703CBFECB92EE590FB31, E1887A4E678BBA7226E7EBE5B49EC821C2F23642D321A9E1513F7477E4B9340D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:43:57.0432 0x19a4  i8042prt - ok
20:43:57.0463 0x19a4  [ 9E5AECAB5F05218D9AC923E7CEA1CE15, FAAA46F22944E043A90AE6E9F0F86AF187FC2819C563DA375B2A409347BB2C35 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
20:43:57.0479 0x19a4  iagpio - ok
20:43:57.0494 0x19a4  [ 48EDB9B5DAB7D294951A520330F13715, 9296A14590DFD94A3C728CAF3CA91BA211F27974F9CFF8417CDDC00D1453315C ] iai2c           C:\Windows\System32\drivers\iai2c.sys
20:43:57.0510 0x19a4  iai2c - ok
20:43:57.0541 0x19a4  [ 6C3EDE394C71D5A67A504F55E35B6F47, 6FF5D13EF69E8FBCB4772C7B5C4D5770C78E0B29F9164FA1611EFDE91CE876BE ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
20:43:57.0557 0x19a4  iaLPSS2i_GPIO2 - ok
20:43:57.0557 0x19a4  [ 806D14CEAF25E5F2DFCBA8E7E33B86BB, 2141DE558461B592D4111A0388D1AAC8062FA72CD1E2A2D2D68279A9633288E9 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
20:43:57.0588 0x19a4  iaLPSS2i_GPIO2_BXT_P - ok
20:43:57.0604 0x19a4  [ 87DDDAE1693484BD0A210C877BDA00C2, E353D90D0B79A70F976FD5EA1CB7E25A97835E25116962EA035424715B2F43FE ] iaLPSS2i_GPIO2_CNL C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys
20:43:57.0635 0x19a4  iaLPSS2i_GPIO2_CNL - ok
20:43:57.0635 0x19a4  [ 8D3E3C431367E3BA632B4396CA662E1A, 71FDC25244298D62A335769D6ED43394C33FBD8DB05AA54CA924A2977F37858F ] iaLPSS2i_GPIO2_GLK C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys
20:43:57.0666 0x19a4  iaLPSS2i_GPIO2_GLK - ok
20:43:57.0682 0x19a4  [ 149F1260537C4F68C3F67C363B62F3C5, 3F1F9EC7571D0F82D3F5BBA298965491260708F05EBAAA2CC23483521A5FF079 ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
20:43:57.0713 0x19a4  iaLPSS2i_I2C - ok
20:43:57.0729 0x19a4  [ 3E641E905A6DBF29CBA1E72BBE349808, BF354297A55713D9E2DD4044D42810C007733EE54D5A80D58B96DD279D92C716 ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
20:43:57.0760 0x19a4  iaLPSS2i_I2C_BXT_P - ok
20:43:57.0760 0x19a4  [ 897478D8FACEAE8681F6F3502201EC68, F105EDD16E38F5C0044CC7139E4084A04B0AE3212171A1C7F6FE759F3F5F77FC ] iaLPSS2i_I2C_CNL C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys
20:43:57.0791 0x19a4  iaLPSS2i_I2C_CNL - ok
20:43:57.0807 0x19a4  [ 2ED3B41C7CB4101ACB15D84D8AB5AA9D, A92487129B81376471C842B9932FF3A7B3ABBBB89797978E3FDEAF71A6FD5E3F ] iaLPSS2i_I2C_GLK C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys
20:43:57.0838 0x19a4  iaLPSS2i_I2C_GLK - ok
20:43:57.0854 0x19a4  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:43:57.0869 0x19a4  iaLPSSi_GPIO - ok
20:43:57.0885 0x19a4  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:43:57.0916 0x19a4  iaLPSSi_I2C - ok
20:43:57.0979 0x19a4  [ E2E64636CD6A6902BD81AC3B90089484, 7274F33E5EED8AF739FFCC80B9A62CDF12553EBD2724E2F8E93FD67376CC6E84 ] iaStorAVC       C:\Windows\system32\drivers\iaStorAVC.sys
20:43:58.0041 0x19a4  iaStorAVC - ok
20:43:58.0057 0x19a4  [ 215525477CBDCD07A82AC518BAE3DEC3, 30BEE94794953E2DBF0FC5AFCE0566F335AF022E89819DE145329E7C09C636BD ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:43:58.0104 0x19a4  iaStorV - ok
20:43:58.0135 0x19a4  [ 329F2FEC47FD8754FC44A8F3F283C915, 0F3E4F33B019B278B6657B4ECEC25D04B128578622539FF5855330BDB6537545 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
20:43:58.0182 0x19a4  ibbus - ok
20:43:58.0229 0x19a4  [ 6492D9E9184000757FD6CD00057F015D, 05419059C42B53EBEC5D30361985B25CBD8E311F6301AC9627235C6EB6B1D34C ] icssvc          C:\Windows\System32\tetheringservice.dll
20:43:58.0260 0x19a4  icssvc - ok
20:43:58.0494 0x19a4  [ 76D3AB8191A700A8E0A9B14E0C637D24, 83A0ECC47EBE8B113AD9A649ED4C7CDB047F1E950A37BA7E19BE9612C3B149C8 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:43:58.0791 0x19a4  igfx - ok
20:43:58.0869 0x19a4  [ 78DB7052375B1BB60996BCC2E6F13025, A001CC1D4DE19C7698A34907E6389479F3D849273EB16BEA2F194905EE6DE85C ] IKEEXT          C:\Windows\System32\ikeext.dll
20:43:58.0963 0x19a4  IKEEXT - ok
20:43:58.0979 0x19a4  [ 9B943585EF2A4917E1BC2186045E4B64, 2F4FE50C3ABB7A37E0ADB4429F18B8067EDE0608BC4539BAC626C2C6D75844B7 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
20:43:59.0010 0x19a4  IndirectKmd - ok
20:43:59.0088 0x19a4  [ 65AD51E9B91A1374F86A07B51DE0DC84, 902864EFF60001CEDBE01E653F10608BF6881452BA539B207AE4DD3F1B19A426 ] InstallService  C:\Windows\system32\InstallService.dll
20:43:59.0182 0x19a4  InstallService - ok
20:43:59.0213 0x19a4  [ 3B8E0DB1C40727BFEABF28D3C41571F4, 95B427C87DDA6986822DF87A6F4B6D26C2B99B3210451DD359155231A4B69F5F ] intelide        C:\Windows\system32\drivers\intelide.sys
20:43:59.0229 0x19a4  intelide - ok
20:43:59.0275 0x19a4  [ 604CB74FAC188DC08584D9F04B2AC2AE, 83E4AEAACB1E596AA47283AC4D7C8D964173548A7D928D81E1AC7D9CF23CCC7C ] intelpep        C:\Windows\system32\drivers\intelpep.sys
20:43:59.0322 0x19a4  intelpep - ok
20:43:59.0338 0x19a4  [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax       C:\Windows\System32\drivers\intelpmax.sys
20:43:59.0354 0x19a4  intelpmax - ok
20:43:59.0385 0x19a4  [ CDB9CAF7DDFF9B44D568D2CF42C32243, 4827A84CDF5276A12DD1EC09596C29CE9A2A931313CAADEABE2232A0F470CEC0 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:43:59.0416 0x19a4  intelppm - ok
20:43:59.0432 0x19a4  [ D22A1D8ADEE382386F4B5BE950F870A7, 56A4C885DF07EF3DB14A2ECDE09B4B2ABAAA774600880C8F7382F3089A5071D2 ] iorate          C:\Windows\system32\drivers\iorate.sys
20:43:59.0447 0x19a4  iorate - ok
20:43:59.0463 0x19a4  [ BC54C689313865E84657FAC9D5A2D255, 65BEDDAF252AC56781E01A36E92329F23D8FA4F2D1CC145A0A89F48D2BD1B350 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:43:59.0494 0x19a4  IpFilterDriver - ok
