Quien y como modifica los ajustes en Win10

Eliminar Malwares
23

part 4

20:44:13.0682 0x19a4  [ 7A289A4FFAA43D81F091A302512059A6, 9A4EC5EAF65ECB6518C462E837EB76286F1BA7A8C9E26DC46586DC4F189BD1B7 ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:44:13.0713 0x19a4  Serenum - ok
20:44:13.0729 0x19a4  [ DCE5D050F3B06D30985EE126257DEEB6, 024C1F9FBEFDCBC174733A5C97B121A6D7AD30E836C1820054BCB45F99FB4373 ] Serial          C:\Windows\System32\drivers\serial.sys
20:44:13.0744 0x19a4  Serial - ok
20:44:13.0760 0x19a4  [ B13F5A8574F0B71B2E4C84B171C28724, C812F61726BDFEFFE468DFA3491E5F465D22835C54E3559E04B452940C0EEEEE ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:44:13.0791 0x19a4  sermouse - ok
20:44:13.0838 0x19a4  [ 4856CC4E3433A8FD246E8978A02653FA, E3B6E15917C86EC95E9BB0EB206F17DD277CEEE1B00854A791BB23C7F6C06E2E ] SessionEnv      C:\Windows\system32\sessenv.dll
20:44:13.0869 0x19a4  SessionEnv - ok
20:44:13.0900 0x19a4  [ AD1B790A42984A825068B849A88AD322, 63881202D6D900656F50A0E40CB743D0769C2AD9810FE96387E9DAF2BC89E4C5 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:44:13.0947 0x19a4  sfloppy - ok
20:44:13.0963 0x19a4  [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent       C:\Windows\system32\drivers\SgrmAgent.sys
20:44:13.0994 0x19a4  SgrmAgent - ok
20:44:14.0041 0x19a4  [ 3BA1A18A0DC30A0545E7765CB97D8E63, F9CBF1FF87D6F11920C4B7367EA2178BF13AA276C65D918950683983F268BC1F ] SgrmBroker      C:\Windows\system32\SgrmBroker.exe
20:44:14.0072 0x19a4  SgrmBroker - ok
20:44:14.0135 0x19a4  [ 695E536B9372B209473FC3B29343DB27, EFD82274D4555457A44E8A9C7FC2A767075196218FD62790D9DEEED1732B2A86 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:44:14.0197 0x19a4  SharedAccess - ok
20:44:14.0260 0x19a4  [ E2D2F7C700B870E69942E064865A21B9, C8CBD40A7AF8CE2CA6DAF640FF866E2BE42E5CFA618E2E2DA0EE2B96969648F0 ] SharedRealitySvc C:\Windows\System32\SharedRealitySvc.dll
20:44:14.0291 0x19a4  SharedRealitySvc - ok
20:44:14.0338 0x19a4  [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:44:14.0369 0x19a4  ShellHWDetection - ok
20:44:14.0400 0x19a4  [ AB967036084AA5823656775377B9A1A7, B334D0A75E570AF67A6EEE4CAF56374430A1C20275F97A829942065E75B10E5D ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
20:44:14.0432 0x19a4  shpamsvc - ok
20:44:14.0447 0x19a4  [ 9AB1BADC5A324DA39186B81BC6CE6E2E, 567710C90BD71600A31A3408DB065B43C844DCFD12045FDE04CD59D932DC8353 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:44:14.0479 0x19a4  SiSRaid2 - ok
20:44:14.0510 0x19a4  [ 60213AF297023C005453E1CBF7CB6FE7, 718C833E5EDFE642F3B254515E29641BF2D8E56E22F6B795024BF64721AB874E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:44:14.0525 0x19a4  SiSRaid4 - ok
20:44:14.0541 0x19a4  [ 196A46BA842A219EC6DE7B7B7D9AAB7E, 4EF7BE37F92557C8B0D30999541F284CC4A3E8FD98E0D78146F9F00D54E11BB9 ] SmartSAMD       C:\Windows\system32\drivers\SmartSAMD.sys
20:44:14.0572 0x19a4  SmartSAMD - ok
20:44:14.0619 0x19a4  [ FF75E3F42E77904238AED44E4E03BAEF, 535013A9E3324198E1016963EBF306F3D34583F7031EE753EC6095B15E2D492C ] smbdirect       C:\Windows\system32\DRIVERS\smbdirect.sys
20:44:14.0650 0x19a4  smbdirect - ok
20:44:14.0682 0x19a4  [ ABE0BC275C8A19EEE06B94DD2EAC572E, 13534ED002D2CB6CDA138D925618774DB9FD60D9BD1B7E0499A23D904AE0F8FA ] smphost         C:\Windows\System32\smphost.dll
20:44:14.0697 0x19a4  smphost - ok
20:44:14.0744 0x19a4  [ 4E3C693505FDCC0D33DB214699A9EAE6, 1C873640728B4585CC8D2AE92AF4745BD090E38365C8B212CB5E1C8A8482C0A5 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
20:44:14.0807 0x19a4  SmsRouter - ok
20:44:14.0822 0x19a4  [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:44:14.0854 0x19a4  SNMPTRAP - ok
20:44:14.0854 0x19a4  [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser     C:\Windows\system32\drivers\spaceparser.sys
20:44:14.0885 0x19a4  spaceparser - ok
20:44:14.0932 0x19a4  [ 422A7B5E41AD97859AB5E809C179AA8E, FD75C737ACC4DDFE097997722FD50667AFA8D53739FBEF13252F96824FF279ED ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:44:14.0963 0x19a4  spaceport - ok
20:44:14.0994 0x19a4  [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
20:44:15.0010 0x19a4  SpatialGraphFilter - ok
20:44:15.0010 0x19a4  [ B6029A86D8DE5AE85E01506E0222A491, E8A7BB7D299B457EF9E3E32893E5DCF3DEE1704B9E02A0583439941CA6E1C9AD ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:44:15.0041 0x19a4  SpbCx - ok
20:44:15.0104 0x19a4  [ BAB70FA030162B32CED3DA7D034940B8, AFF3D4AB8B126FA099E6B7C6899C0C7FCCD04401C5AC1890C96C689A65CD16B1 ] spectrum        C:\Windows\system32\spectrum.exe
20:44:15.0166 0x19a4  spectrum - ok
20:44:15.0213 0x19a4  [ C98A3A0395AE60D108CBED7ACEBC0531, 00AC7E58DFC2F6757C0C2268EB441E4E8FB317427840971A1049011CD2888A35 ] Spooler         C:\Windows\System32\spoolsv.exe
20:44:15.0260 0x19a4  Spooler - ok
20:44:15.0432 0x19a4  [ C9217EC960E1ADF901F4791D3AA0E67A, F9BBD70F8F47043B4F2921C388C27303F7201F553D590612273A99D9D4D07D4E ] sppsvc          C:\Windows\system32\sppsvc.exe
20:44:15.0650 0x19a4  sppsvc - ok
20:44:15.0713 0x19a4  [ DDDE13CEE41510E53F38352E27DA5840, F18AD182C67E013AA8A082A00036D7E752D35C96FFA13003AB532D179FCE5EAE ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:44:15.0775 0x19a4  srv2 - ok
20:44:15.0807 0x19a4  [ 8D2B538242293A4D780A0FB9C9284285, 7BF32FC6AAE0FD7AFBC7596500C288BA8A42443920BD34592B08ECD2ACC2CFDD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:44:15.0854 0x19a4  srvnet - ok
20:44:15.0885 0x19a4  [ E0BB3096066C93526D1D0D11C66816D4, DD2FBC55954C590EFFF7FFF46585ABCE23192B026C0B67D14441FE95D5BF35C8 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:44:15.0916 0x19a4  SSDPSRV - ok
20:44:16.0010 0x19a4  [ 9FFECD197D09FF33B00D5E5B78A48146, 79C03E83B42E3C0402680B47A2493C3C506E2D212062859BD7C4EBACA46F3AD5 ] ssh-agent       C:\Windows\System32\OpenSSH\ssh-agent.exe
20:44:16.0057 0x19a4  ssh-agent - ok
20:44:16.0072 0x19a4  [ 2775EF3E0E76D9A44AB60D6143FA92A5, EDAE87919A509204967AFD9500021DCAE4EE9DC2D89DEF7960D5DDB1A594C9D3 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:44:16.0104 0x19a4  SstpSvc - ok
20:44:16.0322 0x19a4  [ 43310DA49A7EA5B2378B151B19261250, D9947F6BA1CEFE9A18631E39F3446002A487F22B469727E95A585B0A398F2821 ] StateRepository C:\Windows\system32\windows.staterepository.dll
20:44:16.0557 0x19a4  StateRepository - ok
20:44:16.0588 0x19a4  [ 09DC471B4573F3D01D7E448B526AE70A, 766FD1E1D2F73DE202FB337F6A6A5BA0317772AAAA644E9103BB5DF438162F51 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:44:16.0604 0x19a4  stexstor - ok
20:44:16.0666 0x19a4  [ 27CCDFB300302826F5CCFF0678F20D80, 84816CB7033FDEDA560E03995C254577E5BB23E15C7C03FB68074C2E60F31B66 ] stisvc          C:\Windows\System32\wiaservc.dll
20:44:16.0729 0x19a4  stisvc - ok
20:44:16.0744 0x19a4  [ DAE16968F831E8B08B377F73DC803100, F815758988130495D69C76AAB393829EBBEA2F603D3626DD8FEE97471E74B9E8 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:44:16.0775 0x19a4  storahci - ok
20:44:16.0791 0x19a4  [ BC29C374F70367C2631EF4D41B59C608, 9254A5E6D879F4E22595D0A07B38BD1516C0362DEDC7CA00AF6F52F822AF4E2A ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:44:16.0822 0x19a4  storflt - ok
20:44:16.0838 0x19a4  [ 015CE8E4FBA9A7F916741C58239FFA63, BCC688F0A9C17E944D594AD393B44A011E1FF48DBDE7B559CB2E75AACD8A4BDD ] stornvme        C:\Windows\system32\drivers\stornvme.sys
