Super infección con un extraño mensaje

Va lento, el nevegador le cuesta de abrir y de abrir páginas. Voy a volver a pasar el malba

Hola

Te indiqué que realizaras un análisis personalizado con Malwarebytes y lo hiciste de amenazas, mandaste a cuarentena lo que detectó?

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. :arrow_right: Como saber si Mi Windows es de 32 o 64 Bits ?.

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/6/20
Hora del análisis: 21:52
Archivo de registro: 2f26419c-b19d-11ea-9c1c-94de803c577f.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.955
Versión del paquete de actualización: 1.0.25710
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Carmen-PC\Carmen

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 1103608
Amenazas detectadas: 10
Amenazas en cuarentena: 9
Tiempo transcurrido: 7 hr, 48 min, 1 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 10
Malware.Generic.3509283873, F:\DESCARGAS PONY\DESCARGA\DESCARGA\CAMBIAR IMAGEN\EQUIPO4.EXE, En cuarentena, 1000000, 0, 1.0.25710, 0A74B21262D1F79ED12B6C21, dds, 00770087
Malware.Generic.4018542805, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\PLUGINS SONY VEGAS\PLUGINS SONY VEGAS\SPICEMASTER PRO V. 2.5\KEYGEN.EXE, En cuarentena, 1000000, 0, 1.0.25710, 657DDD322FDCC430EF8618D5, dds, 00770087
PUP.Optional.DriverMax, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\DRIVERMAX.EXE, En cuarentena, 3539, 812463, 1.0.25710, , ame, 
Malware.Generic.4177194417, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Adware.InstallCore, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\ASF_AVI_RM_WMV_REPAIR.EXE, En cuarentena, 502, 670606, 1.0.25710, , ame, 
Malware.Generic.4177194417, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DOWNLOADS\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Malware.Generic.4177194417, G:\DOCUMENTS AND SETTINGS\CARMEN\ESCRITORIO\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Malware.Generic.3509283873, H:\DESCARGAS MIAS\DESCARGA\CAMBIAR IMAGEN\EQUIPO4.EXE, En cuarentena, 1000000, 0, 1.0.25710, 0A74B21262D1F79ED12B6C21, dds, 00770087
Malware.Generic.4177194417, C:\USERS\CARMEN\DOCUMENTS\MIO\USB\KIKE\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Adware.StartPage, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\LEAGUE OF LEGENDS\LеAGUE оF LEGENDS.LNK, Error durante la eliminación, 364, 674077, 1.0.25710, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-06-2020
Ejecutado por Carmen (administrador) sobre CARMEN-PC (Gigabyte Technology Co., Ltd. H61M-D2H-USB3) (19-06-2020 10:06:11)
Ejecutado desde C:\Users\Carmen\Downloads
Perfiles cargados: Carmen & UpdatusUser
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Carmen\AppData\Roaming\Dropbox\bin\Dropbox.exe <3>
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\Carmen\AppData\Roaming\Dropbox\bin\99.4.501\QtWebEngineProcess.exe <3>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Magnify.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-10-29] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-04-26] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91683688 2020-06-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON Stylus Photo R285 Series 64MonitorBE: C:\Windows\system32\E_ILMCKE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon2.dll [29704 2013-04-30] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\d37301f97a\Dropbox.lnk [2020-06-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1089F0E8-5701-447F-9F0E-7A6CB2823579} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000Core => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {24A22B6C-500E-4867-AF9A-59CAF3684A16} - System32\Tasks\{3263A8E7-E0CD-4D33-818D-E48B7A8058C1} => C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE [12829216 2007-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {341F4F05-70EA-44E7-8BCA-D757395112DE} - System32\Tasks\{C3B50838-C667-48B0-BBAE-0CB022082529} => C:\Program Files (x86)\ZD Soft\Screen Recorder\ScnRec.exe [1659392 2012-10-07] (ZD Soft) [Archivo no firmado]
Task: {3CEA1EEA-0A8F-47D2-AF1A-7C242E2E4083} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {3F508CE6-6841-4718-9D95-FCCC91CCC884} - System32\Tasks\Opera scheduled assistant Autoupdate 1582274861 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {40FA083A-9926-4A15-852D-B1BADE25616F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {48FAFC19-9FCF-47DD-B6B5-221E149CEA96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
Task: {5425661F-B410-4985-BC7C-F57308A43D87} - System32\Tasks\Opera GX scheduled Autoupdate 1582725757 => C:\Users\Carmen\AppData\Local\Programs\Opera GX\launcher.exe [1459224 2020-05-27] (Opera Software AS -> Opera Software)
Task: {57F64E36-8FF1-4061-8B73-8FB1E625BC2F} - System32\Tasks\{31D48B2D-0B18-4C0C-A2FC-7D19D35E67C4} => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6895736 2018-10-29] (ESET, spol. s r.o. -> ESET)
Task: {5DE3BEE4-7506-4225-AEB7-5D08642BB2F9} - System32\Tasks\Opera scheduled Autoupdate 1432404393 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {9D65F2B3-E9AD-4BB9-BA7C-F8329F40C1D8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A309D206-CD0D-4AD8-85E6-D9AAB6008282} - System32\Tasks\{76043FB6-F90C-4F9E-AA57-91FABF7AE378} => C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE [12829216 2007-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A46CC68B-9E16-441B-8D69-8E4CCFB09312} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {AAA44365-92BC-41B7-B248-EA0584A36511} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [168736 2018-07-10] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {C3216E06-E3B6-455A-90A8-B15E3B046008} - System32\Tasks\{04DBEDD2-15F6-43DB-AED1-510942B8B0C5} => C:\Program Files (x86)\ZD Soft\Screen Recorder\ScnRec.exe [1659392 2012-10-07] (ZD Soft) [Archivo no firmado]
Task: {C46FD7FA-EFF5-4BB8-9721-2090DDF8A324} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-10] (Adobe Inc. -> Adobe)
Task: {CA5EC0D6-AA6C-497C-9ADD-B3F675D28EED} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon\bin\Maxthon.exe [168736 2018-07-10] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {EC41F023-E5AF-4319-B428-8A555DBD81A5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe)
Task: {F2DA2D7F-06F7-4DEF-81CB-6C4C14C765F2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000UA => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000Core.job => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000UA.job => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 32fd9fbc-dd57-4e63-8d88-8652aa6c0d7d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 595bf951-17b6-4f76-848f-a0e78ddbfed8.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.211.3 212.166.132.96
Tcpip\..\Interfaces\{4CB0D5A1-6B4A-4F7F-90A1-359C46AB7D1A}: [DhcpNameServer] 212.166.211.3 212.166.132.96

Internet Explorer:
==================
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.save-search.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> DefaultScope {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: fgfeta3g.default-1439366737652-1572261556736
FF ProfilePath: C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736 [2020-06-19]
FF Homepage: Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736 -> hxxps://www.google.es/
FF NewTab: Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736 -> hxxps://defaultsearch.co/homepage?hp=1&pId=BC180101&iDate=2020-06-17 05:36:26&bName=&bitmask=0300
FF Extension: (SaveFrom.net helper) - C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736\Extensions\[email protected] [2020-06-09]
FF Extension: (Video DownloadHelper) - C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-06-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-04-30] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-08-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-08-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Carmen\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [Archivo no firmado]
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Carmen\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall) [Archivo no firmado]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Carmen\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-07-10] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Carmen\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2019-10-15] (Google Inc (TEST) -> Coowon.) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Carmen\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2019-10-15] (Google Inc (TEST) -> Coowon.) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Carmen\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-05-11] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.save-search.com/
CHR StartupUrls: Default -> "hxxp://google.es/"
CHR Extension: (Presentaciones) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-11]
CHR Extension: (Documentos) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-11]
CHR Extension: (Google Drive) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-11]
CHR Extension: (YouTube) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-11]
CHR Extension: (Video Downloader PLUS) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-06-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]

Opera: 
=======
OPR StartupUrls: "hxxp://google.es/"
OPR Session Restore: -> está habilitado.