20:43:59.0557 0x19a4  [ C669B5F35FC37F7B083A278577D08874, 253E2535D737868F5B797781591966A3BADEF78341C534E337B196C1F22505C1 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:43:59.0619 0x19a4  iphlpsvc - ok
20:43:59.0619 0x19a4  [ 0ED186CFCA4EA3C21D118A4940D4B0E8, A245EF8A9101241AAE2BAB46F16D664B2624CAF68DAA967491276F59E4B9C34C ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:43:59.0666 0x19a4  IPMIDRV - ok
20:43:59.0682 0x19a4  [ F63572DF4295C78B3F7036AEDA878176, B71EB3CC4EC95BC9A3FA217736C6C36C756935714D7E16E34C05D913B829CB9C ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:43:59.0713 0x19a4  IPNAT - ok
20:43:59.0729 0x19a4  [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT             C:\Windows\System32\drivers\ipt.sys
20:43:59.0760 0x19a4  IPT - ok
20:43:59.0791 0x19a4  [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc    C:\Windows\System32\IpxlatCfg.dll
20:43:59.0807 0x19a4  IpxlatCfgSvc - ok
20:43:59.0838 0x19a4  [ 31500D8C02A45E1C5DE00BDEC46AEAA3, 574968A5B8EED68D0A71466BE2A4AD432871907C2A255EFE156BBDCAD5987E3E ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:43:59.0854 0x19a4  isapnp - ok
20:43:59.0885 0x19a4  [ 73C916C3B053B0622CA37DE7FAA37DCA, F0020D16940F5605D60AAF85FF1C5DEDDAACEE4419409792631CB94D750D0855 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:43:59.0916 0x19a4  iScsiPrt - ok
20:43:59.0947 0x19a4  [ 2DAB988FDD06CACD99B9DB2A05569449, A66C90009C7B20736A8B291889C518CBAF9D0C32A5EC720330EF25F30C056F1B ] ItSas35i        C:\Windows\system32\drivers\ItSas35i.sys
20:43:59.0963 0x19a4  ItSas35i - ok
20:43:59.0979 0x19a4  [ 02A6967D5AEF2F15AA9C838DBF3E1C04, 7639DCD4328C14F3FB522EC501F4DF374CCBE87699EB4A2B238C9F9C526FDF59 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:44:00.0010 0x19a4  kbdclass - ok
20:44:00.0025 0x19a4  [ DD56D35E1708207B5006B491AFBD47D7, 4DDDE0AF2816A5302511E99FD26F77517EA5C2C6D9BE76D70199A33BF3EE9FE3 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:44:00.0057 0x19a4  kbdhid - ok
20:44:00.0072 0x19a4  [ 6B7422A382C1788AAF7C6CE6D4A4B375, F14AC6EF3695E05CD2D5CD9524AF7D0327E11A8B2BA9315A1EBF53828A608D33 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
20:44:00.0088 0x19a4  kdnic - ok
20:44:00.0119 0x19a4  [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] KeyIso          C:\Windows\system32\lsass.exe
20:44:00.0135 0x19a4  KeyIso - ok
20:44:00.0182 0x19a4  [ E413F2605401937922C2090FC9E2BBC2, 5648EA6CC1CC68DFF6A411857CF4B5DA932E65B20ABA29B012DA7801F1B71830 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:44:00.0197 0x19a4  KSecDD - ok
20:44:00.0213 0x19a4  [ D1D00490F56FB9FAE2DDDB66F5FE639A, 6EA94E7BD9AFD1112B16ECE4B496D3313A73AE908A7672FC4F082343CA579C83 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:44:00.0229 0x19a4  KSecPkg - ok
20:44:00.0244 0x19a4  [ E5304DE29BB9666DF0E57E5BA71C0E10, 491802A11F9E563369DB69E1D838C6F0F54F69F31BDC14018339CEE1B6C9C3CA ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:44:00.0260 0x19a4  ksthunk - ok
20:44:00.0307 0x19a4  [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:44:00.0354 0x19a4  KtmRm - ok
20:44:00.0400 0x19a4  [ 93A1623588FB4E1CEE36B86DB28C8566, EB1FD7247E8C17DA0EE0728FDA50AAFF1EA56C150739B59A6E472E3F1DF30B81 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:44:00.0432 0x19a4  LanmanServer - ok
20:44:00.0479 0x19a4  [ 4AA23A178A6AB857F6F238B755D66C96, 07985598C53E357F592C9671F58FA0EE3EF1DD37FA81087C62F4A4D8837D0FA8 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:44:00.0510 0x19a4  LanmanWorkstation - ok
20:44:00.0557 0x19a4  [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc           C:\Windows\System32\lfsvc.dll
20:44:00.0572 0x19a4  lfsvc - ok
20:44:00.0604 0x19a4  [ B0159D4C173E880D0FB00A585BD3375A, 2E83A1DC80E150B64899EB3D6A2A31BED34F1886426264D26F4F6775A5CCCE25 ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
20:44:00.0635 0x19a4  LicenseManager - ok
20:44:00.0650 0x19a4  [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio          C:\Windows\system32\drivers\lltdio.sys
20:44:00.0682 0x19a4  lltdio - ok
20:44:00.0713 0x19a4  [ 1BC0F8B36B0EB96322FF6F4F3BC3B7D2, 72B81ABD2A5503E46B52DE6F2B5DAA2B000751189BD13BB4365FFA4F2750DF04 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:44:00.0744 0x19a4  lltdsvc - ok
20:44:00.0760 0x19a4  [ 4A501E9429650B678610ABCCAD1D2609, 71F33FD997D36B8CFB7FD36397CB768AEF1B6329B3882D445B72246621F3BD7E ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:44:00.0791 0x19a4  lmhosts - ok
20:44:00.0807 0x19a4  [ 89EB90814DA5FB6F5299240AD8B9C7A7, 36857AFABD064196B7D2A7CFAE3696D96C1FE13431DB49ACE161E706680231DA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:44:00.0838 0x19a4  LSI_SAS - ok
20:44:00.0838 0x19a4  [ 2FD85E518EA97BB642B018EEB453401A, 7EA218BB57843B80AB5A987BA915829B8262629F72EEC84238634A016D05504E ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
20:44:00.0869 0x19a4  LSI_SAS2i - ok
20:44:00.0869 0x19a4  [ 8B7995D9E487C8F90BEA8F1EF6331C10, 2EE68AFEB6D5EC98A996C1722057275C1648411898359248D390B6AA9F697AB5 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
20:44:00.0900 0x19a4  LSI_SAS3i - ok
20:44:00.0900 0x19a4  [ ED902EBC8DEEF6E5FC00D0816DDFFB42, FFDDB7BA54C999D5689152E4EDACC838A769B6C479F0A0FCF294C8632F4E4C1F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:44:00.0916 0x19a4  LSI_SSS - ok
20:44:00.0979 0x19a4  [ BE244459BAC02DABA7F7CDAE0707FF7A, 36AA26FF3AD4B72475092CB2B7EF1232FFD5FE93FBE604D0E2FAC3D40221DBEC ] LSM             C:\Windows\System32\lsm.dll
20:44:01.0072 0x19a4  LSM - ok