20:44:16.0869 0x19a4  stornvme - ok
20:44:16.0885 0x19a4  [ 995F082126674C6D1423E29FBCEA9F39, E86386156F982B59C00991D40A6E1862CA322F151BF965B14572D13AA207D614 ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
20:44:16.0916 0x19a4  storqosflt - ok
20:44:16.0963 0x19a4  [ 53C84C80A8B4F10C6FED03A360FF3CC5, 0F55BE6F77D9ECA08AE09E2B15BB733A51832139BAB89F6C0BC4CB47CA26AD7C ] StorSvc         C:\Windows\system32\storsvc.dll
20:44:17.0041 0x19a4  StorSvc - ok
20:44:17.0072 0x19a4  [ B4455289CE91DC29BED94436E485567F, 17E6C911A33DF6F4D08AABD3ED15DC5FBA255A6735F9F21EE46E4D3437129A2F ] storufs         C:\Windows\system32\drivers\storufs.sys
20:44:17.0088 0x19a4  storufs - ok
20:44:17.0104 0x19a4  [ 0A13C67C267BFA1A0D1FE72A9D65BD5F, B44327F3134FA0166ED9E31BC724120B642AE5E96CEFF599867F03463ABB1406 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:44:17.0119 0x19a4  storvsc - ok
20:44:17.0166 0x19a4  [ D73F83E795F3BC100C21EDA2BD6DE307, 0DC828C46E057ADA9934424BF00067B17EEB8E0108CE1E309C8DEA4CC42448BA ] svsvc           C:\Windows\system32\svsvc.dll
20:44:17.0182 0x19a4  svsvc - ok
20:44:17.0369 0x19a4  [ 0547BB19EFA07BEF0F679A054EB5CFEC, D618F57B78B3FFEC29E8C4472E0AA72EF1CA0C83DE968373B818ABA4D9747E2D ] swenum          C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
20:44:17.0385 0x19a4  swenum - ok
20:44:17.0432 0x19a4  [ B17F6115D4ACD4BE197587CCDAF1A855, 96AF73089C14C0E2DE58ED8D1D76942562C70A00807CF5EB86CC4B1C120D0886 ] swprv           C:\Windows\System32\swprv.dll
20:44:17.0479 0x19a4  swprv - ok
20:44:17.0510 0x19a4  [ 39DA98A21DF2129DB71B58786F37FE16, C395FD230A9295500C0A8675D67791E9CE8A33B7B7633BE459AC55C0F33C1500 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
20:44:17.0541 0x19a4  Synth3dVsc - ok
20:44:17.0572 0x19a4  [ A9DD6E780BA80D2AB45DB61D21F7361F, DD606D82397D7C15DF560075B083A4EFBDEECD8975E7FD44283BF95BEBEAF581 ] SysMain         C:\Windows\system32\sysmain.dll
20:44:17.0650 0x19a4  SysMain - ok
20:44:17.0682 0x19a4  [ 7787C9D459D5975D225C94B4450D6D63, 812618A679354712F137E70DE8F51C689987A5D69242B8DCD4A32E5EDAD0A18B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:44:17.0729 0x19a4  SystemEventsBroker - ok
20:44:17.0760 0x19a4  [ E2F4F8D0984BD41CB5D7288533819721, 7DE2195CCB7491BC065B621F050DCB5B4D6FAAEB94AF7758C7234195CF682B65 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:44:17.0791 0x19a4  TabletInputService - ok
20:44:17.0807 0x19a4  [ 20CEAECE4ECDEBC89C82F1998696D596, 439559DE34BE096824CB70A97524E843CE2802092A9C882167F4CB08FE9664A7 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:44:17.0854 0x19a4  TapiSrv - ok
20:44:17.0979 0x19a4  [ 1F92CD7ACCB878C54B5D9B7C7237DACD, E667D58DC7B2A9C03F9B537B64D6A15E1F745722741F31908004FF780113BCDF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:44:18.0104 0x19a4  Tcpip - ok
20:44:18.0197 0x19a4  [ 1F92CD7ACCB878C54B5D9B7C7237DACD, E667D58DC7B2A9C03F9B537B64D6A15E1F745722741F31908004FF780113BCDF ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
20:44:18.0291 0x19a4  Tcpip6 - ok
20:44:18.0322 0x19a4  [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:44:18.0338 0x19a4  tcpipreg - ok
20:44:18.0369 0x19a4  [ 9C4C6E0C590F789CECB7A6D437E5A284, 6516ED3DF480BA6071C8D97EFC0A7E2C78182BC7546B7DBEFCD010E9F3CC9500 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:44:18.0385 0x19a4  tdx - ok
20:44:18.0416 0x19a4  [ 2213610676B404B157ADFFE312567458, B2E02C5049357A2DFF1CF4F6F64AC6E1DCCEDC245E96D5BC0585E88E7622D1B9 ] Telemetry       C:\Windows\system32\drivers\IntelTA.sys
20:44:18.0432 0x19a4  Telemetry - ok
20:44:18.0447 0x19a4  [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:44:18.0479 0x19a4  terminpt - ok
20:44:18.0557 0x19a4  [ 780512970B44C32A56044AEFF90BF838, 0AD0D87284D8C29F6DEEA82951F4EECE7EC94C58BBABBE1CF8DF75EE5AA47D1B ] TermService     C:\Windows\System32\termsrv.dll
20:44:18.0604 0x19a4  TermService - ok
20:44:18.0635 0x19a4  [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes          C:\Windows\system32\themeservice.dll
20:44:18.0650 0x19a4  Themes - ok
20:44:18.0682 0x19a4  [ 7005BF7DC5F068712F4A4A1DDD5C4719, 2B871B446CD18D9F8461E5E7C56C2FD3530F06FDED609B8E5A145348C27CB53F ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
20:44:18.0729 0x19a4  TieringEngineService - ok
20:44:18.0729 0x19a4  [ 95E6896BD99F11DF044182D21AE55A9C, 7F64A68E5399FE7BDC928212058C630D26EF4ACA9D63AF32610F14FC25115E49 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
20:44:18.0775 0x19a4  TimeBrokerSvc - ok
20:44:18.0822 0x19a4  [ B509E42D45A040FCB7F1307FC57700DA, 1443B3C5ECF2CBC0AB8FEA0D33CAD6188991943D911B5E4A7C842DF9A28C036E ] TMEBC           C:\Windows\system32\DRIVERS\TMEBC64.sys
20:44:18.0838 0x19a4  TMEBC - ok
20:44:18.0869 0x19a4  [ AB5BE8B68B02FF0A4343A6221F9F9723, AE3FF6E9CEEC34B6956EA898FC10669C40F6C15D9AE52DE7365C8573B3D16987 ] tmeevw          C:\Windows\system32\DRIVERS\tmeevw.sys
20:44:18.0885 0x19a4  tmeevw - ok
20:44:18.0932 0x19a4  [ F387120E6C87100C370BB03883A8FEC7, 752BA4D596779364490693921E3936801E3161C07C920172076611A0F05CE76D ] tmel            C:\Windows\system32\DRIVERS\tmel.sys
20:44:18.0947 0x19a4  tmel - ok
20:44:18.0979 0x19a4  [ AE984709F70B2E344CF2E39FCBA1549A, 80B3E2629FD8377D03535BDFBAB4F49D3F52AAC329F26043219F34615B766C9F ] tmeyes          C:\Windows\system32\DRIVERS\tmeyes.sys
20:44:19.0025 0x19a4  tmeyes - ok
20:44:19.0057 0x19a4  [ D2BFC815669DB17547DFEA5F26194021, 88B430CFA2D7E0C723FDCFF90157F851D2836A923263B67BE1B2AD6520E2FB8F ] tmnciesc        C:\Windows\system32\DRIVERS\tmnciesc.sys
20:44:19.0104 0x19a4  tmnciesc - ok
20:44:19.0150 0x19a4  [ EDA8579253501C3A6850677B87C84B4C, D656F0042B610EB90F9DCA6720E561971127F058C78280A9DE5BEC22ED97BC59 ] tmumh           C:\Windows\system32\DRIVERS\TMUMH.sys
20:44:19.0166 0x19a4  tmumh - ok
20:44:19.0197 0x19a4  [ FF64696439507835F42970A7A9550D89, 5A387973BB2AFA846DD6BD2980D2178B022357ADFE96F7A97C8ED32575274352 ] tmusa           C:\Windows\system32\DRIVERS\tmusa.sys
20:44:19.0213 0x19a4  tmusa - ok
20:44:19.0275 0x19a4  [ 3E10BB1E2A372F960CCB39855609D484, 22E00104CCE24E5B3EF029B1269FBA09C43F1F967CA33E20415CC5F52475198A ] TmWscSvc        C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe
20:44:19.0307 0x19a4  TmWscSvc - ok
20:44:19.0385 0x19a4  [ 1F02FC35C2EA09699C8061DB093ADD93, 0F64C6228601DF5D392BE19AB9BF35A5A74DF1C7D422D1726AF3A5914D601220 ] TokenBroker     C:\Windows\System32\TokenBroker.dll
20:44:19.0479 0x19a4  TokenBroker - ok
20:44:19.0525 0x19a4  [ 42C4888166F5457C71D9E1A90316DACC, 9B29E730DC86DE5DD7B76AC5C494E8D59CA1A24616E919C0F81FDA35AD8F2826 ] TPM             C:\Windows\System32\drivers\tpm.sys
20:44:19.0557 0x19a4  TPM - ok
20:44:19.0572 0x19a4  [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks          C:\Windows\System32\trkwks.dll
20:44:19.0604 0x19a4  TrkWks - ok
20:44:19.0666 0x19a4  [ 6914359F7B2B19E7DD118C7D1AD73148, 62AD2A1BC45980F985EC6ED94568484BD58833591C836545D0AA167A2E98CDFD ] TroubleshootingSvc C:\Windows\system32\MitigationClient.dll
20:44:19.0697 0x19a4  TroubleshootingSvc - ok
20:44:19.0791 0x19a4  [ DC3AB5A5B71E02F90B45D72681203CAB, 0440C638B28703FB67CE5C8B339787AF8D67EDEB36CD577EF951ADDE787E1CC9 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:44:19.0807 0x19a4  TrustedInstaller - ok