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 APLI Master AutoUpdater; C:\Program Files (x86)\APLI Paper\APLI Master\ApliAutoUpdater.exe [167936 2011-10-24] (Home) [Archivo no firmado]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-10-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-10-29] (ESET, spol. s r.o. -> ESET)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104 2012-04-20] (Intel® Upgrade Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
S4 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-26] (Maxthon (Asia) Limited. -> Maxthon)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon\Bin\MxService.exe [143648 2018-07-10] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-04-30] (Nitro PDF Software -> Nitro PDF Software)
S4 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software s.r.o. -> Locktime Software)
S4 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron LTD -> Nalpeiron Ltd.) [Archivo no firmado]
S4 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] (Numedia Soft, Inc. -> )
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S4 wordpressApache; C:\Bitnami\WORDPR~1.2-0\apache2\bin\httpd.exe [20992 2014-07-19] (Apache Software Foundation) [Archivo no firmado]
S4 wordpressMySQL; C:\Bitnami\wordpress-3.9.2-0\mysql\bin\mysqld.exe [8140288 2014-05-11] () [Archivo no firmado]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S2 CamMask; C:\Windows\System32\DRIVERS\cmvcamdrv64.sys [954072 2013-12-23] (SageTech -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-10-29] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2017-02-03] (ESET, spol. s r.o. -> ESET)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65152 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [88832 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [58280 2018-07-27] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (ManyCam LLC -> Visicom Media Inc.)
S3 mcdevice; C:\Windows\System32\DRIVERS\mcdevice.sys [334400 2019-11-16] (Hefei GreenXin Technology Co. Ltd. -> ShiningMorning Inc.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software s.r.o. -> Locktime Software)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [Archivo no firmado]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-19 10:06 - 2020-06-19 10:07 - 000024251 _____ C:\Users\Carmen\Downloads\FRST.txt
2020-06-19 10:06 - 2020-06-19 10:06 - 000000000 ____D C:\FRST
2020-06-19 10:03 - 2020-06-19 10:04 - 002289152 _____ (Farbar) C:\Users\Carmen\Downloads\FRST64.exe
2020-06-18 21:42 - 2020-06-18 21:42 - 000000464 _____ C:\Users\Carmen\Desktop\cc_20200618_214202.reg
2020-06-18 21:04 - 2020-06-18 21:04 - 000001969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-18 21:03 - 2020-06-18 21:03 - 001988280 _____ (Malwarebytes) C:\Users\Carmen\Downloads\MBSetup(1).exe
2020-06-18 21:03 - 2020-06-18 21:03 - 000000000 ____D C:\Malwarebytes
2020-06-18 20:35 - 2020-06-18 20:35 - 001279483 _____ C:\Users\Carmen\Desktop\descryptor18junio.txt
2020-06-18 15:18 - 2020-06-18 15:18 - 001162528 _____ (Emsisoft Ltd.) C:\Users\Carmen\Downloads\decrypt_STOPDjvu.exe
2020-06-18 14:59 - 2020-06-18 14:59 - 000001934 _____ C:\Users\Carmen\Documents\eset18 junio.txt
2020-06-18 13:45 - 2020-06-18 13:45 - 001162528 _____ (Emsisoft Ltd.) C:\Users\Carmen\Desktop\decrypt_STOPDjvu.exe
2020-06-18 11:05 - 2020-06-18 11:05 - 014665312 _____ (ESET spol. s r.o.) C:\Users\Carmen\Desktop\esetonlinescanner.exe
2020-06-18 10:35 - 2020-06-18 10:39 - 000000000 ____D C:\ProgramData\d37301f97a
2020-06-18 10:35 - 2020-06-18 10:35 - 000000000 _____ C:\ProgramData\c51906dadd090eab302c587c52dd3ee9
2020-06-17 22:11 - 2020-06-17 22:12 - 000000000 ____D C:\AdwCleaner
2020-06-17 22:10 - 2020-06-17 22:11 - 008402608 _____ (Malwarebytes) C:\Users\Carmen\Desktop\adwcleaner_8.0.5.exe
2020-06-17 22:03 - 2020-06-17 22:03 - 000016372 _____ C:\Users\Carmen\AppData\LocalLow\Log.zip
2020-06-17 22:03 - 2020-06-17 22:03 - 000016096 _____ C:\Users\Carmen\AppData\LocalLow\chrome_autofill.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000015255 _____ C:\Users\Carmen\AppData\LocalLow\passwords.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000004781 _____ C:\Users\Carmen\AppData\LocalLow\machineinfo.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000000550 _____ C:\Users\Carmen\AppData\LocalLow\outlook.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0
2020-06-17 22:01 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y
2020-06-17 22:01 - 2020-06-17 22:01 - 000916735 _____ (SQLite Development Team) C:\Users\Carmen\AppData\LocalLow\sqlite3.dll
2020-06-17 21:56 - 2020-06-17 21:56 - 000013396 _____ C:\Users\Carmen\Desktop\cc_20200617_215647.reg
2020-06-17 21:49 - 2020-06-17 21:49 - 025859024 _____ (Piriform Software Ltd) C:\Users\Carmen\Downloads\ccsetup567.exe
2020-06-17 19:53 - 2020-06-17 19:53 - 000512512 _____ C:\Windows\system32\LBA-1-1953520066-k
2020-06-17 19:44 - 2020-06-17 20:34 - 000000004 _____ C:\ProgramData\rc.dat
2020-06-17 19:41 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\njgpq12jktc
2020-06-17 19:40 - 2020-06-17 19:57 - 000000024 _____ C:\ProgramData\irw.atsd
2020-06-17 19:40 - 2020-06-17 19:48 - 000000004 _____ C:\ProgramData\lock.dat
2020-06-17 19:40 - 2020-06-17 19:40 - 000000008 _____ C:\ProgramData\ts.dat
2020-06-17 19:39 - 2020-06-17 19:39 - 000001048 _____ C:\Users\Carmen\_readme.txt
2020-06-17 19:37 - 2020-06-17 19:37 - 000000000 ____D C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP
2020-06-17 19:36 - 2020-06-17 19:52 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Smart Clock
2020-06-17 19:36 - 2020-06-17 19:36 - 000000555 _____ C:\Users\Carmen\AppData\Local\bowsakkdestx.txt
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\SystemID
2020-06-17 19:35 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\indefendesv
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Program Files (x86)\IEJ
2020-06-17 19:18 - 2020-06-17 19:18 - 003959959 _____ C:\Users\Carmen\Downloads\manual-imagen-corporativa-grupo-esypro.pdf
2020-06-17 18:41 - 2020-06-17 18:41 - 000771785 _____ C:\Users\Carmen\Downloads\2. Manual branding END.pdf
2020-06-16 19:33 - 2020-06-16 19:33 - 004335175 _____ C:\Users\Carmen\Downloads\Vale REGALO.pdf
2020-06-16 17:50 - 2020-06-16 17:50 - 000111512 _____ C:\Users\Carmen\Downloads\UPDATED.6451569_BM Scottsdale 2020 Fact Sheet (1).pdf
2020-06-12 18:07 - 2020-06-12 18:07 - 000064303 _____ C:\Users\Carmen\Downloads\WhatsApp Image 2020-06-12 at 17.54.18.jpeg
2020-06-12 18:06 - 2020-06-12 18:06 - 056539371 _____ C:\Users\Carmen\Downloads\WhatsApp Video 2020-06-12 at 17.49.35.mp4
2020-06-10 13:53 - 2020-06-10 13:53 - 041896256 _____ (Apple Inc.) C:\Users\Carmen\Downloads\26909-682333-quicktime(1).exe
2020-06-10 13:46 - 2020-06-10 13:46 - 000660312 _____ (Sony Creative Software Inc.) C:\Users\Carmen\Downloads\qt7plug.dll
2020-06-10 13:22 - 2020-06-10 13:23 - 003933219 _____ C:\Users\Carmen\Downloads\Invitación Tony UPW Dallas 2020-1.mp4
2020-06-10 13:04 - 2020-06-10 13:04 - 041896256 _____ (Apple Inc.) C:\Users\Carmen\Downloads\26909-682333-quicktime.exe
2020-06-10 10:49 - 2020-06-10 10:49 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-09 12:16 - 2020-06-18 20:40 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-06-09 10:37 - 2020-06-09 10:38 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2020-06-09 10:37 - 2020-06-09 10:37 - 043467824 _____ (DownloadHelper ) C:\Users\Carmen\Downloads\DownloadHelper - Video download browser extension.mp4
2020-06-09 10:36 - 2020-06-09 10:36 - 043467824 _____ (DownloadHelper ) C:\Users\Carmen\Downloads\VdhCoAppSetup-1.5.0.exe
2020-06-03 13:20 - 2020-06-03 13:20 - 028076373 _____ C:\Users\Carmen\Downloads\WhatsApp Video 2020-06-03 at 13.05.14.mp4
2020-06-02 17:38 - 2020-06-02 17:38 - 000107793 _____ C:\Users\Carmen\Downloads\UPW_Dallas_Fact_Sheet_2020_v3.pdf
2020-05-27 13:30 - 2020-05-27 13:30 - 070848101 _____ C:\Users\Carmen\Downloads\REGALOS de Espai Coach .zip

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-19 09:59 - 2016-11-18 18:05 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\Mozilla
2020-06-19 09:56 - 2013-05-30 12:37 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-19 09:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-19 09:56 - 2009-07-14 06:45 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-19 09:56 - 2009-07-14 06:45 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-19 04:50 - 2015-06-20 09:49 - 000001006 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000UA.job
2020-06-18 21:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-18 21:04 - 2019-07-21 19:24 - 000001957 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-18 21:04 - 2019-07-21 19:24 - 000001957 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-18 21:04 - 2019-07-21 19:23 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-06-18 21:01 - 2013-05-30 12:37 - 000000000 ____D C:\Users\UpdatusUser
2020-06-18 17:25 - 2020-02-21 10:47 - 000004052 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582274861
2020-06-18 10:50 - 2015-06-20 09:49 - 000000954 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000Core.job
2020-06-17 21:53 - 2016-04-26 20:29 - 000000000 ____D C:\Users\Carmen\AppData\Local\CrashDumps
2020-06-17 21:49 - 2018-03-09 10:15 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-17 21:49 - 2014-01-18 23:57 - 000000831 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-17 21:49 - 2014-01-18 23:57 - 000000831 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-06-17 21:30 - 2020-05-14 17:21 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2020-06-17 20:34 - 2017-04-09 21:17 - 000000000 ____D C:\Users\DefaultAppPool
2020-06-17 19:39 - 2018-11-20 15:56 - 000000000 ____D C:\BigFishCache
2020-06-17 19:39 - 2018-03-08 23:29 - 000000000 ____D C:\FSTool
2020-06-17 19:39 - 2014-11-24 13:05 - 000000000 ____D C:\Riot Games
2020-06-17 19:39 - 2014-08-14 15:14 - 000000000 ____D C:\Bitnami
2020-06-17 19:39 - 2014-08-13 01:08 - 000000000 ____D C:\AppServ
2020-06-17 19:39 - 2014-08-12 20:00 - 000000000 ____D C:\xampp
2020-06-17 19:39 - 2014-06-26 10:51 - 000000000 ____D C:\AutoUpdater
2020-06-17 19:39 - 2014-05-15 18:03 - 000000000 ____D C:\VueScan
2020-06-17 19:39 - 2013-09-15 20:25 - 000000000 ____D C:\Game Recordings
2020-06-17 19:39 - 2013-06-02 17:45 - 000000000 ____D C:\EPSON EasyPrint31
2020-06-17 19:39 - 2013-05-30 20:59 - 000000000 ___HD C:\CanoScan
2020-06-17 19:39 - 2013-05-30 12:36 - 000000000 ____D C:\temp
2020-06-17 19:39 - 2013-05-30 12:08 - 000000000 ____D C:\Users\Carmen\AppData\Local\VirtualStore
2020-06-17 19:39 - 2013-05-30 12:08 - 000000000 ____D C:\Users\Carmen
2020-06-17 16:23 - 2016-11-22 23:12 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\discord
2020-06-17 12:02 - 2019-11-27 16:38 - 010856180 _____ C:\Users\Carmen\Downloads\UPW2020_Birmingham_Factsheet.pdf
2020-06-17 10:17 - 2018-03-11 15:56 - 000002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 10:17 - 2018-03-11 15:56 - 000002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 10:17 - 2018-03-11 15:56 - 000002190 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-17 10:05 - 2015-05-23 20:06 - 000000000 ____D C:\Program Files (x86)\Opera
2020-06-16 13:23 - 2015-05-23 20:06 - 000003856 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1432404393
2020-06-14 10:05 - 2018-06-16 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-06-11 09:55 - 2009-07-14 07:08 - 000032654 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-06-10 15:04 - 2015-06-11 11:13 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-10 15:04 - 2015-05-23 20:10 - 000004454 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-10 15:04 - 2013-05-31 10:34 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-10 15:04 - 2013-05-31 10:34 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-10 15:04 - 2013-05-31 10:34 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-10 15:04 - 2013-05-30 12:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-10 14:04 - 2018-03-14 11:04 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-10 13:56 - 2019-08-30 16:46 - 000000000 ____D C:\Users\Carmen\Documents\ferre
2020-06-10 13:06 - 2018-03-14 12:26 - 000000000 ____D C:\Program Files (x86)\QuickTime
2020-06-10 12:07 - 2019-10-03 16:05 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-10 12:07 - 2019-10-03 16:05 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-10 10:50 - 2013-05-30 22:41 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Dropbox
2020-06-09 11:06 - 2013-12-30 11:49 - 000000000 ____D C:\Users\Carmen\dwhelper
2020-06-05 11:08 - 2016-11-18 12:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-06-05 11:08 - 2013-05-31 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-03 09:59 - 2020-04-25 10:43 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-02 13:33 - 2017-02-28 16:24 - 000094161 _____ C:\Users\Carmen\Desktop\tasques 2017.xlsx
2020-06-02 13:32 - 2013-08-09 14:14 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Nitro PDF
2020-06-01 13:07 - 2013-09-08 23:13 - 000000000 ____D C:\Users\Carmen\Documents\mio
2020-05-29 10:42 - 2020-02-26 16:02 - 000004082 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1582725757
2020-05-21 17:50 - 2013-06-26 11:47 - 000000132 _____ C:\Users\Carmen\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2020-05-20 10:21 - 2020-05-19 13:26 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp

==================== Archivos en la raíz de algunos directorios ========

2020-06-17 19:40 - 2020-06-17 19:48 - 000000004 _____ () C:\ProgramData\lock.dat
2020-06-17 19:44 - 2020-06-17 20:34 - 000000004 _____ () C:\ProgramData\rc.dat
2020-06-17 19:40 - 2020-06-17 19:40 - 000000008 _____ () C:\ProgramData\ts.dat
2015-06-23 14:33 - 2015-06-23 14:33 - 000597624 _____ () C:\Users\Carmen\AppData\Roaming\gameboxsetup.exe
2016-01-12 19:51 - 2016-01-12 19:51 - 000007859 _____ () C:\Users\Carmen\AppData\Roaming\pcouffin.cat
2016-01-12 19:51 - 2016-01-12 19:51 - 000001167 _____ () C:\Users\Carmen\AppData\Roaming\pcouffin.inf
2016-01-12 19:51 - 2016-01-12 19:51 - 000000055 _____ () C:\Users\Carmen\AppData\Roaming\pcouffin.log
2016-01-12 19:51 - 2016-01-12 19:51 - 000082816 _____ (VSO Software) C:\Users\Carmen\AppData\Roaming\pcouffin.sys
2013-11-25 16:39 - 2013-11-25 16:39 - 000000132 _____ () C:\Users\Carmen\AppData\Roaming\Prefs. de formato AIFF de Adobe CS6
2015-12-18 14:52 - 2019-02-18 17:50 - 000000132 _____ () C:\Users\Carmen\AppData\Roaming\Prefs. de formato GIF de Adobe CS6
2013-06-26 11:47 - 2020-05-21 17:50 - 000000132 _____ () C:\Users\Carmen\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2014-01-18 16:59 - 2019-02-18 18:30 - 000001456 _____ () C:\Users\Carmen\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-06-17 19:36 - 2020-06-17 19:36 - 000000555 _____ () C:\Users\Carmen\AppData\Local\bowsakkdestx.txt
2014-03-31 19:06 - 2020-04-03 17:04 - 000012800 _____ () C:\Users\Carmen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 21:01 - 2014-05-15 21:01 - 000004096 ____H () C:\Users\Carmen\AppData\Local\keyfile3.drm
2018-09-29 09:26 - 2019-11-05 11:34 - 000001025 _____ () C:\Users\Carmen\AppData\Local\oobelibMkey.log
2017-09-21 15:40 - 2017-09-21 15:40 - 000007597 _____ () C:\Users\Carmen\AppData\Local\Resmon.ResmonCfg
2018-03-08 18:43 - 2018-03-08 18:43 - 000000003 _____ () C:\Users\Carmen\AppData\Local\wbem.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-06-18 17:56
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por Carmen (19-06-2020 10:07:16)
Ejecutado desde C:\Users\Carmen\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-05-30 10:08:41)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-811658154-4134238313-3946999917-500 - Administrator - Disabled)
Carmen (S-1-5-21-811658154-4134238313-3946999917-1000 - Administrator - Enabled) => C:\Users\Carmen
HomeGroupUser$ (S-1-5-21-811658154-4134238313-3946999917-1003 - Limited - Enabled)
Invitado (S-1-5-21-811658154-4134238313-3946999917-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-811658154-4134238313-3946999917-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: ESET Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{A5B6B786-2D6F-4B75-940F-42B32D01D146}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{669EB263-0AFE-4FCB-A068-DB082CA6273C}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{042190ED-F17C-4A8D-95D8-87A37B4095BD}) (Version:  - ) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{D3064ADE-5D4C-4AA4-8F71-C63D87D4A263}) (Version:  - ) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0C0A-1000-0000000FF1CE}_ENTERPRISE_{35B14BD6-6042-4A55-B326-58309DC8C72A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{35B14BD6-6042-4A55-B326-58309DC8C72A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version:  - Microsoft) Hidden
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.0.2175 - Open Media LLC)
µTorrent (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.9 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Amazon Kindle (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
APLI Master (HKLM-x32\...\{4767CC38-E667-4447-B60C-4C0721C1E091}) (Version: 6.4.11 - APLI Paper S.A.) Hidden
APLI Master (HKLM-x32\...\InstallShield_{4767CC38-E667-4447-B60C-4C0721C1E091}) (Version: 6.4.11 - APLI Paper S.A.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft PhotoBase 3 (HKLM-x32\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version:  - )
ArcSoft PhotoStudio 5 (HKLM-x32\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
BCC 8 OFX 64Bit (HKLM\...\{24D38864-527F-4688-B831-A1A4CC60CD54}) (Version: 8.0.1 - Boris FX, Inc.)
Bitnami WordPress Stack (HKLM-x32\...\Bitnami WordPress Stack 3.9.2-0) (Version: 3.9.2-0 - Bitnami)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 4.94 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{3318B54A-B5A8-49B1-8016-753DC6CAC63B}) (Version: 1.0.110 - Citrix)
Compact First 2nd Edition content (HKLM-x32\...\Compact First 2nd Edition content) (Version: 1.0.0.0 - Cambridge University Press)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Coowon (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Coowon) (Version: 1.6.8.0 - Coowon)
Digital Element Aurora Demo (HKLM-x32\...\{8A071001-2D1C-445A-ACFE-365D540C719B}) (Version:  - )
Discord (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
Dropbox (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
EPSON Attach To Email (HKLM-x32\...\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FotoPrix FotoLibro v4 (HKLM-x32\...\{2FEC2258-5F07-400B-82AE-232510ED187D}) (Version: 6.10.0049 - FotoPrix, S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Earth Pro (HKLM\...\{B6EAFE41-5723-40EB-869B-4AF44CA17B35}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GoToMeeting 5.4.0.1082 (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Mega Codec Pack 9.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
League of Legends (HKLM-x32\...\{C3342033-211F-40DD-A03D-0E775B8DEA98}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MemoriesOnTV 4 Full (HKLM-x32\...\MemoriesOnTV 4 Full) (Version:  - )
MemoriesOnTV 4.1.2 (HKLM-x32\...\MemoriesOnTV4_is1) (Version:  - )
MemoriesOnTV ClipShow Volume 1 (HKLM-x32\...\MemoriesOnTV3-CS1_is1) (Version:  - )
MemoriesOnTV ClipShow Volume 2 (HKLM-x32\...\MemoriesOnTV-CS2_is1) (Version:  - )
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft MPEG-4 VKI Video Codec V1/V2/V3 (HKLM-x32\...\MS-MPEG4) (Version:  - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version:  - )
Mozilla Firefox 77.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 77.0.1 (x64 es-ES)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.3.4000 - Maxthon International Limited)
Neat Video v2.6 Pro plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version:  - Neat Video team, ABSoft)
Nero 8.3.2.1 (HKLM-x32\...\Nero8WinuE_is1) (Version: 8.3.2.1 - Bj @ WinuE)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software) Hidden
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version:  - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version:  - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version:  - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version:  - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version:  - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version:  - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version:  - )
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Sampler Pack for Windows (HKLM-x32\...\NewBlue Sampler Pack for Windows) (Version: 1.4 - NewBlue)
NewBlue Stabilizer for Windows (HKLM-x32\...\NewBlue Stabilizer for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version:  - )
NewBlue Video Essentials II  for Windows (HKLM-x32\...\NewBlue Video Essentials II  for Windows) (Version:  - )
NewBlue Video Essentials III  for Windows (HKLM-x32\...\NewBlue Video Essentials III  for Windows) (Version:  - )
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 1.4 - NewBlue)
Nitro Pro 8 (HKLM\...\{CF85054A-065D-4A60-9789-71CAB54A04AB}) (Version: 8.5.3.14 - Nitro)
NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX)
NVIDIA Controlador de 3D Vision 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Opera GX Stable 68.0.3618.142 (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Opera GX 68.0.3618.142) (Version: 68.0.3618.142 - Opera Software)
Opera Stable 68.0.3618.165 (HKLM-x32\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Panel de control de NVIDIA 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.23 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Resize 7.5 (HKLM-x32\...\{EFBAD7A9-39AB-4C34-8745-0DEBA5BDC793}) (Version: 7.5 - onOne Software)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
PokerStars.es (HKLM-x32\...\PokerStars.es) (Version:  - PokerStars.es)
proDAD Heroglyph 4.0 (64bit) (HKLM\...\proDAD-Heroglyph-4.0) (Version: 4.0.215.1 - proDAD GmbH)
proDAD Heroglyph 4.0 (HKLM-x32\...\proDAD-Heroglyph-4.0) (Version: 4.0.187.1 - proDAD GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 8.1.8-1.0.3112.146 - raidcall.com.ru)
Raton Automatico (HKLM-x32\...\{3DAB198C-CAB0-4DD4-90A5-97CF77386B10}) (Version: 2.0.0 - Nanduky)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Skype versión 8.61 (HKLM-x32\...\Skype_is1) (Version: 8.61 - Skype Technologies S.A.)
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Update for Outlook 2007 Junk Email Filter (kb947945) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E397056B-7AE5-4FF1-8B13-276BF8201847}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vegas Pro 11.0 (64-bit) (HKLM\...\{7ECB8630-029B-11E2-8624-F04DA23A5C58}) (Version: 11.0.701 - Sony)
Vivaldi (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Vivaldi) (Version: 1.10.867.42 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VSO Video Converter 1 (HKLM-x32\...\{{5289246A-D537-4823-88C2-38C17840E45A}_is1) (Version: 1.2.0.10 - VSO Software)
VueScan (HKLM\...\VueScan) (Version:  - )
VueScan (HKLM-x32\...\VueScan) (Version:  - )
Windows Live Messenger (HKLM-x32\...\{1692CC0E-8798-493A-9580-23555E21C14B}) (Version: 8.1.0178.00 - Microsoft Corporation)
Wondershare Filmora9(Build 9.1.2) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - XviD Development Team)
ZD Soft Screen Recorder (HKLM-x32\...\{A5577679-F710-4250-BAEE-B64FF88FEBC2}) (Version: 5.0.0 - ZD Soft)
Zoom (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1082\G2MOutlookAddin64.dll (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2212224 2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2013-04-30] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [Archivo no firmado]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-08-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [Archivo no firmado]
ContextMenuHandlers1_S-1-5-21-811658154-4134238313-3946999917-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-811658154-4134238313-3946999917-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-811658154-4134238313-3946999917-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607688 2011-02-26] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2006-11-01] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-02-06] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-02] (x264vfw project) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-12-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.MP43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2013-05-30 12:53 - 2006-12-11 02:14 - 000043008 _____ () [Archivo no firmado] C:\Program Files (x86)\WinRAR\rarext64.dll
2013-06-02 17:32 - 2013-06-02 17:32 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:34 - 2020-06-17 19:41 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.166.211.3 - 212.166.132.96
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: APLI Master AutoUpdater => 2
MSCONFIG\Services: EPSON_PM_RPCV4_01 => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MaxthonUpdateSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: NMSAccess64 => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: wordpressApache => 2
MSCONFIG\Services: wordpressMySQL => 2
MSCONFIG\startupfolder: C:^Users^Carmen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Discord => C:\Users\Carmen\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EPSON Stylus Photo R285 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKE.EXE /FU "C:\Users\Carmen\AppData\Local\Temp\E_S4062.tmp" /EF "HKCU"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Carmen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: jjs => C:\Users\Carmen\AppData\Roaming\Java\3.5\jjs.exe
MSCONFIG\startupreg: Publisher => C:\Users\Carmen\AppData\Local\Temp\{852fe6dd5b974a2687ca0ba3ed14d906}\kCtTSN4Fun\publisher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall.RU\raidcall.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{DBAE61DD-71E5-4A23-9F4E-4E34927E0397}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{0DE6513F-ADA5-4855-9BFE-8F947ADEAC57}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{C0898FCA-42DC-4472-8FC7-AB0FDDD2E187}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E0338966-8EF8-4CAB-B3E7-9EBE42AEEFFD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2F662E28-2A56-4D73-863D-39842C1F26C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{108FC21D-087D-4028-B643-CE9386613CBE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A47513EB-5D23-47B4-AF14-A016A36194CA}] => (Allow) C:\Program Files (x86)\Opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AFF4B70A-B9FB-4FC9-924F-0BF9AFC774D4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A7BC2B8-5FDE-45E8-9CD4-A71E6C65EE41}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F7E5BD7-5CC3-4B77-B9A2-CC25EFBAC32F}] => (Allow) C:\Program Files (x86)\Opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C1187B92-047B-453A-BFA2-D56133E535FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

18-06-2020 18:02:59 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/19/2020 09:56:59 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (06/19/2020 09:56:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005

Error: (06/18/2020 09:44:31 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (06/18/2020 09:44:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005

Error: (06/18/2020 09:32:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (06/18/2020 09:32:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005

Error: (06/18/2020 09:23:32 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (06/18/2020 09:23:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005


Errores del sistema:
=============
Error: (06/19/2020 09:57:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio CamMask Virtual Webcam no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

Error: (06/19/2020 09:56:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\pfc.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (06/18/2020 09:48:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {ABC01078-F197-4B0B-ADBC-CFE684B39C82} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/18/2020 09:44:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio CamMask Virtual Webcam no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

Error: (06/18/2020 09:44:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\pfc.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (06/18/2020 09:32:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio CamMask Virtual Webcam no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

Error: (06/18/2020 09:32:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\pfc.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (06/18/2020 09:31:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio debido a un error en el inicio de sesión.