20:44:01.0088 0x19a4  [ 5713ADC1FB288A983C4B1CE5037FE238, F91B50D66EB06B7E7CDA69EBC618EB5E371FB7194945AE1235754C552FA963BE ] luafv           C:\Windows\system32\drivers\luafv.sys
20:44:01.0119 0x19a4  luafv - ok
20:44:01.0150 0x19a4  [ 6F98C1637140758941D6E0911D020976, C416BCB7FCEDF8E1A1F5533A4B6E1CDF690AF95318820F96EFDA5A13C589C331 ] LxpSvc          C:\Windows\System32\LanguageOverlayServer.dll
20:44:01.0182 0x19a4  LxpSvc - ok
20:44:01.0229 0x19a4  [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker      C:\Windows\System32\moshost.dll
20:44:01.0244 0x19a4  MapsBroker - ok
20:44:01.0307 0x19a4  [ 6C965A0AC264AF1A8E0A69882A7EAFDC, DA40E73A7F584D944F58C7F489B701315B8D30A29E5A6C840C9D291302271834 ] mausbhost       C:\Windows\System32\drivers\mausbhost.sys
20:44:01.0338 0x19a4  mausbhost - ok
20:44:01.0354 0x19a4  [ 6C6C1EFC46A62091224333E1E9304FBC, AEADB11E2BE2EEB4BB5E4E13ADDA4633475022312AEE777CFE7FEB27C490B54C ] mausbip         C:\Windows\System32\drivers\mausbip.sys
20:44:01.0369 0x19a4  mausbip - ok
20:44:01.0385 0x19a4  [ 78E352A45506B8AA6C1A343F1BCFA13F, 7579489DB1BDCC4A4BE0CEDBC76ACE58E0CB9185F8D8508DF1B7AB9E2C3E8CC6 ] MbbCx           C:\Windows\system32\drivers\MbbCx.sys
20:44:01.0432 0x19a4  MbbCx - ok
20:44:01.0447 0x19a4  [ CE4B01081B8FD211A7A34219D5E8154A, 9041FDEB932F2CBBCE4A017256C81B3733604403AA343D4532910436E8288CA9 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:44:01.0463 0x19a4  megasas - ok
20:44:01.0510 0x19a4  [ F3C6B901E3FF70F27A17CFDDD7BA85AA, 6D67F52F0B63724126DD7B75B3489D14A6CBC3BD1E0D19188026DA21E85A620A ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
20:44:01.0525 0x19a4  megasas2i - ok
20:44:01.0557 0x19a4  [ EB84966D14F9342C8AD3D78BA9AA8754, 83C982FC61094A9E9F3E3CB5174B7409698C12FE3B6BF9B2F4C9365E56C642B2 ] megasas35i      C:\Windows\system32\drivers\megasas35i.sys
20:44:01.0588 0x19a4  megasas35i - ok
20:44:01.0619 0x19a4  [ A4DC7070D92AD82A7BDF2F69C155AF69, 8A902DDB6016E4D5C28808FBA5741751D94FFBD4B55724D47BBA0A8C29900E53 ] megasr          C:\Windows\system32\drivers\megasr.sys
20:44:01.0666 0x19a4  megasr - ok
20:44:01.0697 0x19a4  [ 2F8B410ED73F57AAD8B85159124A57D3, FCD2F46C9DF66EAD8AE719854653AAF3C3185DDF4F12CDB52CF5B98725B03D56 ] MessagingService C:\Windows\System32\MessagingService.dll
20:44:01.0713 0x19a4  MessagingService - ok
20:44:01.0885 0x19a4  [ F759AF0B784DF1458AB2304447107803, 0AB2BE45CF9A28573F9D8C102830FF85F08CC59D82A115C4E1B8BC920BFF33B0 ] MicrosoftEdgeElevationService C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\elevation_service.exe
20:44:01.0947 0x19a4  MicrosoftEdgeElevationService - ok
20:44:01.0994 0x19a4  [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
20:44:02.0025 0x19a4  Microsoft_Bluetooth_AvrcpTransport - ok
20:44:02.0057 0x19a4  [ AE769055D99C13B85EC84D04A945E804, 9138C8B2CDEE3584F344F46A2E2F06B5C159887C8B147A33E7603877C992DFEC ] MixedRealityOpenXRSvc C:\Windows\System32\MixedRealityRuntime.dll
20:44:02.0088 0x19a4  MixedRealityOpenXRSvc - ok
20:44:02.0150 0x19a4  [ 517DC2DF12A391699F8432AF89947F2B, 2C6B268486AD0F3BFB82DE0F61D076DF7C334C1C94A0316084713EBDB0C9C518 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
20:44:02.0229 0x19a4  mlx4_bus - ok
20:44:02.0260 0x19a4  [ F087703FAC478379323262C54CE85DD4, 56AC6F16B94E9BF9EB140B21C8397CBBE2DB9D6C6B01D2879C5ABEE060631138 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
20:44:02.0275 0x19a4  MMCSS - ok
20:44:02.0291 0x19a4  [ 1BF8F673F7123FBE536D25C22B464F42, 0195CE67E94BEEE33D474C6189AAD746D2B310B714A67639D1D54D0E79B1A44F ] Modem           C:\Windows\system32\drivers\modem.sys
20:44:02.0307 0x19a4  Modem - ok
20:44:02.0338 0x19a4  [ 074D2516B7435B3560BF2A69F10BBF22, 8EE02548C82E966104DA1BCAA61F5EE7D5D81F794350DD39F01CA232A339F1F6 ] monitor         C:\Windows\System32\drivers\monitor.sys
20:44:02.0354 0x19a4  monitor - ok
20:44:02.0369 0x19a4  [ 4352C109DD892A5A5413897A74103024, DB5D99DBFF8C84A7D87109DFB71396DF8E0F0754FC0D263E45116915A39735CE ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:44:02.0385 0x19a4  mouclass - ok
20:44:02.0400 0x19a4  [ 66E41E31DEBD4E1A2762945B4F15C780, 3A05D657E03B6CD9D62023061F9C652357F16DA2F2337FB6C617AEEFFAD794B4 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:44:02.0432 0x19a4  mouhid - ok
20:44:02.0432 0x19a4  [ 180D9E273A958B6D2B55410DB2C431C4, EE3598DECA591E8735DE0F449F292E9DDDBCE28A8A7B814E78DFD90AC867B7F2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:44:02.0463 0x19a4  mountmgr - ok
20:44:02.0479 0x19a4  [ 19623B4213820840730EF00BA52201B6, E9AF731D982F2E6D6DEF9239E4912881043804E6C557C6DBA9B16AD6AE0473F7 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:44:02.0510 0x19a4  mpsdrv - ok
20:44:02.0572 0x19a4  [ 248E6732B134A409401F055C4212D69B, 6DEC28E6E4F457642FB984DEE84D2801A8146A57777F3E2472EE53980C453278 ] mpssvc          C:\Windows\system32\mpssvc.dll
20:44:02.0650 0x19a4  mpssvc - ok
20:44:02.0666 0x19a4  [ 186251D6489F7470616862DD15644177, CC06B99F3F67A90E0B5FC3B2FD7A0DBB23B0D766DDCC94FF6C72B1C2C6C913DF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:44:02.0697 0x19a4  MRxDAV - ok
20:44:02.0729 0x19a4  [ 6EE28BABC5134E6FBEE8335496C55B39, E10F7BA3468D16AB028B9010A67A321422E1E03ABADD03EBB50162A28B35C919 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:02.0775 0x19a4  mrxsmb - ok
20:44:02.0791 0x19a4  [ 4FC1D7ACB4CEA3834740F66DC1A03CCD, 49B1823F523C86DDD3A31EA0F80E6A6390F6B035C4813F0E153947F83EA424A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:02.0822 0x19a4  mrxsmb20 - ok

Nina_Tusabe · 11 Marzo, 2021 23:56

part 3

20:44:02.0838 0x19a4  [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge        C:\Windows\system32\drivers\bridge.sys