20:44:19.0822 0x19a4  [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:44:19.0854 0x19a4  TsUsbFlt - ok
20:44:19.0869 0x19a4  [ BF1D6924E7949102DA6F14F7EFE8D2D5, EA6AE80568B8FEB5EAE213EC8222AD72FFD99D80321D7F2A52C1B42A88F583AD ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:44:19.0900 0x19a4  TsUsbGD - ok
20:44:19.0932 0x19a4  [ 5600A496F7E579E64E5C63E566EDD71C, 9292DAE4FAEABFB97B0E78F846A154782CF6B14629D8A8D4691FE50B4DCFB481 ] tsusbhub        C:\Windows\System32\drivers\tsusbhub.sys
20:44:19.0963 0x19a4  tsusbhub - ok
20:44:19.0979 0x19a4  [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel          C:\Windows\system32\drivers\tunnel.sys
20:44:20.0010 0x19a4  tunnel - ok
20:44:20.0041 0x19a4  [ 70E0D5256F4A7B893EF070A32C05E1A6, 583F541B895B7E952B19975D0866A469911542D982A999B45B5BF835EB5FFA60 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
20:44:20.0072 0x19a4  tzautoupdate - ok
20:44:20.0088 0x19a4  [ BD806DA5C342A0074B8A1DAFB6216973, 0EEC7DBD83061DB34EA3FA48D334BB734FB2EA3D00F38548B38C3544A693B690 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:44:20.0119 0x19a4  UASPStor - ok
20:44:20.0135 0x19a4  [ 388FE883FE8D9D307398715C508B96F4, C101A6362E6101DEC559798045CAD7A950C965693F008A4B14EE23F75796CB22 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
20:44:20.0166 0x19a4  UcmCx0101 - ok
20:44:20.0197 0x19a4  [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
20:44:20.0229 0x19a4  UcmTcpciCx0101 - ok
20:44:20.0244 0x19a4  [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys
20:44:20.0260 0x19a4  UcmUcsiAcpiClient - ok
20:44:20.0291 0x19a4  [ 1ADE4D1F65B4A1E52F701C69FB455769, 3E5CDCC098149853A7EFA05EA1B714182C82E4153F2DA3C50BA30DF2B3E05EB6 ] UcmUcsiCx0101   C:\Windows\system32\Drivers\UcmUcsiCx.sys
20:44:20.0322 0x19a4  UcmUcsiCx0101 - ok
20:44:20.0322 0x19a4  [ D6BEDCCB2E48589944EDC675D335677E, 2F5A5BA7AEC40C1A440C8DFF81DCE5AB0BDF9CC70ADDE48F8B652665B61F9915 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
20:44:20.0354 0x19a4  Ucx01000 - ok
20:44:20.0385 0x19a4  [ 6861422B7FFADDEAAA64A0539C910178, 4F8193C0A3525B78CA3CAF4731AE997A214F3DF180F0A3ADCEB2D31D3217850C ] UdeCx           C:\Windows\system32\drivers\udecx.sys
20:44:20.0400 0x19a4  UdeCx - ok
20:44:20.0416 0x19a4  [ 26D2727935221EFB0063B43A74B375BE, AB809F7EDC5C8A6EEE9610477A79131EA6C3D1BDD3D837B56B6AFF3572923DB7 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:44:20.0463 0x19a4  udfs - ok
20:44:20.0557 0x19a4  [ AA8B2A24FBC79C2F491B4A527B4A9A42, DC1C1827AC91760E9219E291D9EB058DB5B2000F05743F98B5F13AB13F025CE3 ] UdkUserSvc      C:\Windows\System32\windowsudk.shellcommon.dll
20:44:20.0682 0x19a4  UdkUserSvc - ok
20:44:20.0729 0x19a4  [ 264C183C222EF95D4C64DFA8BA5F0479, 3EF244E91851E03BE77DE49FA7E36769DE287B0CB732CD0140C39FE5118D80B9 ] UEFI            C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys
20:44:20.0744 0x19a4  UEFI - ok
20:44:20.0760 0x19a4  [ 18829AAD996E5A6A9F9B347318200385, 9000E15B7ABA7E7407FDE2A6EC025E50FCF838ADD66A9620DB15A3868FFD9F0B ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
20:44:20.0775 0x19a4  UevAgentDriver - ok
20:44:20.0854 0x19a4  [ 5E87EEF78E014C98E5C7D137A8E25DCA, 308F7F09CD5D71F29E800F969DE053ECB134544CAE1393098B9A7126EE0BC5A9 ] UevAgentService C:\Windows\system32\AgentService.exe
20:44:20.0916 0x19a4  UevAgentService - ok
20:44:20.0979 0x19a4  [ 2B0EE2E39302B66CDCE384CB5522F3A5, 4B04EA7FCF8A719EA90E3CB2F35C606200727F87ABF7124310DC0D7226C337C3 ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
20:44:21.0010 0x19a4  Ufx01000 - ok
20:44:21.0057 0x19a4  [ EEEECAFD642DB20A8470090C2ACAA6AC, 70FEAD3371792160701D47A808FC78786766E4C7CA7C5ED8DA356BFC991A275A ] UfxChipidea     C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys
20:44:21.0072 0x19a4  UfxChipidea - ok
20:44:21.0104 0x19a4  [ 2E288D3121BB244C11A22110B29FFA36, C3B9808903EE4FEB785D3DCD368423B633C2338816AE630E7A32FAC21A62B716 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
20:44:21.0119 0x19a4  ufxsynopsys - ok
20:44:21.0150 0x19a4  [ E0E764F688DCACBA011BAEB2017B903F, 7802DCDA6F49494245EC9304AECED7BB2E90908BED25A4D47F1FF4615B03DED0 ] umbus           C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
20:44:21.0182 0x19a4  umbus - ok
20:44:21.0197 0x19a4  [ 493AF687E60E144F59E3F5B7E27AA39B, 3062B25A7747BC417E1D498DB1B11C9631D80F57E4A048101EF5AA26206AE838 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:44:21.0213 0x19a4  UmPass - ok
20:44:21.0275 0x19a4  [ 28A7C9E5B95D10B6FFD7E4046B6F4943, 68E84068FC5A895D144C1B470AA0769E52045992DAA6FE95BE6C32FDEB054A84 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:44:21.0307 0x19a4  UmRdpService - ok
20:44:21.0369 0x19a4  [ 4AB4C17352889F339B5CFF7B46F745E6, 15DFAC383101846D4055E15CF123707EA1C74FC6B244CF6FFA5EB37A9F1D2787 ] UnistoreSvc     C:\Windows\System32\unistore.dll
20:44:21.0447 0x19a4  UnistoreSvc - ok
20:44:21.0494 0x19a4  [ F320808142031710E97358B529CF0982, 9AE68E8E07D717EBC9677077622B19B38C9521111F92B53F98B8085830B7959F ] upnphost        C:\Windows\System32\upnphost.dll
20:44:21.0541 0x19a4  upnphost - ok
20:44:21.0572 0x19a4  [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea     C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
20:44:21.0635 0x19a4  UrsChipidea - ok
20:44:21.0650 0x19a4  [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
20:44:21.0682 0x19a4  UrsCx01000 - ok
20:44:21.0713 0x19a4  [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys     C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
20:44:21.0729 0x19a4  UrsSynopsys - ok
20:44:21.0760 0x19a4  [ F9CDAA90C1E5E356067A88F68B2FF198, 23E2BE5B0897BD9E03EF5396A27F63635B7F40F1DD4C3D88B80030C19A0BAF96 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:44:21.0775 0x19a4  usbaudio - ok
20:44:21.0822 0x19a4  [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2       C:\Windows\System32\drivers\usbaudio2.sys
20:44:21.0854 0x19a4  usbaudio2 - ok
20:44:21.0869 0x19a4  [ C6D1E24E96FCE7662F7C09394241CC8F, D49772661BABE6FF688F6C1D21BA04BC0E0492432664C413F851264695A3D3A2 ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:44:21.0885 0x19a4  usbccgp - ok
20:44:21.0916 0x19a4  [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:44:21.0947 0x19a4  usbcir - ok
20:44:21.0963 0x19a4  [ D1E576C8A94A27D896B56F923ED4E4D6, 3AE5ED5EAFBC52028D082D3EC04B526EF60F5D74BBC79DD210A22D9238C61262 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:44:21.0994 0x19a4  usbehci - ok
20:44:22.0010 0x19a4  [ 804C51B11057869624D9292040B45E56, 42404EC0F658121F6553B7DAA3511ED512B7F4B336C2032BA85CD91E8879EEAE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:44:22.0057 0x19a4  usbhub - ok
20:44:22.0119 0x19a4  [ 4AB704FD17CA7D6BAD6A442ADED6AE38, 2B902FDB35CD85DC47B5137AC91FEB14ACA097E294884D53FAD9DE3B24BF2128 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:44:22.0166 0x19a4  USBHUB3 - ok
20:44:22.0182 0x19a4  [ 4E8C3BD185042836203F3AA26B1DE6BC, 8E2B1A8E3F8E1F88E73AE2A34B1726B5C5F6753BAE3FAB1E7CC82C53FF7EE891 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:44:22.0213 0x19a4  usbohci - ok
20:44:22.0229 0x19a4  [ E7D67614480D6365CA96FA6919F6CFF0, 7AC5FAC0D8E0A86CBD67407EA9EF95C6A2CBAA397EB959E074B6D87E85CEBD0A ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:44:22.0244 0x19a4  usbprint - ok