CodeIntegrity:
===================================

Date: 2017-03-07 16:47:39.038
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 16:47:38.928
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 16:47:38.835
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 16:47:38.741
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 16:47:38.663
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 16:47:38.538
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 14:26:32.879
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-03-07 14:24:52.762
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Información de la memoria =========================== 

BIOS: Award Software International, Inc. F7 07/13/2012
Placa base: Gigabyte Technology Co., Ltd. H61M-D2H-USB3
Procesador: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Porcentaje de memoria en uso: 55%
RAM física total: 8175.24 MB
RAM física disponible: 3645.33 MB
Virtual total: 16348.65 MB
Virtual disponible: 11384.48 MB

==================== Unidades ================================

Drive c: (Windows 7) (Fixed) (Total:244.24 GB) (Free:45.24 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
Drive d: (Datos) (Fixed) (Total:687.27 GB) (Free:659.74 GB) NTFS
Drive f: (DATOS 2) (Fixed) (Total:298.09 GB) (Free:75.74 GB) NTFS
Drive g: (Sistema Operativo vIEJO) (Fixed) (Total:195.32 GB) (Free:44.22 GB) NTFS
Drive h: (datos E) (Fixed) (Total:270.44 GB) (Free:49.15 GB) NTFS


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9465A43D)
Partition 1: (Active) - (Size=244.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=687.3 GB) - (Type=0F Extended)

==========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 8F658F65)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 18CC18CB)
Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.4 GB) - (Type=0F Extended)

==================== Final de Addition.txt =======================

Hola

No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muévelo allí si no fallará el paso siguiente.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación :warning: con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.save-search.com/
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> DefaultScope {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
CHR HomePage: Default -> hxxp://www.save-search.com/
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
2020-06-18 10:35 - 2020-06-18 10:39 - 000000000 ____D C:\ProgramData\d37301f97a
2020-06-18 10:35 - 2020-06-18 10:35 - 000000000 _____ C:\ProgramData\c51906dadd090eab302c587c52dd3ee9
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0
2020-06-17 22:01 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y
2020-06-17 19:41 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\njgpq12jktc
2020-06-17 19:37 - 2020-06-17 19:37 - 000000000 ____D C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453
2020-06-17 19:35 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\indefendesv
2018-09-29 09:26 - 2019-11-05 11:34 - 000001025 _____ () C:\Users\Carmen\AppData\Local\oobelibMkey.log

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX/Corregir y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola Daniela, te dejo reporte

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por Carmen (20-06-2020 10:29:12) Run:1
Ejecutado desde C:\Users\Carmen\Desktop
Perfiles cargados: Carmen & UpdatusUser
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.save-search.com/
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> DefaultScope {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
CHR HomePage: Default -> hxxp://www.save-search.com/
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCI�N
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCI�N (Rootkit!/Servicio bloqueado)
2020-06-18 10:35 - 2020-06-18 10:39 - 000000000 ____D C:\ProgramData\d37301f97a
2020-06-18 10:35 - 2020-06-18 10:35 - 000000000 _____ C:\ProgramData\c51906dadd090eab302c587c52dd3ee9
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0
2020-06-17 22:01 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y
2020-06-17 19:41 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\njgpq12jktc
2020-06-17 19:37 - 2020-06-17 19:37 - 000000000 ____D C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453
2020-06-17 19:35 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\indefendesv
2018-09-29 09:26 - 2019-11-05 11:34 - 000001025 _____ () C:\Users\Carmen\AppData\Local\oobelibMkey.log

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} => eliminado correctamente
"Chrome HomePage" => eliminado correctamente
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCI�N => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCI�N (Rootkit!/Servicio bloqueado) => Error: Ninguna corrección automática encontrada para esta entrada.
C:\ProgramData\d37301f97a => movido correctamente
C:\ProgramData\c51906dadd090eab302c587c52dd3ee9 => movido correctamente
C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r => movido correctamente
C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0 => movido correctamente
C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y => movido correctamente
C:\Users\Carmen\AppData\Roaming\njgpq12jktc => movido correctamente
C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP => movido correctamente
C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453 => movido correctamente
C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn => movido correctamente
C:\Users\Carmen\AppData\Roaming\indefendesv => movido correctamente
C:\Users\Carmen\AppData\Local\oobelibMkey.log => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::3110:d295:f5c3:75ae%10
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.3
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.home:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17760645 B
Java, Flash, Steam htmlcache => 1129 B
Windows/system/drivers => 8338610 B
Edge => 0 B
Chrome => 62074412 B
Firefox => 387531241 B
Opera => 171864 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Carmen => 4499905 B
UpdatusUser => 4499905 B
DefaultAppPool => 4499905 B

RecycleBin => 51923 B
EmptyTemp: => 474.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 10:30:42 ====

Los navegadores parece que vuelven a funcionar bien. Se supone que ya he eliminado el ransomware y cualquier resto de infección? Vaya por delante toda mi gratitud hacia ti y tu gran apoyo.

Hola

No hay de qué, lo hago con mucho gusto :wink:

Vamos a realizar algún análisis más, por si queda algún resto.

Realizas lo siguiente:

Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

  • Este no da reporte cuando te encuentres al finalizar, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

Comenta como sigue el problema.

Un saludo

Eset sale limpio ahi te pego imagenes del kaspesky

20/06/2020 16:22:08
Archivos analizados: 1146324
Archivos detectados: 0
Archivos desinfectados: 0
Tiempo total de análisis: 04:54:09
Estado del análisis: Finalizado

Hola

Vamos a realizar unos análisis más.

Realiza los siguientes pasos:

1.- Descarga Malwarebytes Anti-Rootkit (Beta) y descomprimes el contenido en tu escritorio.

  • Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe
  • En la ventana que saldrá pulsas en "Next".
  • Pulsar en "Update", y cuando termine en "Next"
  • Ahora inicias el análisis pulsando en el botón "Scan"
  • Al terminar, si existe infección pulsamos en "CleanUp" y si no hay infección pulsamos en ""Exit"

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

2.- Analiza con TDSSKiller siguiendo el manual

Pega los reportes y comenta como sigue el problema.

Un saludo

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2020.06.20.11
  rootkit: v2020.06.20.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18893
Carmen :: CARMEN-PC [administrator]

20/06/2020 23:58:29
mbar-log-2020-06-20 (23-58-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 282806
Time elapsed: 25 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18893

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 3.292000 GHz
Memory total: 8572362752, free: 5520605184

Downloaded database version: v2020.06.20.11
Downloaded database version: v2020.06.20.11
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     06/20/2020 23:58:19
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\Drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
\??\C:\Program Files\ESET\ESET NOD32 Antivirus\Modules\em000k_64\1012\em000k_64.dll
\??\C:\Program Files\ESET\ESET NOD32 Antivirus\Modules\em006_64\1197\em006_64.dll
\??\C:\Program Files\ESET\ESET NOD32 Antivirus\Modules\em018k_64\1544\em018k_64.dll
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\??\C:\Program Files\NetLimiter 3\nltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\epfwwfp.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\System32\Drivers\EtronXHCI.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\nlndis.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\EtronHub3.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\75468149.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msctf.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\psapi.dll
\Windows\System32\ole32.dll
\Windows\System32\user32.dll
\Windows\System32\imm32.dll
\Windows\System32\usp10.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\gdi32.dll
\Windows\System32\normaliz.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shell32.dll
\Windows\System32\lpk.dll
\Windows\System32\difxapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\wininet.dll
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\nsi.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\userenv.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2020.06.20.11
  rootkit: v2020.06.20.11

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007b35060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80079788f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b35060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80074e2580, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007876060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9465A43D

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 512216397
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 512216460  Numsec = 1441303605
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007b36060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007b35b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b36060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007888520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007883680, DeviceName: \Device\Ide\IdeDeviceP2T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 8F658F65

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 625137282
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8007b37060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007b36990, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b37060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007887520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800788a060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 18CC18CB