20:44:02.0869 0x19a4  MsBridge - ok
20:44:02.0885 0x19a4  [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:44:02.0916 0x19a4  MSDTC - ok
20:44:02.0932 0x19a4  [ 4D8C5C0B06D8F4B28AAD865ACA6C5494, 8AC1A5358691DA4FBEC7BAA3711321EAD20439029031696F12BB287771E82893 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:44:02.0963 0x19a4  Msfs - ok
20:44:02.0979 0x19a4  [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:44:02.0994 0x19a4  msgpiowin32 - ok
20:44:03.0010 0x19a4  [ 78689B7121F3DA06A879FBBD039B29AA, C656B13E0329B86663C2382943B1DD6F6E5080FAC71E3FEFA056D261F30E273E ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:44:03.0041 0x19a4  mshidkmdf - ok
20:44:03.0057 0x19a4  [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:44:03.0072 0x19a4  mshidumdf - ok
20:44:03.0088 0x19a4  [ AA319FAE5B8B9637E9F0D243A92D856B, 83AEF35DC458621A5FD84311EC2FB6A7319EE274ADB0A96521A2F527D44D8262 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:44:03.0104 0x19a4  msisadrv - ok
20:44:03.0135 0x19a4  [ 7643DE5E3FD4BE1917B8D830E67E79E5, 7202B00E92DCA1232E93D04E1FA695281132E4EFEE325EEFF34B872B000922F7 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:44:03.0166 0x19a4  MSiSCSI - ok
20:44:03.0166 0x19a4  msiserver - ok
20:44:03.0182 0x19a4  [ 26854C1F5500455757BC00365CEF9483, 82C74A2AAACC3CD06187365D40EC1C122A01CDB6915B18FE2DD97E17764DAF21 ] MSKSSRV         C:\Windows\System32\drivers\MSKSSRV.sys
20:44:03.0213 0x19a4  MSKSSRV - ok
20:44:03.0229 0x19a4  [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
20:44:03.0275 0x19a4  MsLldp - ok
20:44:03.0291 0x19a4  [ 4B5CD00DEAB6BC5FE650D5E90BA5719A, 6E5DAA5D9826A3165514CE2AC4AEC23033D7BA993F06D2BDFFC68052CA71C4A0 ] MSPCLOCK        C:\Windows\System32\drivers\MSPCLOCK.sys
20:44:03.0322 0x19a4  MSPCLOCK - ok
20:44:03.0354 0x19a4  [ 3FC09B334BB53D2EB289887CFBD79D0B, AD55F307A8146BC2ACB1B2437C19B405F7BC3F5E4A81DB685B0C046FEC4C30BC ] MSPQM           C:\Windows\System32\drivers\MSPQM.sys
20:44:03.0369 0x19a4  MSPQM - ok
20:44:03.0400 0x19a4  [ 1B9172B25182BE5F3560F76F4085A5B7, 65739D981DFD66C092F781FE1CB1BF07FCF4CD0DA969103E527D4982CA3A30AB ] MsQuic          C:\Windows\system32\drivers\msquic.sys
20:44:03.0432 0x19a4  MsQuic - ok
20:44:03.0447 0x19a4  [ 722A352BE9BC8627706732B8E8E74AC5, E8E7AB5B889335DD253EA02E66F8CCD4BD5DF5F2A5C63C96DFBF5E283E52F065 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:44:03.0479 0x19a4  MsRPC - ok
20:44:03.0525 0x19a4  [ 5C2788BD8C1A2D5AE653EA438B6CB427, 4EA03A2136FB759151622A5856FAC8DE1271E6D25E4CF96D0A89F6BB0FA885FD ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
20:44:03.0557 0x19a4  MsSecFlt - ok
20:44:03.0588 0x19a4  [ DB89919F84809686BD4F8C24EB6CB3FA, 360A199A6D4690FE248C6EAA4E84673F299FA4CA6C21E940F4DF1B28216BA23C ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:44:03.0604 0x19a4  mssmbios - ok
20:44:03.0619 0x19a4  [ 244C73253E165582DDC43AF4467D23DF, 808FF81F0030CC7390B4790F91CE1763EAC02CCECA6014A2D9D990A40DBD0580 ] MSTEE           C:\Windows\System32\drivers\MSTEE.sys
20:44:03.0635 0x19a4  MSTEE - ok
20:44:03.0650 0x19a4  [ 8EE2EEE12398FEA5BC8E37AAAFE59852, E37965B9EFD9ADA6A81585DD792A20CD03BFC28512E92FC63CD2CBAE9A41AD1A ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:44:03.0682 0x19a4  MTConfig - ok
20:44:03.0697 0x19a4  [ E30A8073EDCFB9788CF479B4F5D66C03, 1FDB9297989D86A9E650ECA4F0E22DA53664FD2ACE34B4FDC78DE4BA6E3F316A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:44:03.0713 0x19a4  Mup - ok
20:44:03.0729 0x19a4  [ 82B656712713424A707F1E127C68E02F, 69FBB0692C37DA498014CC6CDC609E612A3207A17B280EDE5C02248571F91F11 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:44:03.0760 0x19a4  mvumis - ok
20:44:03.0807 0x19a4  [ F9769AAD33A44F68F540D75349FFCFAD, A547CD08057222E92E9BF1CE4CAA932DB3938101CD75DBA0E40AA9A631E16FA7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:44:03.0900 0x19a4  NativeWifiP - ok
20:44:03.0947 0x19a4  [ 32E78AC5EF776E85AAB22943F2D7F12C, 4E8D65C0A56AD40300BAEAEC5DB7F2244511B84BE1FD4C85DD3A9511D832ECE1 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
20:44:03.0979 0x19a4  NaturalAuthentication - ok
20:44:04.0025 0x19a4  [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:44:04.0088 0x19a4  NcaSvc - ok
20:44:04.0119 0x19a4  [ 4ADE2898FBCD30AA5D4C3480A7676A41, E9B08C0957BA68E8C7BBC1D335A723940D5555FE8FDF889205B49DD67F9BF1D3 ] NcbService      C:\Windows\System32\ncbservice.dll
20:44:04.0150 0x19a4  NcbService - ok
20:44:04.0166 0x19a4  [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:44:04.0213 0x19a4  NcdAutoSetup - ok
20:44:04.0229 0x19a4  [ D62777BD13AC73F8FB20039B701D5292, E3708D62DEA31BA03D7CE7EEF6A270DA2B3556559140B556F5AB4EA289F921E2 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
20:44:04.0260 0x19a4  ndfltr - ok
20:44:04.0322 0x19a4  [ D6A890117CC69363EE01BA9D76E6613D, A1DB44769CA553E6F221920FCC18E85031B41703350BADE3DBF7875AE7E9C1AB ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:44:04.0416 0x19a4  NDIS - ok
20:44:04.0432 0x19a4  [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
20:44:04.0463 0x19a4  NdisCap - ok
20:44:04.0479 0x19a4  [ FF4D48CB9B1FA642E9DE8C4EAF05C980, A8C470C3429D693678F16CE47BD104B8F1E8870600C54F81058951D4A0C8A125 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
20:44:04.0510 0x19a4  NdisImPlatform - ok
20:44:04.0525 0x19a4  [ 8F6BC1F9E7331F564367456649CD3C84, 58FDA9DC5748D4F102F6B9BC6EEED687244ED74B32D584119750BF964ECD807E ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:04.0541 0x19a4  NdisTapi - ok