20:44:22.0275 0x19a4  [ C1213195609925F6422E2BA69ED6F221, C75DE7DA8C2EF42A98115BA42844C5D1C0798987A48945AF689760DDFAAC8916 ] usbser          C:\Windows\System32\drivers\usbser.sys
20:44:22.0291 0x19a4  usbser - ok
20:44:22.0307 0x19a4  [ D4ECAFDBBB8312B665D3787966294C3F, 0C479303A8F5B400BCBEE32266F0EDC17C70BBEB988545C812A632D8D2DD60E6 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:44:22.0322 0x19a4  USBSTOR - ok
20:44:22.0338 0x19a4  [ 3D45E616CC66D475E7261875344622F1, 3D602EA3F0A83F8FA7B9FED579B21881BB92272307634B24E0423A9A482D2CD6 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:44:22.0369 0x19a4  usbuhci - ok
20:44:22.0400 0x19a4  [ 29F82295E9175BAF041A3570A209D855, 5239B193B3803BA5C88037DBB827BEDD298204C5E66C76D2C5A59C6B2D0900DC ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:44:22.0447 0x19a4  USBXHCI - ok
20:44:22.0525 0x19a4  [ 12DB5302310C244632A997D52DFAB2C6, D035B96CB61CE2BDA341D872CD4BB6093BBB260BEFABCDEE486048D0CCD0141A ] UserDataSvc     C:\Windows\System32\userdataservice.dll
20:44:22.0635 0x19a4  UserDataSvc - ok
20:44:22.0697 0x19a4  [ 92C5C64001ED77E6FDAAF62F3794FACF, C78018A2A3C7A1EE8C9559CFDFD3852D2B792AC6CD44E67CA4103F372C2544B8 ] UserManager     C:\Windows\System32\usermgr.dll
20:44:22.0807 0x19a4  UserManager - ok
20:44:22.0854 0x19a4  [ C14535813F05E4DE87863643098A3648, DAD6656857FCD8FD1408627850787FA8E56672E89CBA1B94E54C9614EE49C4BF ] UsoSvc          C:\Windows\system32\usosvc.dll
20:44:22.0916 0x19a4  UsoSvc - ok
20:44:22.0947 0x19a4  [ EF5B200C6009FDAA6693A7DB7A1A10D0, C23E169D28539A3AAD2EFA4DA8EF2C93F0C471530A2716F309075B173F926F2A ] VacSvc          C:\Windows\System32\vac.dll
20:44:22.0979 0x19a4  VacSvc - ok
20:44:22.0994 0x19a4  [ CB662E24CADF976EEFED93E9373D45D2, 56E91451FEAD9946ACA8E2F0AAE99FDEA302FD90F0708F68013BDDEDAB580F3B ] VaultSvc        C:\Windows\system32\lsass.exe
20:44:23.0010 0x19a4  VaultSvc - ok
20:44:23.0025 0x19a4  [ 661233B58190B487682839F1559A7962, 2BE132106C26A9073B6E9CB646E6A2C003558B8924ED0BDC3A0533FC98E03BF4 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:44:23.0041 0x19a4  vdrvroot - ok
20:44:23.0104 0x19a4  [ 8845765B4D416FD2835C27C58A15E99E, 8A0AA93F17FEE2C816D57ADB6B6BE38D195D87A3CDCFBDDB78E0AF0D5452BC5E ] vds             C:\Windows\System32\vds.exe
20:44:23.0166 0x19a4  vds - ok
20:44:23.0182 0x19a4  [ 46684A95E908F0A6A2355AA46A3B2A77, A25DFDA0572EF014905619DF21427518EA5C01CFB13B9927ADA305B29DBBFEFE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:44:23.0229 0x19a4  VerifierExt - ok
20:44:23.0275 0x19a4  [ DAFD20333BE73F8676063A6C4E9217FD, CB8501336C0D979DA8E92D477D150C1C734E08B9CA2F944C2F19B0B4937CB6BA ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:44:23.0338 0x19a4  vhdmp - ok
20:44:23.0369 0x19a4  [ 7F2F04A354582D3D34F5B2B4EFF07189, 98188182D328414832D06E957601A997AD2B2B0F088B089181EDE8FAB0AF733C ] vhf             C:\Windows\System32\drivers\vhf.sys
20:44:23.0385 0x19a4  vhf - ok
20:44:23.0432 0x19a4  [ 8127F00C5A0B911A5969E57AC0016B7E, BAEF152D8717147BE10767798E4E2CC018C2E21EA0FBA0BC251A23E35A1E95C5 ] Vid             C:\Windows\System32\drivers\Vid.sys
20:44:23.0463 0x19a4  Vid - ok
20:44:23.0494 0x19a4  [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender   C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
20:44:23.0525 0x19a4  VirtualRender - ok
20:44:23.0557 0x19a4  [ 946A921E9CAAD64D62C5311A0B315109, F935AE2DE1E979DB589F803CD1669AA76DBABB735EAFACD217BF6DD4A7BD0226 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:44:23.0588 0x19a4  vmbus - ok
20:44:23.0604 0x19a4  [ C29F63BB3B99B3F2030113160A741684, 43DF7A6DD305D1696D28A54E12B75AE041B075E789DB5D0C8DDF250E75585AA1 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:44:23.0619 0x19a4  VMBusHID - ok
20:44:23.0635 0x19a4  [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid           C:\Windows\System32\drivers\vmgid.sys
20:44:23.0650 0x19a4  vmgid - ok
20:44:23.0697 0x19a4  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicguestinterface C:\Windows\System32\icsvc.dll
20:44:23.0713 0x19a4  vmicguestinterface - ok
20:44:23.0729 0x19a4  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicheartbeat   C:\Windows\System32\icsvc.dll
20:44:23.0760 0x19a4  vmicheartbeat - ok
20:44:23.0775 0x19a4  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmickvpexchange C:\Windows\System32\icsvc.dll
20:44:23.0807 0x19a4  vmickvpexchange - ok
20:44:23.0822 0x19a4  [ 518D84A37E7F1A298C8888FF08B3B0DE, A8B9515704B1B17112BFC03E27251833AE9A580079963DE9B71B5202004060BD ] vmicrdv         C:\Windows\System32\icsvcext.dll
20:44:23.0854 0x19a4  vmicrdv - ok
20:44:23.0885 0x19a4  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicshutdown    C:\Windows\System32\icsvc.dll
20:44:23.0916 0x19a4  vmicshutdown - ok
20:44:23.0932 0x19a4  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmictimesync    C:\Windows\System32\icsvc.dll
20:44:23.0947 0x19a4  vmictimesync - ok
20:44:23.0963 0x19a4  [ 4AC126571E4DFAE5299F7D2F636E4B7A, 1094E4A812B799E401D57AF240EB0E68B3A2978FD2229A93491C1D69942ADF6A ] vmicvmsession   C:\Windows\System32\icsvc.dll
20:44:23.0994 0x19a4  vmicvmsession - ok
20:44:24.0025 0x19a4  [ 518D84A37E7F1A298C8888FF08B3B0DE, A8B9515704B1B17112BFC03E27251833AE9A580079963DE9B71B5202004060BD ] vmicvss         C:\Windows\System32\icsvcext.dll
20:44:24.0057 0x19a4  vmicvss - ok
20:44:24.0072 0x19a4  [ 03C916697B40262CCCE75ACD83CDFC9B, 0CE0D5A0274E3F710F35D72F925F23E1C7697E46A2CF1C08ACC1A7658BB4B898 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:44:24.0088 0x19a4  volmgr - ok
20:44:24.0119 0x19a4  [ 796F1C83861C02A97571D0EDAB490B70, 71CE8D930AE82C2B2628CBF3BB3AE1A8CF039BD702BDE912D499FCF45332F5A6 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:44:24.0166 0x19a4  volmgrx - ok
20:44:24.0182 0x19a4  [ 988A7A685BB51BAC62F4E176BE5432AC, CFEE4616C10EB0CDA65D4FCC2488B879D577E0F95B5E9AB9B61258F249ED6AC6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:44:24.0229 0x19a4  volsnap - ok
20:44:24.0260 0x19a4  [ 770E710BEA3CCC595EE3703297B40D76, C03E3367B92307993BC169583CB298265FC1C35CF5973EC352C1E08FFCFD1928 ] volume          C:\Windows\system32\drivers\volume.sys
20:44:24.0275 0x19a4  volume - ok
20:44:24.0291 0x19a4  [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci            C:\Windows\system32\drivers\vpci.sys
20:44:24.0322 0x19a4  vpci - ok
20:44:24.0322 0x19a4  [ 1A4D9FAED669BC42E5A1CD8442729AB2, E70778AF6B0C9709CB8CEF655C6DD8B5A61CC70BFD35A43304C1308EA478C550 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:44:24.0354 0x19a4  vsmraid - ok
20:44:24.0432 0x19a4  [ 2A6BB06A14D810601F8CA02A98A3E16F, 0BA31F101507CD279108F7845AA7EF38B7ADC2E595921F6A1C09954A2315409D ] VSS             C:\Windows\system32\vssvc.exe
20:44:24.0541 0x19a4  VSS - ok
20:44:24.0557 0x19a4  [ 6E0092973E35BE6A1F5ED5CBDD202036, 33DAF53C81D5BAF9337192A84DF50C108BAE9B8A858081E2208939CCFF2622F8 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:44:24.0588 0x19a4  VSTXRAID - ok
20:44:24.0619 0x19a4  [ 7BC30ADCCC9BCF2B0A29A320A395EC3B, 373C85F659F07366649697823B4A8B14313F0042A7A04E932429D049D18C7646 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
24