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 409609242
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409609305  Numsec = 567158760
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-512216460-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-1-409609305-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
01:11:00.0095 0x0438  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
01:11:26.0211 0x0438  ============================================================
01:11:26.0211 0x0438  Current date / time: 2020/06/21 01:11:26.0211
01:11:26.0211 0x0438  SystemInfo:
01:11:26.0211 0x0438  
01:11:26.0211 0x0438  OS Version: 6.1.7601 ServicePack: 1.0
01:11:26.0211 0x0438  Product type: Workstation
01:11:26.0211 0x0438  ComputerName: CARMEN-PC
01:11:26.0211 0x0438  UserName: Carmen
01:11:26.0211 0x0438  Windows directory: C:\Windows
01:11:26.0211 0x0438  System windows directory: C:\Windows
01:11:26.0211 0x0438  Running under WOW64
01:11:26.0211 0x0438  Processor architecture: Intel x64
01:11:26.0211 0x0438  Number of processors: 4
01:11:26.0211 0x0438  Page size: 0x1000
01:11:26.0211 0x0438  Boot type: Normal boot
01:11:26.0212 0x0438  CodeIntegrityOptions = 0x00000001
01:11:26.0212 0x0438  ============================================================
01:11:28.0216 0x0438  KLMD registered as C:\Windows\system32\drivers\90481654.sys
01:11:28.0216 0x0438  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.24000, osProperties = 0x1
01:11:28.0421 0x0438  System UUID: {63209CEF-3593-4A82-2025-FFE0481B6248}
01:11:28.0570 0x0438  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:11:33.0715 0x0438  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:11:37.0306 0x0438  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:11:37.0313 0x0438  ============================================================
01:11:37.0313 0x0438  \Device\Harddisk0\DR0:
01:11:37.0376 0x0438  MBR partitions:
01:11:37.0376 0x0438  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E87CD4D
01:11:37.0391 0x0438  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E87CDCB, BlocksNum 0x55E88BF6
01:11:37.0391 0x0438  \Device\Harddisk1\DR1:
01:11:37.0405 0x0438  MBR partitions:
01:11:37.0405 0x0438  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
01:11:37.0405 0x0438  \Device\Harddisk2\DR2:
01:11:37.0490 0x0438  MBR partitions:
01:11:37.0490 0x0438  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x186A241A
01:11:37.0504 0x0438  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x186A2498, BlocksNum 0x21CE27A9
01:11:37.0504 0x0438  ============================================================
01:11:37.0522 0x0438  C: <-> \Device\Harddisk0\DR0\Partition1
01:11:37.0542 0x0438  D: <-> \Device\Harddisk0\DR0\Partition2
01:11:37.0622 0x0438  F: <-> \Device\Harddisk1\DR1\Partition1
01:11:37.0640 0x0438  G: <-> \Device\Harddisk2\DR2\Partition1
01:11:37.0658 0x0438  H: <-> \Device\Harddisk2\DR2\Partition2
01:11:37.0658 0x0438  ============================================================
01:11:37.0658 0x0438  Initialize success
01:11:37.0658 0x0438  ============================================================
01:12:38.0076 0x1420  ============================================================
01:12:38.0076 0x1420  Scan started
01:12:38.0076 0x1420  Mode: Manual; 
01:12:38.0076 0x1420  ============================================================
01:12:38.0076 0x1420  KSN ping started
01:12:50.0197 0x1420  KSN ping finished: true
01:12:51.0447 0x1420  ================ Scan BIOS =================================
01:12:51.0448 0x1420  BIOS info: vendor = Award Software International, Inc., version = F7, releaseDate = 07/13/2012
01:12:51.0448 0x1420  Base board info: manufacturer = Gigabyte Technology Co., Ltd., product = H61M-D2H-USB3, version =  
01:12:54.0700 0x1420  [ 9AB9C01347958878E8400AB36AE2ECE4, 3FED3BCEAB96EB19AF56D3303208E66E135A772068815E4C36E2135BFBB6CA4A ] BIOS
01:12:54.0700 0x1420  BIOS - ok
01:12:54.0700 0x1420  ================ Scan system memory ========================
01:12:54.0702 0x1420  System memory - ok
01:12:54.0703 0x1420  ================ Scan services =============================
01:12:54.0768 0x1420  [ 98E06CAC2C508118450095E581202230, 8FC6C08487F2A481A28F1E5E500B61A21B7A0D44B342F9F887017D6FAE4F87F4 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:12:54.0773 0x1420  !SASCORE - ok
01:12:54.0904 0x1420  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
01:12:54.0910 0x1420  1394ohci - ok
01:12:54.0929 0x1420  16758783 - ok
01:12:54.0963 0x1420  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
01:12:54.0965 0x1420  61883 - ok
01:12:55.0017 0x1420  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:12:55.0027 0x1420  ACPI - ok
01:12:55.0061 0x1420  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:12:55.0062 0x1420  AcpiPmi - ok
01:12:55.0148 0x1420  [ 60509DB7EFFAE80FFAD803261FA2B1DC, 2E969C34709DF4940368B0AB44A76A5CAEF69E0F507DCC4E6711B31588072ED3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:12:55.0157 0x1420  AdobeFlashPlayerUpdateSvc - ok
01:12:55.0299 0x1420  [ 3E80DA011ADFD0CD723DFFCC13D4BE4F, DC851922F5E20090DC2A6D8F20F165D3962D592B54B90222C0CE87E93A5967F3 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
01:12:55.0311 0x1420  AdobeUpdateService - ok
01:12:55.0338 0x1420  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
01:12:55.0348 0x1420  adp94xx - ok
01:12:55.0370 0x1420  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
01:12:55.0376 0x1420  adpahci - ok
01:12:55.0390 0x1420  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
01:12:55.0394 0x1420  adpu320 - ok
01:12:55.0425 0x1420  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:12:55.0427 0x1420  AeLookupSvc - ok
01:12:55.0492 0x1420  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
01:12:55.0509 0x1420  AFD - ok
01:12:55.0630 0x1420  [ 6D437AC9A9FDE34DFAA7B36CD5F967A4, AF4187EC538AFF65770DC24194BB855F42AD6834E0E6308E40DF9A3F0E1ACB25 ] AGMService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
01:12:55.0676 0x1420  AGMService - ok
01:12:55.0701 0x1420  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
01:12:55.0703 0x1420  agp440 - ok
01:12:55.0826 0x1420  [ 2D32202F5B7D5E6A0945B17283962F9E, 9D4EBF6C7D6D03B0D797F3E4BDE83E4A8B25093F9F07256F5D19909E953C77A5 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
01:12:55.0895 0x1420  AGSService - ok
01:12:55.0923 0x1420  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
01:12:55.0925 0x1420  ALG - ok
01:12:55.0957 0x1420  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:12:55.0958 0x1420  aliide - ok
01:12:55.0969 0x1420  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:12:55.0970 0x1420  amdide - ok
01:12:55.0983 0x1420  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
01:12:55.0985 0x1420  AmdK8 - ok
01:12:55.0994 0x1420  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
01:12:55.0997 0x1420  AmdPPM - ok
01:12:56.0037 0x1420  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:12:56.0041 0x1420  amdsata - ok
01:12:56.0061 0x1420  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
01:12:56.0067 0x1420  amdsbs - ok
01:12:56.0083 0x1420  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:12:56.0084 0x1420  amdxata - ok
01:12:56.0141 0x1420  APLI Master AutoUpdater - ok
01:12:56.0200 0x1420  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
01:12:56.0203 0x1420  AppHostSvc - ok
01:12:56.0230 0x1420  [ C879C8AD47FB5CA30D81FDF35DAC1CC2, A289F43979631C52B2012B5AD09B37D9F13D61D2CC43FD556A254A4ADB9BE960 ] AppID           C:\Windows\system32\drivers\appid.sys
01:12:56.0232 0x1420  AppID - ok
01:12:56.0267 0x1420  [ BDB0D304B0B849B88D91011F149D57E9, 027EBE1042C436909728E7DFBD756E0BCBD799D2F50E44E03DD010C874B8EF91 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:12:56.0269 0x1420  AppIDSvc - ok
01:12:56.0299 0x1420  [ DF34D0E61A40DCF29A3A88BEFFE4BDBE, 70B813F6CB8B584B2A11F0C8937F6A5B1A833A1B5BF51BB360E8E2F7904EBD3B ] Appinfo         C:\Windows\System32\appinfo.dll
01:12:56.0302 0x1420  Appinfo - ok
01:12:56.0328 0x1420  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
01:12:56.0335 0x1420  AppMgmt - ok
01:12:56.0346 0x1420  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
01:12:56.0349 0x1420  arc - ok
01:12:56.0362 0x1420  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
01:12:56.0364 0x1420  arcsas - ok
01:12:56.0447 0x1420  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:12:56.0449 0x1420  aspnet_state - ok
01:12:56.0466 0x1420  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:12:56.0467 0x1420  AsyncMac - ok
01:12:56.0484 0x1420  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:12:56.0485 0x1420  atapi - ok
01:12:56.0538 0x1420  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:12:56.0562 0x1420  AudioEndpointBuilder - ok
01:12:56.0578 0x1420  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:12:56.0589 0x1420  AudioSrv - ok
01:12:56.0624 0x1420  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
01:12:56.0626 0x1420  Avc - ok
01:12:56.0652 0x1420  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:12:56.0657 0x1420  AxInstSV - ok
01:12:56.0683 0x1420  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
01:12:56.0698 0x1420  b06bdrv - ok
01:12:56.0715 0x1420  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:12:56.0720 0x1420  b57nd60a - ok
01:12:56.0740 0x1420  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:12:56.0742 0x1420  BDESVC - ok
01:12:56.0772 0x1420  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:12:56.0773 0x1420  Beep - ok
01:12:56.0828 0x1420  [ E3ED6C06462FDDE33100F7E45E8F5213, 71AA528F8912106FDAD83175A7529CF94B5B19093D2C63C25FAC198587286F87 ] BFE             C:\Windows\System32\bfe.dll
01:12:56.0851 0x1420  BFE - ok
01:12:56.0920 0x1420  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
01:12:56.0963 0x1420  BITS - ok
01:12:56.0989 0x1420  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:12:56.0991 0x1420  blbdrive - ok
01:12:57.0028 0x1420  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:12:57.0030 0x1420  bowser - ok
01:12:57.0038 0x1420  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:12:57.0040 0x1420  BrFiltLo - ok
01:12:57.0047 0x1420  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:12:57.0048 0x1420  BrFiltUp - ok
01:12:57.0082 0x1420  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
01:12:57.0086 0x1420  Browser - ok
01:12:57.0110 0x1420  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:12:57.0119 0x1420  Brserid - ok
01:12:57.0127 0x1420  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:12:57.0129 0x1420  BrSerWdm - ok
01:12:57.0138 0x1420  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:12:57.0139 0x1420  BrUsbMdm - ok
01:12:57.0153 0x1420  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:12:57.0154 0x1420  BrUsbSer - ok
01:12:57.0169 0x1420  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
01:12:57.0171 0x1420  BTHMODEM - ok
01:12:57.0188 0x1420  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
01:12:57.0190 0x1420  bthserv - ok
01:12:57.0246 0x1420  [ 79B48605F009BEBB2D4A397BA167A199, DF7DE5F6A7192EBAB7AB75D91B165824EEE9F11479DC42E8CC9D2E19D6184FA5 ] CamMask         C:\Windows\system32\DRIVERS\cmvcamdrv64.sys
01:12:57.0271 0x1420  CamMask - ok
01:12:57.0306 0x1420  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:12:57.0308 0x1420  cdfs - ok
01:12:57.0335 0x1420  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
01:12:57.0338 0x1420  cdrom - ok
01:12:57.0374 0x1420  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:12:57.0407 0x1420  CertPropSvc - ok
01:12:57.0448 0x1420  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
01:12:57.0506 0x1420  circlass - ok
01:12:57.0573 0x1420  [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS            C:\Windows\system32\CLFS.sys
01:12:57.0584 0x1420  CLFS - ok
01:12:57.0642 0x1420  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:12:57.0645 0x1420  clr_optimization_v2.0.50727_32 - ok
01:12:57.0683 0x1420  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:12:57.0686 0x1420  clr_optimization_v2.0.50727_64 - ok