20:44:04.0557 0x19a4  [ 09BD40437780ED584D06519373ACEDC7, 3D7685D3960382FB102E225634D54A2370DA53DEB89CAE4765AD00C9AFE030B7 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
20:44:04.0588 0x19a4  Ndisuio - ok
20:44:04.0604 0x19a4  [ 31AE9050FF9D6CBE1BC2A7EA5F98D6A3, 2960AF22637EDA95DF6ED154278B23AC157AF2DE6F342DA7D8083E4F7F70730F ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
20:44:04.0635 0x19a4  NdisVirtualBus - ok
20:44:04.0666 0x19a4  [ E48770FA7691847311752AE892FCC6B4, 2666A2E880BCD839D9F0D51F21CFA12FDB13FE75061D47DE1974F0A67B6BF611 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
20:44:04.0697 0x19a4  NdisWan - ok
20:44:04.0713 0x19a4  [ E48770FA7691847311752AE892FCC6B4, 2666A2E880BCD839D9F0D51F21CFA12FDB13FE75061D47DE1974F0A67B6BF611 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:04.0744 0x19a4  ndiswanlegacy - ok
20:44:04.0760 0x19a4  [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing         C:\Windows\system32\drivers\NDKPing.sys
20:44:04.0775 0x19a4  NDKPing - ok
20:44:04.0791 0x19a4  [ EBB9D06E3C9F01FE299E9508D5B19BEB, 502AE6F59243354366ABE8DDB1F26BA79C5A08E56F9369525678CC072CF65486 ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
20:44:04.0807 0x19a4  ndproxy - ok
20:44:04.0822 0x19a4  [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:44:04.0854 0x19a4  Ndu - ok
20:44:04.0869 0x19a4  [ 31404298CF55C7C05508390B32DF93E4, 578F51D474BDAD93E9C76736E90A7C63AA29A66EB882B149E8BA3B8FA00A0FC1 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
20:44:04.0916 0x19a4  NetAdapterCx - ok
20:44:04.0916 0x19a4  [ 4687FAC962855BDB1896C02334E95D54, E7F7F30D9513FDD2236FCFD5549DCD93101562BA1117213EA4DF32B70BB48A73 ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
20:44:04.0947 0x19a4  NetBIOS - ok
20:44:04.0963 0x19a4  [ 49F7DE6F689C47B64A2C2D46CD98E327, 679A89E9078D5865C52FCAE3A86D5AD252BF22B819901303F186D55EC976E1CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:44:04.0994 0x19a4  NetBT - ok
20:44:05.0010 0x19a4  [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] Netlogon        C:\Windows\system32\lsass.exe
20:44:05.0025 0x19a4  Netlogon - ok
20:44:05.0072 0x19a4  [ BED24C1637683D983D42EB50184BBBF0, 486A7DB000DF3AB0D4EC6635C2BE6FD626DB570940E973B502D47FB55B0830A4 ] Netman          C:\Windows\System32\netman.dll
20:44:05.0119 0x19a4  Netman - ok
20:44:05.0166 0x19a4  [ 735CBB095A60F2B5FFB8D670C101D212, 2CA250852E9F93211BCCFD38E5D692127845C1DE584561A6FBD4DBDEF8E822FB ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:44:05.0229 0x19a4  netprofm - ok
20:44:05.0260 0x19a4  [ 4CEFFE7F3483FFC5D50CAB27818A7C3B, D45037ADD9AF6C488AC0A11356367EC684BF36E6A48625247B9BECCB4AF29C24 ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
20:44:05.0307 0x19a4  NetSetupSvc - ok
20:44:05.0510 0x19a4  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:05.0525 0x19a4  NetTcpPortSharing - ok
20:44:05.0557 0x19a4  [ F3EA02E55BA8E0C02C2AFBE5440C4967, 1C9400210B92A46386673D627AD06094F5F842E5FD71E356DA32184F6B0E8FB0 ] netvsc          C:\Windows\System32\drivers\netvsc.sys
20:44:05.0572 0x19a4  netvsc - ok
20:44:05.0635 0x19a4  [ B45F5E20DD52EA9297D358D5CACB1BB6, 1994B5EBAE6A3753636D449072DCA8A417A37AB6AB481AFA19BBE432A86180A5 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
20:44:05.0697 0x19a4  NgcCtnrSvc - ok
20:44:05.0744 0x19a4  [ CA871583FBFBAD5033901E5F8577DAC4, C571563F1FF022C72CC0654DD7BA87F7EE20E21D8CAD6913EBE1FDC79E7BCD07 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
20:44:05.0822 0x19a4  NgcSvc - ok
20:44:05.0854 0x19a4  [ D0AE69CAEE55366D14A1C61E788642D3, 39C0A3CF38A7B26E9FE829DDEB49DCFBE6BF3E9C640FFD5730D3D52DCDACF600 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:44:05.0900 0x19a4  NlaSvc - ok
20:44:05.0947 0x19a4  [ 6E9CB02C4FB90AC76B11D01D5D5EB934, C3168A7240D56300CC8C4C72508A8249D36AAB630429A0B26D742192FB6F0D35 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:44:05.0963 0x19a4  Npfs - ok
20:44:05.0979 0x19a4  [ B2B57F620C085F2EA764BDF79AF7BE30, CA3657D9365D34FFECF6B5DE8E5905A2491756B1CC227D9AB8762B09111E9860 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:44:06.0010 0x19a4  npsvctrig - ok
20:44:06.0041 0x19a4  [ 0FA6DD9E38FF747C54FF5AE05F304327, 85449DBDBD24D72E0BAD82C81306F5AEC18F7CF23631BCFC09E8AEE4C7C646BE ] nsi             C:\Windows\system32\nsisvc.dll
20:44:06.0072 0x19a4  nsi - ok
20:44:06.0088 0x19a4  [ 099D027B23831D009DEB40031795A915, 4E6E391847B90C796BC7B208614F66F48BD0A6CE253295DC24DFA47E9D214151 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:44:06.0119 0x19a4  nsiproxy - ok
20:44:06.0229 0x19a4  [ 99041A92D27B61BB6606D6F31F980451, 9BC659FEF68B728566BEC2D2F7491DD21D5EFFAFB7F23A286B2A717B99D01B0C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:44:06.0322 0x19a4  Ntfs - ok
20:44:06.0354 0x19a4  [ 2CB7C3B739D8D34B9249F7DC6C8B5C1A, 318DD3D989EBED3F29A4C3F6FA819F060BE9C14C549B7DAD8ECA2B73C7932722 ] Null            C:\Windows\system32\drivers\Null.sys
20:44:06.0369 0x19a4  Null - ok
20:44:06.0400 0x19a4  [ BEB8637D4B098B286B8B4F46E88A57AD, C0515F0F429A3B60AEC5F9F2AEDCF387CF941D306A21C9BCB56571C83560C6C1 ] nvdimm          C:\Windows\system32\drivers\nvdimm.sys
20:44:06.0416 0x19a4  nvdimm - ok
20:44:06.0432 0x19a4  [ 5281A4F23E594AE6EDE1E38B1F8518E0, 628927EB91C6A323CA67B97EF743775B68D30599A0F0593BC3B5C0BA6C5AB82C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:44:06.0447 0x19a4  nvraid - ok
20:44:06.0479 0x19a4  [ A11D15751217EEB734033BB5A929B1CD, F07CD88B7939C53DF83E93D40FB5AB115946393AFBE8DBA75FEE7247BF3063A9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:44:06.0494 0x19a4  nvstor - ok