Part 5 y final

20:44:24.0635 0x19a4  vwifibus - ok
20:44:24.0650 0x19a4  [ E52E3DD859D4095E314E3EC78F9AD4E4, 2ABE2311C9C429308BA0D6BC490AC1C9570ECBC83D9BEDC561E438B7BB4436B2 ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
20:44:24.0682 0x19a4  vwififlt - ok
20:44:24.0744 0x19a4  [ F547820151D4E231184F1625CF6A5086, EDABA8F659EBEC01487D1A5B85ACC355EA79EE3E493E313E9DB786C1CB24CDFD ] W32Time         C:\Windows\system32\w32time.dll
20:44:24.0791 0x19a4  W32Time - ok
20:44:24.0822 0x19a4  [ 8418FEFDF1EEF9E5109000104B3C7785, D30A04C1521B85F0269ED86C1BE7BC26A7E1B16E5D098B90EB577130E12D342F ] WaaSMedicSvc    C:\Windows\System32\WaaSMedicSvc.dll
20:44:24.0854 0x19a4  WaaSMedicSvc - ok
20:44:24.0885 0x19a4  [ 1F16C8283230EF1F1C4E135D1C2C859B, E4F672C7E58490F82F859CAEEDD57D8ABCC31DE62A42A956BEE47113D365BE35 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:44:24.0900 0x19a4  WacomPen - ok
20:44:24.0916 0x19a4  [ B10C6531F8BF492147787356A7AA826D, 1AE402C387A4E8B005FF3E5B705D6F318551C0E4C19DE09DC826FC5FDF75D2EA ] WalletService   C:\Windows\system32\WalletService.dll
20:44:24.0979 0x19a4  WalletService - ok
20:44:24.0994 0x19a4  [ 438B3E55D9D700C1C0424642872C2E28, 161F9F1F666717D95AF7EC984DDDC4D7E13844617108346FFC49A4EE99AE812F ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:44:25.0025 0x19a4  wanarp - ok
20:44:25.0041 0x19a4  [ 438B3E55D9D700C1C0424642872C2E28, 161F9F1F666717D95AF7EC984DDDC4D7E13844617108346FFC49A4EE99AE812F ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:44:25.0057 0x19a4  wanarpv6 - ok
20:44:25.0104 0x19a4  [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc      C:\Windows\System32\Windows.WARP.JITService.dll
20:44:25.0119 0x19a4  WarpJITSvc - ok
20:44:25.0213 0x19a4  [ 9CA1D999F01E0F8AEDDE2CFC187B2C0B, 5AE95F3F77AAED3067CBA39C5B2CD1790B949027E837B5AF580F2A8D4714FB68 ] wbengine        C:\Windows\system32\wbengine.exe
20:44:25.0307 0x19a4  wbengine - ok
20:44:25.0354 0x19a4  [ 95A860926377DB7C749FD381363E5F3D, 8A77EA20EB4640CBF243A479DFA8DE5ED4D2B7FC05043C10C9FFD85C71FDE9C1 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:44:25.0432 0x19a4  WbioSrvc - ok
20:44:25.0463 0x19a4  [ A6356145807BB9C5CE67C4C4754DE380, 09C73BE55A555501E359E7E27ECD2CC76C2C8B7EC41950EFC3E80E85ADA6385E ] wcifs           C:\Windows\system32\drivers\wcifs.sys
20:44:25.0479 0x19a4  wcifs - ok
20:44:25.0557 0x19a4  [ 2E5A66AB07AC6199B25A895EB8FA8867, 8312EAB3A0587E355EF83BEC477B8CE0A59226585E57EAF569263F5BDB3DBBB7 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:44:25.0619 0x19a4  Wcmsvc - ok
20:44:25.0650 0x19a4  [ 04C1AC3629DB555D2F4613FD05DE3576, 312E318190CF6B1D6C0A7DD85FFCBF188CB6C9AFC88E0C8F69804476A53713F2 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:44:25.0697 0x19a4  wcncsvc - ok
20:44:25.0713 0x19a4  [ 356B1367E6F162D27E61438B528E5590, EAFB2B30184C0BB71D11A079BACB7112C006FEFF8FD9444D17DBB9511E2367A5 ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
20:44:25.0760 0x19a4  wcnfs - ok
20:44:25.0775 0x19a4  [ 5925250BDDB94B0A5FA0E7FEED36C520, 0845344F7BFAA94AF90920A5346078E6261EEA3A1A77795DDA5B70B38609348B ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:44:25.0807 0x19a4  WdBoot - ok
20:44:25.0869 0x19a4  [ 47DCD64DED164A9148F83A9E7FC0E62C, 1BE1287FAD8F8E38B8D66E718150F4D3F6183091D06222D73633566289377E2D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:44:25.0932 0x19a4  Wdf01000 - ok
20:44:25.0963 0x19a4  [ C150CD7072592B0BCBB7DACFFC6904CD, 0F4D31410401CC564A5D1FCEF5ED2898DAFB7418C1B39D746E88451CC3518ACA ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:44:25.0979 0x19a4  WdFilter - ok
20:44:26.0025 0x19a4  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:44:26.0057 0x19a4  WdiServiceHost - ok
20:44:26.0072 0x19a4  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:44:26.0104 0x19a4  WdiSystemHost - ok
20:44:26.0166 0x19a4  [ 891FFBD96763CCBEA7CDC8D098E63BD2, 72E1174041B97199E99AF54A47567E233B14BBE2C8608A214D0CBAA92135591C ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
20:44:26.0244 0x19a4  wdiwifi - ok
20:44:26.0275 0x19a4  [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\Windows\system32\drivers\WdmCompanionFilter.sys
20:44:26.0291 0x19a4  WdmCompanionFilter - ok
20:44:26.0307 0x19a4  [ C5552A3A54408AB9A0DC341E21F5EF67, 67838896B7E04EBBE2AA089F09913789A5E8C4B7E7436397135F1F68BB86F03A ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
20:44:26.0322 0x19a4  WdNisDrv - ok
20:44:26.0338 0x19a4  WdNisSvc - ok
20:44:26.0369 0x19a4  [ 4A81FA6E29A3909FC620EC8B7AE0C8FF, 89F67C978A7F58FF1E51CE6DE17FE8FAF64A52A2E96BD188E911517AF1949275 ] WebClient       C:\Windows\System32\webclnt.dll
20:44:26.0400 0x19a4  WebClient - ok
20:44:26.0447 0x19a4  [ C2F1D4628C22E298F3A3A06B6DC97588, F8CF9237AC6B5B90D9D0B71C9EEAEB3C1E1CFF3362A9C0A2DEB5B14180254155 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:44:26.0479 0x19a4  Wecsvc - ok
20:44:26.0510 0x19a4  [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
20:44:26.0525 0x19a4  WEPHOSTSVC - ok
20:44:26.0557 0x19a4  [ 0CA02EBDA174768BE1BFA3FB9090448F, A9D569B6B06B2DD4880ED62D2D9520BB10828E0EA65F1ACF9C8C4134611D1C58 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:44:26.0588 0x19a4  wercplsupport - ok
20:44:26.0604 0x19a4  [ 24FD4F8F7BBC74C74D2552E16384FFC3, 6E6B3A8A9E33CAE73F69B1D2D1543FEE9CDEEE6AC12C52765BA6304D88F06D58 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:44:26.0650 0x19a4  WerSvc - ok
20:44:26.0697 0x19a4  [ 39B758E2093B9FB42A086BF4BB1B8BEC, 473C61E7F4D734AE9C4BD2E111C6DCE595E9EF167C001CEDC35E53213F2987F6 ] WFDSConMgrSvc   C:\Windows\System32\wfdsconmgrsvc.dll
20:44:26.0744 0x19a4  WFDSConMgrSvc - ok
20:44:26.0791 0x19a4  [ 42FEB0B8FC61E3A46F74FBFDB390D830, D4539D1BB2C3FF931FC578741004962601E1311B2A485E24732093A9C3F6219F ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