01:12:57.0770 0x1420  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:12:57.0774 0x1420  clr_optimization_v4.0.30319_32 - ok
01:12:57.0787 0x1420  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:12:57.0792 0x1420  clr_optimization_v4.0.30319_64 - ok
01:12:57.0808 0x1420  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
01:12:57.0810 0x1420  CmBatt - ok
01:12:57.0820 0x1420  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:12:57.0821 0x1420  cmdide - ok
01:12:57.0868 0x1420  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
01:12:57.0882 0x1420  CNG - ok
01:12:57.0916 0x1420  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
01:12:57.0917 0x1420  Compbatt - ok
01:12:57.0944 0x1420  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
01:12:57.0946 0x1420  CompositeBus - ok
01:12:57.0950 0x1420  COMSysApp - ok
01:12:57.0961 0x1420  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
01:12:57.0962 0x1420  crcdisk - ok
01:12:57.0980 0x1420  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:12:57.0986 0x1420  CryptSvc - ok
01:12:58.0034 0x1420  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
01:12:58.0052 0x1420  CSC - ok
01:12:58.0101 0x1420  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
01:12:58.0125 0x1420  CscService - ok
01:12:58.0168 0x1420  [ BA6C9EE518A11DA4AD061B223EBED3D3, 0FDDEF3FFB375712567212BD7D31DA91AB97F8CE0D468C5FC6D4918CDF204B5A ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:12:58.0176 0x1420  DcomLaunch - ok
01:12:58.0212 0x1420  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
01:12:58.0222 0x1420  defragsvc - ok
01:12:58.0251 0x1420  [ 7D2D2284833760A82308CF09F7618E8B, A78F9369D4614D305D2F8E3CD2C697107781DD83A695022A192B2D8E1E21A05D ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:12:58.0254 0x1420  DfsC - ok
01:12:58.0294 0x1420  [ 58425D987F155F44C0BD4D0DB230327E, 9F4F5711325118D4C165F7BAC96D8248A387E14363662F735E7B9331FC222C30 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
01:12:58.0298 0x1420  dg_ssudbus - ok
01:12:58.0336 0x1420  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:12:58.0346 0x1420  Dhcp - ok
01:12:58.0381 0x1420  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:12:58.0382 0x1420  discache - ok
01:12:58.0414 0x1420  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
01:12:58.0416 0x1420  Disk - ok
01:12:58.0452 0x1420  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:12:58.0458 0x1420  Dnscache - ok
01:12:58.0490 0x1420  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:12:58.0498 0x1420  dot3svc - ok
01:12:58.0531 0x1420  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
01:12:58.0535 0x1420  DPS - ok
01:12:58.0569 0x1420  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:12:58.0570 0x1420  drmkaud - ok
01:12:58.0629 0x1420  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:12:58.0659 0x1420  DXGKrnl - ok
01:12:58.0712 0x1420  [ 41AE1D550365D449F2D8B4DD4D4049FF, 864B49CB0F622B113D39F3DBF2F93912748E8B06EC651FCB14D8182622CB5F28 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
01:12:58.0715 0x1420  eamonm - ok
01:12:58.0737 0x1420  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
01:12:58.0741 0x1420  EapHost - ok
01:12:58.0825 0x1420  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
01:12:58.0889 0x1420  ebdrv - ok
01:12:58.0904 0x1420  [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] EFS             C:\Windows\System32\lsass.exe
01:12:58.0904 0x1420  EFS - ok
01:12:58.0952 0x1420  [ 6F5E4C5F655945E19CC2934164C36DFC, 3E9EA59DA5031478EAB0173C80BB23222A205BFA62FAEAA13B837D4ABF5EE7F5 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
01:12:58.0958 0x1420  ehdrv - ok
01:12:58.0999 0x1420  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:12:59.0033 0x1420  ehRecvr - ok
01:12:59.0055 0x1420  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
01:12:59.0059 0x1420  ehSched - ok
01:12:59.0234 0x1420  [ 584E1867D88CCFC72D7D248E50AB6A11, FE52B5A4493DD7E8B8AEB36C8FD9BBF4340EEDED68DE3BAEDF0122137FCFC82D ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
01:12:59.0271 0x1420  ekrn - ok
01:12:59.0329 0x1420  [ 584E1867D88CCFC72D7D248E50AB6A11, FE52B5A4493DD7E8B8AEB36C8FD9BBF4340EEDED68DE3BAEDF0122137FCFC82D ] ekrnEpfw        C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
01:12:59.0358 0x1420  ekrnEpfw - ok
01:12:59.0382 0x1420  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
01:12:59.0392 0x1420  elxstor - ok
01:12:59.0417 0x1420  [ C0EF0049604461DC48726AF6B180EDA8, 962561702D6BA4FBD888E4D1BBD857F4E385A90BB6F40AFDAD7FA0FB215F51CC ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
01:12:59.0419 0x1420  epfwwfp - ok
01:12:59.0505 0x1420  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
01:12:59.0510 0x1420  EPSON_PM_RPCV4_01 - ok
01:12:59.0521 0x1420  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:12:59.0522 0x1420  ErrDev - ok
01:12:59.0574 0x1420  [ F037314138494EE6BD7DDC4C19C63012, C78477093374BA57DDDDC8F25E67397126AF03700513D24128BDA5C8EA8CFF1A ] ESETCleanersDriver C:\Windows\system32\Drivers\ESETCleanersDriver.sys
01:12:59.0579 0x1420  ESETCleanersDriver - ok
01:12:59.0617 0x1420  [ 3DBC10CBC436288801FAEE66DE91AE47, CE50732C43AEB8ACF977DF7CF609C88CB022E596EBE0C0AA9DDBC4D6BB25B804 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
01:12:59.0619 0x1420  EtronHub3 - ok
01:12:59.0657 0x1420  [ DE261095A2220D400D9603E1E42D4185, F5C4493EDCE92EC46BC7940764F719131FE27AE695201EDF143D678881CD239D ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
01:12:59.0660 0x1420  EtronXHCI - ok
01:12:59.0709 0x1420  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
01:12:59.0726 0x1420  EventSystem - ok
01:12:59.0759 0x1420  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:12:59.0766 0x1420  exfat - ok
01:12:59.0811 0x1420  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:12:59.0818 0x1420  fastfat - ok
01:12:59.0872 0x1420  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
01:12:59.0889 0x1420  Fax - ok
01:12:59.0925 0x1420  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
01:12:59.0927 0x1420  fdc - ok
01:12:59.0931 0x1420  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
01:12:59.0932 0x1420  fdPHost - ok
01:12:59.0948 0x1420  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:12:59.0950 0x1420  FDResPub - ok
01:12:59.0967 0x1420  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:12:59.0970 0x1420  FileInfo - ok
01:12:59.0985 0x1420  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:12:59.0987 0x1420  Filetrace - ok
01:13:00.0052 0x1420  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:13:00.0074 0x1420  FLEXnet Licensing Service - ok
01:13:00.0088 0x1420  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
01:13:00.0089 0x1420  flpydisk - ok
01:13:00.0118 0x1420  [ DC591A7A196E99EFB5A48D708CB989FD, 1C34C0A4AEEE977D290EF5E79C3B13B1F1F18E051F49815013D360F62458D82A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:13:00.0124 0x1420  FltMgr - ok
01:13:00.0168 0x1420  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\Windows\system32\FntCache.dll
01:13:00.0194 0x1420  FontCache - ok
01:13:00.0224 0x1420  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:13:00.0225 0x1420  FontCache3.0.0.0 - ok
01:13:00.0239 0x1420  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:13:00.0240 0x1420  FsDepends - ok
01:13:00.0271 0x1420  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:13:00.0272 0x1420  Fs_Rec - ok
01:13:00.0308 0x1420  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:13:00.0315 0x1420  fvevol - ok
01:13:00.0330 0x1420  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
01:13:00.0333 0x1420  gagp30kx - ok
01:13:00.0459 0x1420  [ 21CA0B28765208BE1276E5E525681DB9, 4B578555A3D6448928612CD0E8FA6524B5EDC8013E192B6C74CAC74312D790D8 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\elevation_service.exe
01:13:00.0485 0x1420  GoogleChromeElevationService - ok
01:13:00.0534 0x1420  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
01:13:00.0556 0x1420  gpsvc - ok
01:13:00.0571 0x1420  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:13:00.0572 0x1420  hcw85cir - ok
01:13:00.0600 0x1420  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:13:00.0607 0x1420  HdAudAddService - ok
01:13:00.0618 0x1420  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
01:13:00.0621 0x1420  HDAudBus - ok
01:13:00.0634 0x1420  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
01:13:00.0635 0x1420  HidBatt - ok
01:13:00.0644 0x1420  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
01:13:00.0646 0x1420  HidBth - ok
01:13:00.0658 0x1420  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
01:13:00.0659 0x1420  HidIr - ok
01:13:00.0677 0x1420  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
01:13:00.0678 0x1420  hidserv - ok
01:13:00.0695 0x1420  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:13:00.0696 0x1420  HidUsb - ok
01:13:00.0721 0x1420  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:13:00.0723 0x1420  hkmsvc - ok
01:13:00.0738 0x1420  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:13:00.0746 0x1420  HomeGroupListener - ok
01:13:00.0765 0x1420  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:13:00.0772 0x1420  HomeGroupProvider - ok
01:13:00.0782 0x1420  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:13:00.0786 0x1420  HpSAMD - ok
01:13:00.0857 0x1420  [ 93C367EA831FB39DEE3BA96539A187FB, 8B912152CA8B89B4429278F93163481BAA07E2D940EE61CE1B7AD178AB13E105 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:13:00.0880 0x1420  HTTP - ok
01:13:00.0911 0x1420  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:13:00.0911 0x1420  hwpolicy - ok
01:13:00.0946 0x1420  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
01:13:00.0949 0x1420  i8042prt - ok
01:13:00.0977 0x1420  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:13:00.0987 0x1420  iaStorV - ok
01:13:01.0043 0x1420  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:13:01.0062 0x1420  idsvc - ok
01:13:01.0076 0x1420  IEEtwCollectorService - ok
01:13:01.0092 0x1420  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
01:13:01.0093 0x1420  iirsp - ok
01:13:01.0136 0x1420  [ 25AF7D5C819F19D7C97F4A9607F2609A, 70142B97F1087E20758AFECF5A7AB2EC1FDBBF68019A3BEC6C49F168650FEFC8 ] IKEEXT          C:\Windows\System32\ikeext.dll
01:13:01.0161 0x1420  IKEEXT - ok
01:13:01.0274 0x1420  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:13:01.0353 0x1420  IntcAzAudAddService - ok
01:13:01.0411 0x1420  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:13:01.0437 0x1420  Intel(R) Capability Licensing Service Interface - ok
01:13:01.0460 0x1420  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:13:01.0461 0x1420  intelide - ok
01:13:01.0472 0x1420  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:13:01.0474 0x1420  intelppm - ok
01:13:01.0488 0x1420  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:13:01.0491 0x1420  IPBusEnum - ok
01:13:01.0503 0x1420  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:13:01.0505 0x1420  IpFilterDriver - ok
01:13:01.0531 0x1420  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:13:01.0544 0x1420  iphlpsvc - ok
01:13:01.0562 0x1420  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:13:01.0565 0x1420  IPMIDRV - ok
01:13:01.0583 0x1420  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:13:01.0586 0x1420  IPNAT - ok
01:13:01.0594 0x1420  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:13:01.0595 0x1420  IRENUM - ok
01:13:01.0603 0x1420  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:13:01.0604 0x1420  isapnp - ok
01:13:01.0626 0x1420  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:13:01.0633 0x1420  iScsiPrt - ok
01:13:01.0663 0x1420  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
01:13:01.0668 0x1420  jhi_service - ok
01:13:01.0708 0x1420  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:13:01.0710 0x1420  kbdclass - ok
01:13:01.0714 0x1420  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:13:01.0715 0x1420  kbdhid - ok
01:13:01.0728 0x1420  [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] KeyIso          C:\Windows\system32\lsass.exe