20:44:06.0572 0x19a4  [ 4D952813F897436F446C7D2132C837B7, 532F364E5ED1DB9D73FB2662C87E0A709915914B99F822DB0368AB55F5D96A9F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
20:44:06.0588 0x19a4  OneSyncSvc - ok
20:44:06.0666 0x19a4  [ F8CE0B4F1BC5E4FBDD66C1CAC4D58314, E7DC2FBA4CDBB0A35CC58E0FDF37D68891F18A80E449C0AA2C66C43A596EC4A9 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:44:06.0697 0x19a4  p2pimsvc - ok
20:44:06.0760 0x19a4  [ DA97CD5815EC123BC88382C08D465B9E, 46F5EA2E3D590FB10E14BC811612B6EF87C805B359A652D2C6BFE4840D5D6AA2 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:44:06.0791 0x19a4  p2psvc - ok
20:44:06.0869 0x19a4  [ 138FDB1EBCB61287A645BD3B06DBED5E, 1E59DE429B54E910688BF917F2AD97E66241EE3FB924C24E3627E9603E8A9C5D ] Parport         C:\Windows\System32\drivers\parport.sys
20:44:06.0885 0x19a4  Parport - ok
20:44:06.0916 0x19a4  [ 70DA84CCFC5302571EBC4C59DEADEA98, B0E50CA471F424E7EE3D035C535AAB9029D423CF375756D9EF747AE1FAE99F5F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:44:06.0932 0x19a4  partmgr - ok
20:44:06.0994 0x19a4  [ 64B95C3E2F9C02762F69B82BC3F8B258, 57C2AE321EACE7C6A476EBD7EBC44B4F9A6320A2672E8CB5265F6059F1F9FD8F ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:44:07.0057 0x19a4  PcaSvc - ok
20:44:07.0104 0x19a4  [ 8CC13B89FA497F29285DB309663CCBE8, A28FEF811504B213FDCF9B9C30C7CF576C585018EE0575DEA2B01E0312D33345 ] pci             C:\Windows\system32\drivers\pci.sys
20:44:07.0150 0x19a4  pci - ok
20:44:07.0182 0x19a4  [ 6DF4B0136BD9F9E6785239DA69A01281, 46B0C1379AFA7D97F0E955D139B15CE70B6F3D490668D1892EAD7FA668441417 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:44:07.0197 0x19a4  pciide - ok
20:44:07.0213 0x19a4  [ 0543F01C97CE2D3ABB4F8CEA56B99721, CD84890DEB63C782A51A7F4D962B88CAC9AA226C3C7DDC2D2B0A56E81B00B07C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:44:07.0229 0x19a4  pcmcia - ok
20:44:07.0260 0x19a4  [ FE3E9C016B908745987C45D40A31F4ED, 94CF7ECBE1F62A1952FF8E3FF8799ADCAA1AA3211B18395875A75EFCEA786DBC ] pcw             C:\Windows\system32\drivers\pcw.sys
20:44:07.0275 0x19a4  pcw - ok
20:44:07.0307 0x19a4  [ AF7BE3A2E5DA866E340CC82FD2EADC8D, E650E5566D18ECF606005362D6DA2B1C4781E4608124A6B2DEC28806DB5609C0 ] pdc             C:\Windows\system32\drivers\pdc.sys
20:44:07.0322 0x19a4  pdc - ok
20:44:07.0385 0x19a4  [ A26AD59A080EDDF8AD13E3B9483FA74B, F929BBCD9DE10BF1FE3E3CCB837BE1395A9CAECD126562C7B61F42A6F7CDC456 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:44:07.0447 0x19a4  PEAUTH - ok
20:44:07.0541 0x19a4  [ 5F62D68297E0B68621E9F66A21BD27CC, 220FEF9F33D4BEB0D3E797FA081BDAF16CEFE6C06140E95E61AE0A9AACAD8E2C ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:44:07.0666 0x19a4  PeerDistSvc - ok
20:44:07.0713 0x19a4  [ FC843422E589B5B2400FE528BCF96DD3, 2FBD09D8C423876B4C47211FD878514DB630DD38A0EE7292B608051CA2CAF137 ] perceptionsimulation C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe
20:44:07.0760 0x19a4  perceptionsimulation - ok
20:44:07.0775 0x19a4  [ 2E2E8BA514A93C297F124BAB53F4E921, D6B8116E5C920032A5926D5D047BFD72B05ACBB08E26F177A0B0E6B4EC735FA1 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
20:44:07.0791 0x19a4  percsas2i - ok
20:44:07.0807 0x19a4  [ 1C6720616FF300235509D5EFBB2CAE20, 92017ECB36EAA35AC454E890734915A658EB898C95970531D43C19461BE6562B ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
20:44:07.0838 0x19a4  percsas3i - ok
20:44:08.0104 0x19a4  [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:44:08.0119 0x19a4  PerfHost - ok
20:44:08.0182 0x19a4  [ C88D386FBD10E57ECB036FA57AB279C6, B4F5FD142AABC8E767F19597D501040C93234C1DAC44024EF1030CCEFF9CA6BE ] PhoneSvc        C:\Windows\System32\PhoneService.dll
20:44:08.0260 0x19a4  PhoneSvc - ok
20:44:08.0275 0x19a4  [ 3DDE1389F1442AFCAD0C8D05A336E903, 012FDDE31DBBDD6FA2BA5BD90718A38A74AFFCE3360D9D112837490117F06639 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
20:44:08.0307 0x19a4  PimIndexMaintenanceSvc - ok
20:44:08.0354 0x19a4  [ 2C5F57514CDBF0E14FB8A2571AB85ACD, 5AEFD5DA01F0145903486C5F597C41D4118373F471DAFC224B83D18B2E8D836F ] PktMon          C:\Windows\system32\drivers\PktMon.sys
20:44:08.0369 0x19a4  PktMon - ok
20:44:08.0432 0x19a4  [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla             C:\Windows\system32\pla.dll
20:44:08.0525 0x19a4  pla - ok
20:44:08.0854 0x19a4  [ 3EB6D7AEDD0ECCBA7AAD836A8EB4AD06, C3247F3DC8EB055C1E3914A47CF687728088138706EE59F2A8B94A4AF15FE0E4 ] Platinum Host Service C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
20:44:08.0885 0x19a4  Platinum Host Service - ok
20:44:08.0916 0x19a4  [ C0DE6E29F7E1B79F70D68988A8711BEE, 5FF829925CCA1584DA97FCF24E6EA87485E33267C1FC5483B224856F98C7C96E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:44:08.0932 0x19a4  PlugPlay - ok
20:44:08.0963 0x19a4  [ 8D8575D069381877BAED88D2FC98EC11, 0C0C05CD071BADD691C99CB08EF6CEEB1DF9B0F011F4499C22BBE4636E7521A3 ] pmem            C:\Windows\system32\drivers\pmem.sys
20:44:08.0979 0x19a4  pmem - ok
20:44:08.0994 0x19a4  [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM          C:\Windows\System32\drivers\pnpmem.sys
20:44:09.0025 0x19a4  PNPMEM - ok
20:44:09.0041 0x19a4  [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:44:09.0072 0x19a4  PNRPAutoReg - ok
20:44:09.0104 0x19a4  [ F8CE0B4F1BC5E4FBDD66C1CAC4D58314, E7DC2FBA4CDBB0A35CC58E0FDF37D68891F18A80E449C0AA2C66C43A596EC4A9 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:44:09.0135 0x19a4  PNRPsvc - ok
20:44:09.0182 0x19a4  [ D3A3E00336BBFF8408D33ACB4F2A6FAF, 4CBDCDB3A67E6B546298244373D4664B0824DF3E1196FB9DB5C521F4865FEB71 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:44:09.0229 0x19a4  PolicyAgent - ok