20:44:26.0807 0x19a4  WFPLWFS - ok
20:44:26.0854 0x19a4  [ 7AE4D5A054C5EEF9EF9F42926B52FA47, A58CB62992AB846A31E197DF5161F50323D120DF73B7D33FE7D5F5B1AF209291 ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:44:26.0885 0x19a4  WiaRpc - ok
20:44:26.0900 0x19a4  [ 58100AE414B011D141C31B7B9910366E, 2B46EA353D4CED8AF30C01DFED474673416F51279B63EB7D6460EFB9CA145370 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:44:26.0916 0x19a4  WIMMount - ok
20:44:26.0916 0x19a4  WinDefend - ok
20:44:26.0963 0x19a4  [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
20:44:26.0994 0x19a4  WindowsTrustedRT - ok
20:44:27.0010 0x19a4  [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
20:44:27.0025 0x19a4  WindowsTrustedRTProxy - ok
20:44:27.0088 0x19a4  [ B07120967D869D4F10769457E310627B, C7EEB870BFF131493E8DD5B5AA93988E7544D802B8F6F7C8D71424000E708EA4 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:44:27.0135 0x19a4  WinHttpAutoProxySvc - ok
20:44:27.0166 0x19a4  [ 0816C30E3395E667EFFFB92B4EA66A05, F6A9E7026AA60A6627680F232AE785EA9CF55FE970708E6E49151F601CC42FEE ] WinMad          C:\Windows\System32\drivers\winmad.sys
20:44:27.0182 0x19a4  WinMad - ok
20:44:27.0307 0x19a4  [ 3FA4EB137F055D27DC16389CC839CCF9, BC04B13993C1B83D33FEA5C201F12DCF3F557E4EBFC7B85B3FB189F1F5FE10C7 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:44:27.0338 0x19a4  Winmgmt - ok
20:44:27.0369 0x19a4  [ C1D2CB775388E10E62C50C8F2A9F9E1D, 55EEB473EEC8F45713E9B7D4B459BA474F848745037EF19C037B4A08A05703EF ] WinNat          C:\Windows\system32\drivers\winnat.sys
20:44:27.0416 0x19a4  WinNat - ok
20:44:27.0510 0x19a4  [ 9B4A636BF5A154AC938B1C3617BF0C3F, 68255F3B00FDF44D2B911095A714203B1BE7B05840F66BED883317E55B06C4CA ] WinRM           C:\Windows\system32\WsmSvc.dll
20:44:27.0666 0x19a4  WinRM - ok
20:44:27.0713 0x19a4  [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
20:44:27.0729 0x19a4  WINUSB - ok
20:44:27.0744 0x19a4  [ F4C4FD42F8DD657157823DB617CC3A3D, D2A5ED039ED83010E0BB4BB1A69F9D142D42BE2C75E56CFCF3F157A735CB688E ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
20:44:27.0760 0x19a4  WinVerbs - ok
20:44:27.0822 0x19a4  [ EC37C67EA953F7F7C595DDC1CE90CF13, 67753D07AE6D98FC0CB730B912D757F1F7527A34BFDB24187F0307245D0A85B1 ] wisvc           C:\Windows\system32\flightsettings.dll
20:44:27.0885 0x19a4  wisvc - ok
20:44:27.0994 0x19a4  [ 7F9F87DB848F9F755187C963B5029ABE, 8A5656EF5B95E8E84C33D447460D37F7C7AAFBEB3154FDD717EEADBD1140D803 ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:44:28.0150 0x19a4  WlanSvc - ok
20:44:28.0244 0x19a4  [ 48AE66A72ECA846D1A0216D4CE2955E6, 1885F8AC0F95A3B891833A07193819894E3F6E00790B51C0E55AA63D57BD3FB0 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:44:28.0369 0x19a4  wlidsvc - ok
20:44:28.0447 0x19a4  [ DB67CDBAACE4F4C7BED667070322B19D, 29A862177DD0C9BAC4145503E8A669A759492EF9B928D571E0D2A18330F45ACA ] wlpasvc         C:\Windows\System32\lpasvc.dll
20:44:28.0541 0x19a4  wlpasvc - ok
20:44:28.0588 0x19a4  [ 4A737D7249405BC932D45A401EC0CEDC, 00E7ECB208E4002DB3C924B0ADC5667D5FD111306E72A5A7570AAC4051AB9EC8 ] WManSvc         C:\Windows\system32\Windows.Management.Service.dll
20:44:28.0666 0x19a4  WManSvc - ok
20:44:28.0682 0x19a4  [ E4F25E6E790747073A09F9F8C997889C, 98455DD24AE076A2413EA599F83E0894F608C335F3FF2F3624A17E8EAF3B3C42 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:44:28.0713 0x19a4  WmiAcpi - ok
20:44:28.0760 0x19a4  [ 6389D05C6AAE73AD218CDC8153647CBB, 2A05EA2653CE6EE43E02B1CC26530D3292D314BE8D31A4641DE333FA6B093CCA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:44:28.0791 0x19a4  wmiApSrv - ok
20:44:28.0822 0x19a4  WMPNetworkSvc - ok
20:44:28.0885 0x19a4  [ 68022EB06DCFD1521802D94C8901AF15, 57C8A7D84BBACF87FEAB052D25FF3AED764AC0EE249E0FCF69183803A0D7B59E ] Wof             C:\Windows\system32\drivers\Wof.sys
20:44:28.0900 0x19a4  Wof - ok
20:44:28.0994 0x19a4  [ 81F1F5F02973F44749F0C2B449C6955E, BA122C63CA361E0C372B84C9A710746C10B2B89ECB04FA66714C6DC08D4666DD ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
20:44:29.0104 0x19a4  workfolderssvc - ok
20:44:29.0182 0x19a4  [ B46C9D33621E4AE427312F6B4AC819D7, 955041A21B3ECD01D028037B62E64BC8F1C1248C165CD294F3B66F89076AC7C5 ] WpcMonSvc       C:\Windows\System32\WpcDesktopMonSvc.dll
20:44:29.0307 0x19a4  WpcMonSvc - ok
20:44:29.0338 0x19a4  [ 02876C4F9F4EEC8AC30BBCFFE3447AB6, 0744CBBD9F2B867DF456E2B0E113897B654F07E1C96FCB32D4B4B57BE6A3BE81 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:44:29.0369 0x19a4  WPDBusEnum - ok
20:44:29.0400 0x19a4  [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:44:29.0416 0x19a4  WpdUpFltr - ok
20:44:29.0447 0x19a4  [ 040F7FA155A799B9F642DE9808234CB5, 808871E4211460A9273E6F8386FF764D504FAC183D74FE98AEED3911CD8CACE6 ] WpnService      C:\Windows\system32\WpnService.dll
20:44:29.0479 0x19a4  WpnService - ok
20:44:29.0510 0x19a4  [ B9401D6EC47178619E4E21701E3567BD, 53F6CE17E02A85E41327DA2D5FD299D5BAF2BD48DDE22DE6688D3EA410C75144 ] WpnUserService  C:\Windows\System32\WpnUserService.dll
20:44:29.0525 0x19a4  WpnUserService - ok
20:44:29.0557 0x19a4  [ 2B98DFC181823C8D8AA39C4CC577DE3E, DAFF7CE8868299AF5EFA844C2E1F84B7EE7E498B1AFF16965CE41C2E75B2F4E4 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:44:29.0588 0x19a4  ws2ifsl - ok
20:44:29.0619 0x19a4  [ E2BDC4D8D6090ED797FBD39FC097576F, 2BE313764D9830C9B4072A2CF98B4895A66BD83200A350D7ED7C8764AB2316D7 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:44:29.0650 0x19a4  wscsvc - ok
20:44:29.0666 0x19a4  WSearch - ok
20:44:29.0791 0x19a4  [ 548E5FAA852134C7F380DC45C6A0A0B8, FEBFF6F35E59BD16227D2067101C352C860B3B45C4CFAB3D6C94C092C9D8B9D0 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:44:29.0979 0x19a4  wuauserv - ok
20:44:30.0010 0x19a4  [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:44:30.0041 0x19a4  WudfPf - ok