01:13:01.0730 0x1420  KeyIso - ok
01:13:01.0772 0x1420  [ 4DFBEF9BDA2D720F9AADC2FB698C9FEF, B13916215B83A2ECCDCC3548D31FD8F0365B8D8D537FAC2DC0C7850BAEEB05AC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:13:01.0774 0x1420  KSecDD - ok
01:13:01.0803 0x1420  [ 678D90A262C1FD81B1AE40163255EFAB, E41767DBC5327EFF70242D87A0A4069845746738F047D633A894E5C1C9DE8141 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:13:01.0807 0x1420  KSecPkg - ok
01:13:01.0832 0x1420  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:13:01.0833 0x1420  ksthunk - ok
01:13:01.0855 0x1420  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:13:01.0866 0x1420  KtmRm - ok
01:13:01.0898 0x1420  [ A43A9920D2409BB9DA747D2FD20A2E61, 6D48897F3B9F0D04FC0C09017A34F1614C708476829F275682963F162BCBE8A0 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
01:13:01.0902 0x1420  L1C - ok
01:13:01.0950 0x1420  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
01:13:01.0959 0x1420  LanmanServer - ok
01:13:01.0984 0x1420  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:13:01.0990 0x1420  LanmanWorkstation - ok
01:13:02.0025 0x1420  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:13:02.0028 0x1420  lltdio - ok
01:13:02.0046 0x1420  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:13:02.0056 0x1420  lltdsvc - ok
01:13:02.0080 0x1420  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:13:02.0082 0x1420  lmhosts - ok
01:13:02.0119 0x1420  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:13:02.0126 0x1420  LMS - ok
01:13:02.0153 0x1420  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
01:13:02.0156 0x1420  LSI_FC - ok
01:13:02.0163 0x1420  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
01:13:02.0165 0x1420  LSI_SAS - ok
01:13:02.0179 0x1420  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:13:02.0181 0x1420  LSI_SAS2 - ok
01:13:02.0195 0x1420  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:13:02.0197 0x1420  LSI_SCSI - ok
01:13:02.0236 0x1420  [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:13:02.0239 0x1420  luafv - ok
01:13:02.0282 0x1420  [ BD3DE3C80821AB493DEA62DD97A71BCA, 11ADDB78B3D1F3DCB78E9F1A51AB5F7ED710E76DF8D5A461F8C27E1D9865E25C ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
01:13:02.0284 0x1420  ManyCam - ok
01:13:02.0411 0x1420  [ 9A5728733FC3B2BD46A82D39CC49B24E, 1E12D4E539FE2885B8652A2C846FE2DF8C1B049FA54467A830AF70E860E65644 ] MaxthonUpdateSvc C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
01:13:02.0492 0x1420  MaxthonUpdateSvc - ok
01:13:02.0716 0x1420  [ D22F94683E57BD98D4110E44DB9BA433, 75BFB3EE2591EA2A62343644F1A197BDDFE462A15418CD1F8CB4A6D754070D26 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
01:13:02.0802 0x1420  MBAMService - ok
01:13:02.0858 0x1420  [ A1CB214CAD55EFE911245FD79AD01CD3, 0A05F9FF66B0829769075F6EBC1668003913F2A08A78322E70464BDA95F7EDC9 ] MBAMSwissArmy   C:\Windows\system32\Drivers\mbamswissarmy.sys
01:13:02.0866 0x1420  MBAMSwissArmy - ok
01:13:02.0903 0x1420  [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
01:13:02.0905 0x1420  mcaudrv_simple - ok
01:13:02.0942 0x1420  [ 3CD0D8FC5FE6F7AE85AC8B818F9029B4, 532A384881A27A687BE856F3CE76ABA939AB2D5DD48D9A07CF5326216859EF8E ] mcdevice        C:\Windows\system32\DRIVERS\mcdevice.sys
01:13:02.0953 0x1420  mcdevice - ok
01:13:02.0988 0x1420  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:13:02.0992 0x1420  Mcx2Svc - ok
01:13:03.0000 0x1420  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
01:13:03.0002 0x1420  megasas - ok
01:13:03.0023 0x1420  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
01:13:03.0032 0x1420  MegaSR - ok
01:13:03.0063 0x1420  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
01:13:03.0065 0x1420  MEIx64 - ok
01:13:03.0133 0x1420  [ 033B947AF4A997820E86FCB070B1F450, 2F54F9D1E8374187B2F206E7CF22A907C735C71F38445A94BDC84E83081D3A88 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
01:13:03.0136 0x1420  Microsoft Office Groove Audit Service - ok
01:13:03.0155 0x1420  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
01:13:03.0158 0x1420  MMCSS - ok
01:13:03.0171 0x1420  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
01:13:03.0173 0x1420  Modem - ok
01:13:03.0196 0x1420  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:13:03.0198 0x1420  monitor - ok
01:13:03.0235 0x1420  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:13:03.0237 0x1420  mouclass - ok
01:13:03.0250 0x1420  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:13:03.0252 0x1420  mouhid - ok
01:13:03.0284 0x1420  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:13:03.0287 0x1420  mountmgr - ok
01:13:03.0340 0x1420  [ 04111D68D0FD2C594FD1FC731E191271, E8ACE49C09A6150384115E9910854DB1D15824DCC6A80C4E3BC0C97B6F2293E1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:13:03.0346 0x1420  MozillaMaintenance - ok
01:13:03.0366 0x1420  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:13:03.0371 0x1420  mpio - ok
01:13:03.0383 0x1420  [ 6D9BB8B53394B62540A3971FCE2BE8DB, C1942B2F3C6A4282FE39FCE5DCF46FA446D4F086F2F9ABDED9A4163A83A253B8 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:13:03.0386 0x1420  mpsdrv - ok
01:13:03.0444 0x1420  [ 92B4079384B8BE97AEE3CA8B43E0AAEB, 0AB87851F91274DDB19E21052E1D66FF76BA031D39A716EB4242BC5C0AC4ADB7 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:13:03.0487 0x1420  MpsSvc - ok
01:13:03.0516 0x1420  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:13:03.0520 0x1420  MRxDAV - ok
01:13:03.0563 0x1420  [ EEC4E22876AFC905C9EDBFEB829B8022, 91159A2BDF19CB2EA25AA0AF8271D823F5C66C90632E074954672E972BBF6B95 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:13:03.0569 0x1420  mrxsmb - ok
01:13:03.0590 0x1420  [ 386EFD770CA3B2D36049C17A7A1239BA, F86F964C27766BAB1761C4C9DFF631ECC1DFB140BE9668797D95A006B13CFF07 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:13:03.0599 0x1420  mrxsmb10 - ok
01:13:03.0645 0x1420  [ A052D084A01D65993DABE3CFE2D8D1BE, 703B027F11BBD7804874655B412B71443E2BB13CBFDA05A44B2D171BFCF62F70 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:13:03.0649 0x1420  mrxsmb20 - ok
01:13:03.0681 0x1420  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:13:03.0683 0x1420  msahci - ok
01:13:03.0715 0x1420  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:13:03.0719 0x1420  msdsm - ok
01:13:03.0737 0x1420  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
01:13:03.0741 0x1420  MSDTC - ok
01:13:03.0780 0x1420  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
01:13:03.0783 0x1420  MSDV - ok
01:13:03.0788 0x1420  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:13:03.0789 0x1420  Msfs - ok
01:13:03.0804 0x1420  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:13:03.0805 0x1420  mshidkmdf - ok
01:13:03.0828 0x1420  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:13:03.0829 0x1420  msisadrv - ok
01:13:03.0849 0x1420  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:13:03.0855 0x1420  MSiSCSI - ok
01:13:03.0858 0x1420  msiserver - ok
01:13:03.0877 0x1420  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:13:03.0878 0x1420  MSKSSRV - ok
01:13:03.0890 0x1420  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:13:03.0891 0x1420  MSPCLOCK - ok
01:13:03.0902 0x1420  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:13:03.0903 0x1420  MSPQM - ok
01:13:03.0948 0x1420  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:13:03.0960 0x1420  MsRPC - ok
01:13:04.0000 0x1420  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
01:13:04.0001 0x1420  mssmbios - ok
01:13:04.0013 0x1420  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:13:04.0014 0x1420  MSTEE - ok
01:13:04.0028 0x1420  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
01:13:04.0029 0x1420  MTConfig - ok
01:13:04.0046 0x1420  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
01:13:04.0048 0x1420  Mup - ok
01:13:04.0135 0x1420  [ 1BE159EE1C21EB0CFE23DFBDAEC8D18F, 8E3B7830F9648210676B6C0BE6827811220C0A253C625B288DD9507097E4F62A ] MxService       C:\Program Files (x86)\Maxthon\Bin\MxService.exe
01:13:04.0140 0x1420  MxService - ok
01:13:04.0186 0x1420  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
01:13:04.0203 0x1420  napagent - ok
01:13:04.0246 0x1420  [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:13:04.0256 0x1420  NativeWifiP - ok
01:13:04.0298 0x1420  [ 261F27367EB6EA6478B940811F0A6F03, C5924B8B00E93DA9B8B1DBAA05A4D53BB1720C2FFA9B3EDA63CB20A64F59808B ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:13:04.0324 0x1420  NDIS - ok
01:13:04.0338 0x1420  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:13:04.0339 0x1420  NdisCap - ok
01:13:04.0362 0x1420  [ 3F217F77899654833B650ED6A1372BE4, BB351A685D8F05E8066716F7346D28F950FB263D6C4F6957D908EA602FFF0681 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:13:04.0364 0x1420  NdisTapi - ok
01:13:04.0396 0x1420  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:13:04.0399 0x1420  Ndisuio - ok
01:13:04.0430 0x1420  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:13:04.0436 0x1420  NdisWan - ok
01:13:04.0464 0x1420  [ E46AF308E96F7730F59B0F250A884CD6, F5D00B950AAE1F38E295385C934FDC6C24608E65A8357317AE889947A2FE2BDC ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:13:04.0467 0x1420  NDProxy - ok
01:13:04.0500 0x1420  [ 2E19EB10185992AB08BC3688AACA4CE2, D9E3A5CFE8887B7F66239000116723FAA119107870A6FB65FD6F108CE5C9D9EB ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:13:04.0502 0x1420  NetBIOS - ok
01:13:04.0553 0x1420  [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:13:04.0562 0x1420  NetBT - ok
01:13:04.0567 0x1420  [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] Netlogon        C:\Windows\system32\lsass.exe
01:13:04.0568 0x1420  Netlogon - ok
01:13:04.0597 0x1420  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:13:04.0606 0x1420  Netman - ok
01:13:04.0631 0x1420  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0635 0x1420  NetMsmqActivator - ok
01:13:04.0640 0x1420  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0642 0x1420  NetPipeActivator - ok
01:13:04.0666 0x1420  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:13:04.0674 0x1420  netprofm - ok
01:13:04.0689 0x1420  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0691 0x1420  NetTcpActivator - ok
01:13:04.0695 0x1420  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0697 0x1420  NetTcpPortSharing - ok
01:13:04.0719 0x1420  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
01:13:04.0720 0x1420  nfrd960 - ok
01:13:04.0804 0x1420  [ 56DAF68C65E739B148FD3A71994FB994, 8D73BF14F06B6BE7C5C2CE077A3EF776DB5503E4B3C462BDDE5A0DBC81334F40 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
01:13:04.0811 0x1420  NitroDriverReadSpool8 - ok
01:13:04.0832 0x1420  [ 93DEDBE8E24F31962755E6AA4AC2D7B0, 368B3F48F230514F496CE24339EC8943A87A6BB9815912AE192B73837AB3E3B7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:13:04.0841 0x1420  NlaSvc - ok
01:13:04.0869 0x1420  [ 05AB59A94A5D6B2508C551169E7AC197, 279FF9781C110DAD3BE8DB8865F93889222C4990C54A7F5A8A1F24E902BFB487 ] NLNdisMP        C:\Windows\system32\DRIVERS\nlndis.sys
01:13:04.0870 0x1420  NLNdisMP - ok
01:13:04.0874 0x1420  [ 05AB59A94A5D6B2508C551169E7AC197, 279FF9781C110DAD3BE8DB8865F93889222C4990C54A7F5A8A1F24E902BFB487 ] NLNdisPT        C:\Windows\system32\DRIVERS\nlndis.sys
01:13:04.0875 0x1420  NLNdisPT - ok
01:13:04.0957 0x1420  [ ED816753DF45E807314A6ECB88B93204, 7C653CED064121E0EE0703324883A1F23F2E0C42DAE3A6CAE9D033C76497F8BF ] nlsvc           C:\Program Files\NetLimiter 3\nlsvc.exe
01:13:04.0993 0x1420  nlsvc - ok
01:13:05.0068 0x1420  [ B1EF4686961986DFFB7FE8F18E6FCB5B, 562F144DAA8C2D6E4D55C7ABEF1DB52FC67F1A09E03CD700E27DFC3A4920E271 ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
01:13:05.0070 0x1420  nlsX86cc - ok
01:13:05.0094 0x1420  [ 84765ACB534DC025A757970B69099E0E, 43851A938770F04C158758327ACC3790E6F1DC04EF6BB7C7EFCAFA2474408241 ] nltdi           C:\Program Files\NetLimiter 3\nltdi.sys
01:13:05.0097 0x1420  nltdi - ok
01:13:05.0135 0x1420  [ 8ACF8E802087880B