20:44:09.0244 0x19a4  [ 562B9409AA8777204E78C629647344EC, 65C33D25E0C00731D7DEF3F127523AA5178133481915287F3267A52C74577572 ] portcfg         C:\Windows\System32\drivers\portcfg.sys
20:44:09.0275 0x19a4  portcfg - ok
20:44:09.0322 0x19a4  [ 8A2AFF98B3647DCF4F228870F8E0D766, 3BBA7D8716D9F09EAD591472266150D56BB17C82ACF2D06DEFA3942B7A24D9B9 ] Power           C:\Windows\system32\umpo.dll
20:44:09.0354 0x19a4  Power - ok
20:44:09.0385 0x19a4  [ CC6EDCFAF5A19B948C46F92791AC452F, 9124AF703B5032254AAA9F42A2CC9FE5B26C0048B4C21FF14382935797F4D245 ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
20:44:09.0416 0x19a4  PptpMiniport - ok
20:44:09.0697 0x19a4  [ 35544D99939E7B04B1E677BFBD198B80, 731E4A7DD5AC2678961C67D3AE555A3CFAD8256A07D46F8725E4F6DAE5B7B6BA ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:44:09.0900 0x19a4  PrintNotify - ok
20:44:09.0932 0x19a4  [ B1F462C619CF0CCFB86537B3813BBD60, 56E40C7008271A28E518CF4273930E8C7ABCE4E7AA536617BD778F292D68411F ] PrintWorkflowUserSvc C:\Windows\System32\PrintWorkflowService.dll
20:44:09.0963 0x19a4  PrintWorkflowUserSvc - ok
20:44:10.0010 0x19a4  [ 60D37A270C6787EE0A1B6C88DD221A55, CCA7B29F8C552E48FD6B4D45DDDB2A8428E82747FB2ED847F3A54F87B4325DC8 ] Processor       C:\Windows\System32\drivers\processr.sys
20:44:10.0025 0x19a4  Processor - ok
20:44:10.0057 0x19a4  [ 827CC434B3597B315348FDAC698B2588, 559D39BEBDC02C06E11279908256E934B8E30D75934A6980F4EA779F6BFC06D7 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:44:10.0104 0x19a4  ProfSvc - ok
20:44:10.0135 0x19a4  [ 4E750557E2310F3875CC8CEAB4CCA2CB, 7906E70262F7D47A22CC18361749106E5B377660EF17A0F2AEB44B019F825A95 ] Psched          C:\Windows\system32\drivers\pacer.sys
20:44:10.0166 0x19a4  Psched - ok
20:44:10.0197 0x19a4  [ 0DDF3517BE8C79074A43CE6DA888E534, CB35B0742FFD753AB4734214C5B50F880EEC371DF32EC9D6BB58A7196BAB7D9A ] PushToInstall   C:\Windows\system32\PushToInstall.dll
20:44:10.0244 0x19a4  PushToInstall - ok
20:44:10.0260 0x19a4  [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE           C:\Windows\system32\qwave.dll
20:44:10.0291 0x19a4  QWAVE - ok
20:44:10.0354 0x19a4  [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:44:10.0416 0x19a4  QWAVEdrv - ok
20:44:10.0479 0x19a4  [ 9D377A5872A0A7A33E258FFCBDB3F25F, D461798C6348C5D96EA002E4A1AC588B87A1A9B01AD84AB1FA6D9C6393616892 ] Ramdisk         C:\Windows\system32\DRIVERS\ramdisk.sys
20:44:10.0510 0x19a4  Ramdisk - ok
20:44:10.0525 0x19a4  [ 9500BA0F8F8E48449810BA0E802DF2CA, 3A79A1C48768C72B49913647336BF75CAFC10DCB8C6C54E4D05FBDC88FDADBCA ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:44:10.0557 0x19a4  RasAcd - ok
20:44:10.0588 0x19a4  [ EDE2F093CA143740A1B1CD2B27F1797A, 35C819F74CE7E93A7E14482D53729653F88277FD93D452F73A6A635CB8B98229 ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
20:44:10.0604 0x19a4  RasAgileVpn - ok
20:44:10.0619 0x19a4  [ AC0179CC701DEBE60FF3ABACF1EFE18E, B9970819DB91FDF78D655A9A8A03ED9EE020B1F722DC4AB9D003CA0B3287FCCD ] RasAuto         C:\Windows\System32\rasauto.dll
20:44:10.0650 0x19a4  RasAuto - ok
20:44:10.0682 0x19a4  [ 40CBDB4B80284451536C8CA49561E5CD, 69F7181CB25E6E32E7B9C68BC76F21A5C7311ADAF6CD35B0B54EC4B7095B46CC ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
20:44:10.0697 0x19a4  Rasl2tp - ok
20:44:10.0760 0x19a4  [ 62DF77D0FA3769993516B23887CA32B5, 2294463FE07BDF21AB76C1678762CD2541C413BDA50974F3A1F95BC564F80304 ] RasMan          C:\Windows\System32\rasmans.dll
20:44:10.0822 0x19a4  RasMan - ok
20:44:10.0838 0x19a4  [ E250ADBB0C3E564BAF7CBBA4BAFE0A60, 83B6ABFC0C5700089EA967939564EF5FA2F5C40D2CA378D427CE59FFACD99D71 ] RasPppoe        C:\Windows\System32\drivers\raspppoe.sys
20:44:10.0869 0x19a4  RasPppoe - ok
20:44:10.0885 0x19a4  [ FCF941424AB1AB3EF57B0ABE6DBCDF77, 6EC56F7E87D4D6241DD0E94148E388816EF9613B482DBD1891E698B2E7F0F585 ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
20:44:10.0916 0x19a4  RasSstp - ok
20:44:10.0932 0x19a4  [ 7EA9C32797A03CEF152D10CF146D6C3E, F3AEE3FED02E9ED4DA7685D0335E660E001858F178AABF7D191776AFB3A9DDA0 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:44:10.0979 0x19a4  rdbss - ok
20:44:10.0994 0x19a4  [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:44:11.0041 0x19a4  rdpbus - ok
20:44:11.0072 0x19a4  [ 5C322D590CEBCAF2F333EBE70E178AB4, 9A31AA9C179FF4D4EE4128B3E28D1921709EB2AFA0A6B9CB5A2703B4DE4CBFCF ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:44:11.0088 0x19a4  RDPDR - ok
20:44:11.0104 0x19a4  [ B3C2433FC1E532D927A3871385610FBC, 7DE51633A3E59FFC0769D46BF44D8E39847333EA7581E49F148646F3CD24D4AA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:44:11.0135 0x19a4  RdpVideoMiniport - ok
20:44:11.0150 0x19a4  [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:44:11.0182 0x19a4  rdyboost - ok
20:44:11.0260 0x19a4  [ 57736A8A8E492F393060C683A8CA1B69, 73E49BE4C6DB192073C42233F8CDFA01A7DC629806B824EAAC1557935083F43A ] ReFS            C:\Windows\system32\drivers\ReFS.sys
20:44:11.0322 0x19a4  ReFS - ok
20:44:11.0385 0x19a4  [ B193441867F5CF0F06798A4A2F15E17F, 8FD6A0A6442424630655EA07841B4601716D867D53B91E8BB7ECE51336642630 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
20:44:11.0416 0x19a4  ReFSv1 - ok
20:44:11.0463 0x19a4  [ 9B3B3A7120AD9636E6C5BE1F135F93DA, DB4B23DB6B1E9041293024309181461CFF6B3696CF16DFA9BE0ADC4D64826D48 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:44:11.0510 0x19a4  RemoteAccess - ok
20:44:11.0541 0x19a4  [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:44:11.0572 0x19a4  RemoteRegistry - ok
20:44:11.0635 0x19a4  [ 5E1E8C86D95D927FA1A4386063DAB0A5, F924C9A5D1BE07E593856A501A604CEC6A1DD6A0EBE2DF8A84F41DAAFF67D7CE ] RetailDemo      C:\Windows\system32\RDXService.dll