20:44:30.0072 0x19a4  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
20:44:30.0104 0x19a4  WUDFRd - ok
20:44:30.0150 0x19a4  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:30.0182 0x19a4  WUDFWpdFs - ok
20:44:30.0244 0x19a4  [ E534D45BAD11D7CCD0F84A3E5BE3A636, AFADF5674AB05059C8BF5026825EBFADC0E883B9EE97F0F3DAC675F735E9AC45 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:44:30.0354 0x19a4  WwanSvc - ok
20:44:30.0400 0x19a4  [ 5C7422C70CBD981C38D282EA264CF939, CCE1584461A6683515A766CA6061FBC53A03314328221761204E3ABBD398FCCF ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
20:44:30.0463 0x19a4  XblAuthManager - ok
20:44:30.0510 0x19a4  [ C9E2CB63271BA466EA761AA43AB075C7, 0A83D06D8DB0915E73E78CFC4ABE4A03909E5210A190A05CF6BF9FD54C3F9F9A ] XblGameSave     C:\Windows\System32\XblGameSave.dll
20:44:30.0604 0x19a4  XblGameSave - ok
20:44:30.0635 0x19a4  [ DFE835AAC709E9A53998CDB2DE3F00D2, 0468F2C7D30E768CC05F7649E12B9A3AE9D4680E59476D1286F6C0767C73E3DA ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
20:44:30.0666 0x19a4  xboxgip - ok
20:44:30.0697 0x19a4  [ 4107565488585C924FEEE766F0EB6193, 87BA1A8CB0D3053B30426045CC126A1E0EBC968C2A266B3AF057B286CB12D9B5 ] XboxGipSvc      C:\Windows\System32\XboxGipSvc.dll
20:44:30.0713 0x19a4  XboxGipSvc - ok
20:44:30.0775 0x19a4  [ E0FB1A64CE1A2151BBEA934DBCD212E4, 91704C163C7A8009DA642E39512797429DDDCC6357FEA99F0D5CED4BCA19C111 ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
20:44:30.0854 0x19a4  XboxNetApiSvc - ok
20:44:30.0885 0x19a4  [ 8D8EAA6B1418F44479ECD8D010062F1E, 9D82CA4D087739CE004D1033970A036616A1EEBA618D1033D45FEC895D08D0C6 ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
20:44:30.0900 0x19a4  xinputhid - ok
20:44:30.0900 0x19a4  ================ Scan global ===============================
20:44:30.0963 0x19a4  [ 522F9EFF8C957F906154B91A8DA698AE, FCB686BB58782506BA6A8C4F924B0872608249091C8FF9DD7129D0146ACC2BFE ] C:\Windows\system32\basesrv.dll
20:44:31.0010 0x19a4  [ 19979E1729CFA0E56EB4CCCB198DFD05, 7F2A683F28877562409D810946DDCA2F069715CDFB249602251DFA50065FFF7A ] C:\Windows\system32\winsrv.dll
20:44:31.0041 0x19a4  [ 1985068B049D1FFBB8D3F837393DF81F, B99151A18AAA83C0D6931245E6DA250346F1A61B0F8F058123E47D9BC5C12BE8 ] C:\Windows\system32\sxssrv.dll
20:44:31.0104 0x19a4  [ 448CC197BC3B10D3E36A2CD30CF32DFE, 2E18DC3466566DF55792D6AFAD818D1E28FFA2C32017770A959419736DB577EE ] C:\Windows\system32\services.exe
20:44:31.0182 0x19a4  [ Global ] - ok
20:44:31.0182 0x19a4  ================ Scan MBR ==================================
20:44:31.0197 0x19a4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:44:31.0650 0x19a4  \Device\Harddisk0\DR0 - ok
20:44:31.0650 0x19a4  [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1
20:44:31.0744 0x19a4  \Device\Harddisk1\DR1 - ok
20:44:31.0744 0x19a4  ================ Scan VBR ==================================
20:44:31.0775 0x19a4  [ BCB9B1EEF0026C2C2AC46F92E319DCA0 ] \Device\Harddisk0\DR0\Partition1
20:44:31.0775 0x19a4  \Device\Harddisk0\DR0\Partition1 - ok
20:44:31.0791 0x19a4  [ 4AEB3DBB7D8676AFB2EFD12AA212BA87 ] \Device\Harddisk0\DR0\Partition2
20:44:31.0791 0x19a4  \Device\Harddisk0\DR0\Partition2 - ok
20:44:31.0807 0x19a4  [ E311ADE92C2A16B735743214AC0DA2C2 ] \Device\Harddisk1\DR1\Partition1
20:44:31.0807 0x19a4  \Device\Harddisk1\DR1\Partition1 - ok
20:44:31.0807 0x19a4  ================ Scan active images ========================
20:44:31.0807 0x19a4  ================ Scan generic autorun ======================
20:44:31.0838 0x19a4  [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\Windows\system32\SecurityHealthSystray.exe
20:44:31.0869 0x19a4  SecurityHealth - ok
20:44:31.0963 0x19a4  [ E3A80B002CC0C5A9C89EACA762D0EB6B, 722982AD49D2A7BC705BC6AC2A3B1BA62BD182DA642A4E7F4E83774F03E25344 ] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
20:44:31.0979 0x19a4  Trend Micro Client Framework - ok
20:44:32.0150 0x19a4  [ D5E126F4D12B90E672E08A050D1822CF, 603D2A926807267A6352B06DE83A11274D3A1B449C9B8D50F16C1CF30C62B4E0 ] C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
20:44:32.0197 0x19a4  Platinum - ok
20:44:32.0447 0x19a4  OneDriveSetup - ok
20:44:32.0447 0x19a4  OneDriveSetup - ok
20:44:32.0729 0x19a4  [ BCA6299B52F3453FF17E2255F553D030, 4C22FF31F638258BF471F4F08EF88F327FBCF1A6AC2BBAFC766A9BC491996027 ] C:\Users\tor\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:44:32.0791 0x19a4  OneDrive - ok
20:44:33.0057 0x19a4  [ 86EA564C9632E24ABE2C031A46E8EADA, 89FC49FAD82577947DF4E773DBCC1A5FA2E4D88C2DBD7295EC288B55FCF79DDC ] C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe
20:44:33.0197 0x19a4  DRScanner - ok
20:44:33.0354 0x19a4  [ 6B08251F2DC6FCE5075B1596B6A00ADE, 5AC866677AE2B92C38715761B948C362D2F388EFD5E2B85616E53A59B732E0CB ] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
20:44:33.0479 0x19a4  615BCF63291C3BA0D218C430BAA39FA6C416F12F._service_run - ok
20:44:33.0619 0x19a4  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x60100 ( disabled : updated )
20:44:33.0619 0x19a4  AV detected via SS2: Trend Micro Antivirus+, C:\Program Files\Trend Micro\Titanium\TmWscSvc\wschandler.exe ( 17.0.0.1150 ), 0x41000 ( enabled : updated )
20:44:33.0697 0x19a4  Win FW state via NFP2: enabled ( trusted )
20:44:33.0697 0x19a4  ============================================================
20:44:33.0697 0x19a4  Scan finished
20:44:33.0697 0x19a4  ============================================================
20:44:33.0697 0x118c  Detected object count: 1
20:44:33.0697 0x118c  Actual detected object count: 1
20:45:16.0296 0x118c  C:\Windows\System32\drivers\BthA2dp.sys - copied to quarantine
20:45:16.0296 0x118c  BthA2dp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
26 
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2021.03.11.06
  rootkit: v2021.03.11.06