20:44:11.0682 0x19a4  RetailDemo - ok
20:44:11.0697 0x19a4  [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
20:44:11.0729 0x19a4  RFCOMM - ok
20:44:11.0760 0x19a4  [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy         C:\Windows\System32\drivers\rhproxy.sys
20:44:11.0791 0x19a4  rhproxy - ok
20:44:11.0822 0x19a4  [ ED03402939D0815CE4F29F9DCDF8D667, 79C19A4897914B1CC5ED79BEB6B47ECC1330AAA4C6F44F6B9D5D9B31D91A7EF0 ] RmSvc           C:\Windows\System32\RMapi.dll
20:44:11.0854 0x19a4  RmSvc - ok
20:44:11.0869 0x19a4  [ 6D81DCC4175DB8DC4D073C8E086EB870, 04C35895346359FDA5F3AD6DD727EF6E6905DCB98937908B6329771ACBE6E92C ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:44:11.0900 0x19a4  RpcEptMapper - ok
20:44:11.0932 0x19a4  [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator      C:\Windows\system32\locator.exe
20:44:11.0947 0x19a4  RpcLocator - ok
20:44:12.0025 0x19a4  [ D0C11ABFD6C7E4C58CED7B12953565E8, 2CBB149227419D4C9718A8528E914148A7F5BABD9DE3ADDA218DF9D25F0A4E11 ] RpcSs           C:\Windows\system32\rpcss.dll
20:44:12.0088 0x19a4  RpcSs - ok
20:44:12.0119 0x19a4  [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr          C:\Windows\system32\drivers\rspndr.sys
20:44:12.0135 0x19a4  rspndr - ok
20:44:12.0166 0x19a4  [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:44:12.0182 0x19a4  s3cap - ok
20:44:12.0213 0x19a4  [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] SamSs           C:\Windows\system32\lsass.exe
20:44:12.0229 0x19a4  SamSs - ok
20:44:12.0244 0x19a4  [ 14AC9857435A1D1C632816AA2B8E63F3, 2670CD9FEF92CD591B0A79D0DB7ADAD77030291C8CBC13F219CA70EF69BC7638 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:44:12.0260 0x19a4  sbp2port - ok
20:44:12.0307 0x19a4  [ D9D28F013BC9D9A409FA77569939B5A9, B71D1ACDDCD6497953C0293AA9749F0F2D8FDE3344EEC9C016DF8BBA4D66C72D ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:44:12.0354 0x19a4  SCardSvr - ok
20:44:12.0369 0x19a4  [ F9866CA2D5D29856830AE706031C3E7E, D298E9C851240919CCE50B30DBC53E1948170850DD0BDA7DB77CD6BF88E5010D ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
20:44:12.0400 0x19a4  ScDeviceEnum - ok
20:44:12.0432 0x19a4  [ 1F8BE1A39B1171911D8E0EB3A27B1670, 69F9182AED276DFB7248F3107F3B59BF18279532EE52593A2BA9E0FA06351D5F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:44:12.0447 0x19a4  scfilter - ok
20:44:12.0494 0x19a4  [ 4A8697C83B8B7F217A333B79267ECD15, 12B90839EC61EC96A6299E3F8B0F5F2834E8834FF4E14E5CBC61EEE0830DAED2 ] Schedule        C:\Windows\system32\schedsvc.dll
20:44:12.0557 0x19a4  Schedule - ok
20:44:12.0588 0x19a4  [ 14DD371343EFEC95013A273DEBCFE96F, A321C20A1221AC1F6D7BDEF9FAF0C6AE138353EF5F859EBF1ECF55A97414FBA3 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
20:44:12.0619 0x19a4  scmbus - ok
20:44:12.0650 0x19a4  [ DD2EC7B5912830CB181F101FD8025259, 1B5E3D24CBD58014433258AB8168C96B67B9812D5CD0ECAB3F877E2E02AEDA7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:44:12.0682 0x19a4  SCPolicySvc - ok
20:44:12.0713 0x19a4  [ 5449081DC6601B5EC3C47CBE1C2149B6, 76D49340F98787348A4D39A5364AB14479D938ECF1AC3D8383642B6CE2EA39B7 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:44:12.0729 0x19a4  sdbus - ok
20:44:12.0760 0x19a4  [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd           C:\Windows\System32\drivers\SDFRd.sys
20:44:12.0775 0x19a4  SDFRd - ok
20:44:12.0807 0x19a4  [ CC3C2E05F0BACF5459F60170FFB78620, B08AF578C5B90F33768EF1DBC00282412A51F3F2B99C29ED75C06F0A24D3184E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:44:12.0838 0x19a4  SDRSVC - ok
20:44:12.0869 0x19a4  [ 8B4B79B8B5CB5F83092487200FE173E2, 2466CC86C390417498EF3EF881E40B814E4E25B451AA1874683059B4273925F3 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:44:12.0885 0x19a4  sdstor - ok
20:44:12.0900 0x19a4  [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon        C:\Windows\system32\seclogon.dll
20:44:12.0916 0x19a4  seclogon - ok
20:44:12.0979 0x19a4  [ 4F1EEF1FF02D11D9134E26478C88749A, 265D4D30A5998C7F38BA187300CAC868107826DC93A82E4009A887CAC26B1FEF ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
20:44:13.0025 0x19a4  SecurityHealthService - ok
20:44:13.0088 0x19a4  [ 10FCA5CAE37D6E7E6E95A7334EF6FFF1, E943394D5286B280E916D19DEBF44219C474C86BD413944C9300A8808BF775EB ] SEMgrSvc        C:\Windows\system32\SEMgrSvc.dll
20:44:13.0166 0x19a4  SEMgrSvc - ok
20:44:13.0182 0x19a4  [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS            C:\Windows\System32\sens.dll
20:44:13.0213 0x19a4  SENS - ok
20:44:13.0260 0x19a4  Sense - ok
20:44:13.0307 0x19a4  [ 38339304CB5D1154A10699A526ABDF4F, B7027BFF6DBFC68315CCE2B6E8F4A5854A94C388D7AF71FE4F59B58F43C742C1 ] SensorDataService C:\Windows\System32\SensorDataService.exe
20:44:13.0416 0x19a4  SensorDataService - ok
20:44:13.0463 0x19a4  [ 207FA2E4C1C74D930C61F01E3DD8EAD6, FD98FF3DF2A33E4893D0E8E8E48F88DEC42443B9CDA289EA755D53471988488A ] SensorService   C:\Windows\system32\SensorService.dll
20:44:13.0494 0x19a4  SensorService - ok
20:44:13.0525 0x19a4  [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:44:13.0557 0x19a4  SensrSvc - ok
20:44:13.0604 0x19a4  [ 22068CA363EAF69A8EF6EBBBD580A8E8, 45F87C7D04B8F20290BBA8517BACE138D1E2112A268CCFFC2DFC407A81C0A197 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:44:13.0619 0x19a4  SerCx - ok
20:44:13.0650 0x19a4  [ A5E6D99D319610030C3CA982DCAA3624, 8F1BCEDC5FEA5AF0260B573EE171E1D895EBAB5A51BEA1F84D3043F6612050A9 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
20:44:13.0666 0x19a4  SerCx2 - ok