Windows 10 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.630.19041.0
tor :: DESKTOP-KLPEOIN [administrator]

11/03/2021 17:44:19
mbar-log-2021-03-11 (17-44-19).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 149400
Time elapsed: 25 minute(s), 28 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
27 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6296285184, free: 5021642752

Downloaded database version: v2021.03.11.06
Downloaded database version: v2021.03.11.06
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     03/11/2021 17:43:31
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\NDIS.SYS
\SystemRoot\System32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\hvsocket.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\vpci.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\urscx01000.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\ItSas35i.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2i.sys
\SystemRoot\System32\drivers\lsi_sas3i.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\MegaSas2i.sys
\SystemRoot\System32\drivers\megasas35i.sys
\SystemRoot\System32\drivers\megasr.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\percsas2i.sys
\SystemRoot\System32\drivers\percsas3i.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\cht4sx64.sys
\SystemRoot\System32\drivers\iaStorAVC.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stornvme.sys
\SystemRoot\System32\drivers\ADP80XX.SYS
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\SmartSAMD.sys
\SystemRoot\System32\drivers\nvdimm.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\drivers\vmstorfl.sys
\SystemRoot\system32\DRIVERS\TMEBC64.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\bttflt.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\storufs.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\scmbus.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\ramdisk.sys
\SystemRoot\System32\drivers\pmem.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\System32\drivers\ndiscap.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\drivers\e1e6032e.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\fdc.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\msquic.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\drivers\mouhid.sys
\??\C:\Windows\system32\drivers\3665F423.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2021.03.11.06
  rootkit: v2021.03.11.06

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffff908df0d2a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffff908df0b50040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff908df0d2a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffff908df0b92050, DeviceName: \Device\00000021\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A51E234C

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 168302592
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 168305672  Numsec = 320091496
    Partition is bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
Scan was aborted.
=======================================

Scan started
Database versions:
  main:    v2021.03.11.06
  rootkit: v2021.03.11.06

<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A51E234C

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 168302592
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 168305672  Numsec = 320091496
    Partition is bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
Scan was aborted.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-168305672-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6296285184, free: 5164609536

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6296285184, free: 4730818560

Downloaded database version: v2021.03.11.07
Downloaded database version: v2021.03.11.07
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     03/11/2021 19:19:19
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\NDIS.SYS
\SystemRoot\System32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\hvsocket.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\vpci.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\urscx01000.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\ItSas35i.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2i.sys
\SystemRoot\System32\drivers\lsi_sas3i.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\MegaSas2i.sys
\SystemRoot\System32\drivers\megasas35i.sys
\SystemRoot\System32\drivers\megasr.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\percsas2i.sys
\SystemRoot\System32\drivers\percsas3i.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\cht4sx64.sys
\SystemRoot\System32\drivers\iaStorAVC.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stornvme.sys
\SystemRoot\System32\drivers\ADP80XX.SYS
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\SmartSAMD.sys
\SystemRoot\System32\drivers\nvdimm.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\drivers\vmstorfl.sys
\SystemRoot\system32\DRIVERS\TMEBC64.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\bttflt.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\storufs.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\scmbus.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\ramdisk.sys
\SystemRoot\System32\drivers\pmem.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\System32\drivers\ndiscap.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\drivers\e1e6032e.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\fdc.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\msquic.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\722307C0.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2021.03.11.07
  rootkit: v2021.03.11.07

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffb90e8b51d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffb90e8b4c9040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffb90e8b51d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffb90e8b379050, DeviceName: \Device\00000021\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A51E234C

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 168302592
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 168305672  Numsec = 320091496
    Partition is bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
Scan was aborted.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-168305672-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6296285184, free: 3520303104

Downloaded database version: v2021.03.11.07
Downloaded database version: v2021.03.11.07
Downloaded database version: v2018.01.20.01
Initializing...
======================
Driver version: 4.3.0.15
------------ Kernel report ------------
     03/11/2021 19:57:15
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\mssecflt.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\system32\drivers\48434194.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\DRIVERS\TMEBC64.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\system32\DRIVERS\TMUMH.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\System32\drivers\ndiscap.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\tmeyes.sys
\SystemRoot\System32\drivers\Vid.sys
\SystemRoot\System32\drivers\winhvr.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\e1e6032e.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\fdc.sys
\SystemRoot\System32\drivers\parport.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\bindflt.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\msquic.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\tmeevw.sys
\SystemRoot\system32\DRIVERS\tmnciesc.sys
\SystemRoot\system32\DRIVERS\tmusa.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\526363C8.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2021.03.11.07
  rootkit: v2021.03.11.07

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00a4ca020a0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00a4c9398f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00a4ca020a0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe00a4c818050, DeviceName: \Device\00000021\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A51E234C

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 168302592
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 168305672  Numsec = 320091496
    Partition is bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-168305672-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6296285184, free: 3398131712

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.630.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6296285184, free: 3424157696

No address found
=======================================
28

Hola, buenas @Nina_Tusabe disculpa que haya tardado en responder. Pues estoy teniendo una temporada muy ajetreada, con bastante poco tiempo.

Se me olvido tu tema completamente.

¿Quieres que sigamos con el caso @Nina_Tusabe? Sí es así, dímelo, y seguiremos.

Salu2.