01:13:05.0135 0x1420  [ 8ACF8E802087880B821EC985FEACCD72, B9803FBA1D907A75B0F3E7CE7C28671BC765F18F1C4353C6726F2E2D669B00EC ] NMSAccess64     C:\Windows\SysWOW64\NMSAccess64.exe
01:13:05.0139 0x1420  NMSAccess64 - ok
01:13:05.0155 0x1420  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:13:05.0156 0x1420  Npfs - ok
01:13:05.0185 0x1420  [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi             C:\Windows\system32\nsisvc.dll
01:13:05.0187 0x1420  nsi - ok
01:13:05.0223 0x1420  [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:13:05.0225 0x1420  nsiproxy - ok
01:13:05.0295 0x1420  [ A97B92D11270695B15C3663BCCB737D3, 3C5AF4C85A3121359C9E8BB66CC10ECDA48766C765E1D83D107D5DF21BE24756 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:13:05.0332 0x1420  Ntfs - ok
01:13:05.0346 0x1420  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:13:05.0346 0x1420  Null - ok
01:13:05.0369 0x1420  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
01:13:05.0373 0x1420  NVHDA - ok
01:13:05.0658 0x1420  [ BF7A24A71E1932200D864BC1CE15E596, 59736CE4AC16BADCDDA935F2F7CEC93F6C245C359D699F841260AA817DC65442 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:13:05.0919 0x1420  nvlddmkm - ok
01:13:05.0956 0x1420  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:13:05.0959 0x1420  nvraid - ok
01:13:05.0969 0x1420  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:13:05.0972 0x1420  nvstor - ok
01:13:06.0023 0x1420  [ 43F91595049DE14C4B61D1E76436164F, AADBB9C4C47F9CC6A89CD4729C26E5DE3CCF649BCFC540B9D6F4A3DEFB92DA0B ] nvsvc           C:\Windows\system32\nvvsvc.exe
01:13:06.0043 0x1420  nvsvc - ok
01:13:06.0111 0x1420  [ 322B69422836F97B76F4AA59B47507BA, 9BE48FB784B574466340069DCA86E3BDE5E8357A8079406ABDA9C2CE5AD76111 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:13:06.0137 0x1420  nvUpdatusService - ok
01:13:06.0164 0x1420  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:13:06.0167 0x1420  nv_agp - ok
01:13:06.0248 0x1420  [ E54AA592A65F317390EEE386A8821692, 7997F8C07802F6C49F06620B35C4C382ADD5419EA8BE02CD7AF0F2EF42A93E53 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:13:06.0257 0x1420  odserv - ok
01:13:06.0288 0x1420  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:13:06.0290 0x1420  ohci1394 - ok
01:13:06.0326 0x1420  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:13:06.0329 0x1420  ose - ok
01:13:06.0366 0x1420  [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:13:06.0375 0x1420  p2pimsvc - ok
01:13:06.0413 0x1420  [ 79DB2B358BF0B152F15D1C5A525233BD, 374D9E8D7FBBC3EB14BDC651378120FCB075A36404F1E76A3F291F89CD5C3362 ] p2psvc          C:\Windows\system32\p2psvc.dll
01:13:06.0424 0x1420  p2psvc - ok
01:13:06.0441 0x1420  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
01:13:06.0443 0x1420  Parport - ok
01:13:06.0473 0x1420  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:13:06.0476 0x1420  partmgr - ok
01:13:06.0513 0x1420  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:13:06.0520 0x1420  PcaSvc - ok
01:13:06.0541 0x1420  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
01:13:06.0546 0x1420  pci - ok
01:13:06.0552 0x1420  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:13:06.0553 0x1420  pciide - ok
01:13:06.0572 0x1420  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
01:13:06.0578 0x1420  pcmcia - ok
01:13:06.0591 0x1420  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:13:06.0593 0x1420  pcw - ok
01:13:06.0646 0x1420  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:13:06.0672 0x1420  PEAUTH - ok
01:13:06.0748 0x1420  [ C59E17D5E30972ECA28A72004795AEA7, 24CE4698F578BB6BE51101BA083C5E4A6A1AA449439C125BA3E5793E54260525 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
01:13:06.0779 0x1420  PeerDistSvc - ok
01:13:06.0799 0x1420  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:13:06.0800 0x1420  PerfHost - ok
01:13:06.0805 0x1420  pfc - ok
01:13:06.0859 0x1420  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\Windows\system32\pla.dll
01:13:06.0902 0x1420  pla - ok
01:13:06.0949 0x1420  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:13:06.0966 0x1420  PlugPlay - ok
01:13:06.0985 0x1420  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:13:06.0986 0x1420  PNRPAutoReg - ok
01:13:07.0010 0x1420  [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:13:07.0019 0x1420  PNRPsvc - ok
01:13:07.0057 0x1420  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:13:07.0067 0x1420  PolicyAgent - ok
01:13:07.0087 0x1420  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
01:13:07.0091 0x1420  Power - ok
01:13:07.0129 0x1420  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:13:07.0133 0x1420  PptpMiniport - ok
01:13:07.0145 0x1420  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
01:13:07.0148 0x1420  Processor - ok
01:13:07.0179 0x1420  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:13:07.0185 0x1420  ProfSvc - ok
01:13:07.0194 0x1420  [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:13:07.0196 0x1420  ProtectedStorage - ok
01:13:07.0226 0x1420  [ 4CE827A5433451551E99C2C1D20E4A43, B2E0806BB5C32A9126584941EE92526BFD45BB9EE18D7E598A2FFE7AAB495930 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:13:07.0229 0x1420  Psched - ok
01:13:07.0278 0x1420  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
01:13:07.0320 0x1420  ql2300 - ok
01:13:07.0328 0x1420  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
01:13:07.0330 0x1420  ql40xx - ok
01:13:07.0351 0x1420  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
01:13:07.0356 0x1420  QWAVE - ok
01:13:07.0365 0x1420  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:13:07.0367 0x1420  QWAVEdrv - ok
01:13:07.0380 0x1420  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:13:07.0381 0x1420  RasAcd - ok
01:13:07.0395 0x1420  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:13:07.0396 0x1420  RasAgileVpn - ok
01:13:07.0410 0x1420  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
01:13:07.0413 0x1420  RasAuto - ok
01:13:07.0452 0x1420  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:13:07.0457 0x1420  Rasl2tp - ok
01:13:07.0495 0x1420  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
01:13:07.0507 0x1420  RasMan - ok
01:13:07.0520 0x1420  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:13:07.0522 0x1420  RasPppoe - ok
01:13:07.0535 0x1420  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:13:07.0537 0x1420  RasSstp - ok
01:13:07.0552 0x1420  [ FB45727105E27756B3252572A138FA19, B11A375C7377C2DD02175921F5A3BBD23191207DE76DB220ACF72BD5CF74E09A ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:13:07.0557 0x1420  rdbss - ok
01:13:07.0565 0x1420  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
01:13:07.0566 0x1420  rdpbus - ok
01:13:07.0572 0x1420  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:13:07.0572 0x1420  RDPCDD - ok
01:13:07.0605 0x1420  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
01:13:07.0611 0x1420  RDPDR - ok
01:13:07.0626 0x1420  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:13:07.0627 0x1420  RDPENCDD - ok
01:13:07.0637 0x1420  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:13:07.0638 0x1420  RDPREFMP - ok
01:13:07.0689 0x1420  [ 4D3B50366F453BF1D17CB3DD72A024FF, 1D2F351CACBDF3C26586AE23BAAA6DADC99B664A81C213B8B54D17EBA5C308A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:13:07.0689 0x1420  RdpVideoMiniport - ok
01:13:07.0723 0x1420  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:13:07.0727 0x1420  RDPWD - ok
01:13:07.0753 0x1420  [ F4287A980C0AA41DE3073F053E5EA73C, 04A386884DE32C6813486FD2D8FD9B9B275758CE5354459D8862A60E7F134833 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:13:07.0757 0x1420  rdyboost - ok
01:13:07.0786 0x1420  [ 0301EEE83B03229F555C6F8025FB5540, 3ABBA482E59FF9FC831A0FEA75A8C937BAE5077108A0EB3F89205C72FEDC2CD9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:13:07.0788 0x1420  RemoteAccess - ok
01:13:07.0801 0x1420  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:13:07.0805 0x1420  RemoteRegistry - ok
01:13:07.0808 0x1420  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:13:07.0811 0x1420  RpcEptMapper - ok
01:13:07.0827 0x1420  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:13:07.0828 0x1420  RpcLocator - ok
01:13:07.0871 0x1420  [ BA6C9EE518A11DA4AD061B223EBED3D3, 0FDDEF3FFB375712567212BD7D31DA91AB97F8CE0D468C5FC6D4918CDF204B5A ] RpcSs           C:\Windows\system32\rpcss.dll
01:13:07.0878 0x1420  RpcSs - ok
01:13:07.0916 0x1420  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:13:07.0918 0x1420  rspndr - ok
01:13:07.0949 0x1420  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
01:13:07.0950 0x1420  s3cap - ok
01:13:07.0955 0x1420  [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] SamSs           C:\Windows\system32\lsass.exe
01:13:07.0956 0x1420  SamSs - ok
01:13:07.0992 0x1420  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:13:07.0993 0x1420  SASDIFSV - ok
01:13:08.0013 0x1420  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:13:08.0014 0x1420  SASKUTIL - ok
01:13:08.0046 0x1420  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:13:08.0049 0x1420  sbp2port - ok
01:13:08.0069 0x1420  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:13:08.0076 0x1420  SCardSvr - ok
01:13:08.0110 0x1420  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:13:08.0112 0x1420  scfilter - ok
01:13:08.0162 0x1420  [ E5A1E7B40B5086E643705B2D85A139C4, 0B298C16689C8AA475396C9BEAF1032A156A0D7986931337D47FE3AF72228026 ] Schedule        C:\Windows\system32\schedsvc.dll
01:13:08.0191 0x1420  Schedule - ok
01:13:08.0233 0x1420  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:13:08.0236 0x1420  SCPolicySvc - ok
01:13:08.0270 0x1420  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:13:08.0277 0x1420  SDRSVC - ok
01:13:08.0292 0x1420  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:13:08.0293 0x1420  secdrv - ok
01:13:08.0323 0x1420  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
01:13:08.0326 0x1420  seclogon - ok
01:13:08.0343 0x1420  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
01:13:08.0346 0x1420  SENS - ok
01:13:08.0358 0x1420  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:13:08.0361 0x1420  SensrSvc - ok
01:13:08.0372 0x1420  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
01:13:08.0373 0x1420  Serenum - ok
01:13:08.0399 0x1420  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:13:08.0402 0x1420  Serial - ok
01:13:08.0413 0x1420  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
01:13:08.0414 0x1420  sermouse - ok
01:13:08.0454 0x1420  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
01:13:08.0459 0x1420  SessionEnv - ok
01:13:08.0486 0x1420  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:13:08.0488 0x1420  sffdisk - ok
01:13:08.0493 0x1420  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:13:08.0494 0x1420  sffp_mmc - ok
01:13:08.0502 0x1420  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:13:08.0504 0x1420  sffp_sd - ok
01:13:08.0520 0x1420  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
01:13:08.0521 0x1420  sfloppy - ok
01:13:08.0563 0x1420  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:13:08.0579 0x1420  SharedAccess - ok
01:13:08.0625 0x1420  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:13:08.0642 0x1420  ShellHWDetection - ok
01:13:08.0653 0x1420  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:13:08.0654 0x1420  SiSRaid2 - ok
01:13:08.0674 0x1420  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
01:13:08.0676 0x1420  SiSRaid4 - ok
01:13:08.0685 0x1420  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:13:08.0688 0x1420  Smb - ok
01:13:08.0711 0x1420  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:13:08.0713 0x1420  SNMPTRAP - ok
01:13:08.0723 0x1420  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:13:08.0724 0x1420  spldr - ok
01:13:08.0767 0x1420  [ 8003D39B386EDCCFB08DC21AACC0683A, 99D6A4DBE810335A69AE3053DC4B6AAC267639AD7F9C568431FA0714F6E71F30 ] Spooler         C:\Windows\System32\spoolsv.exe
01:13:08.0778 0x1420  Spooler - ok
01:13:08.0886 0x1420  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:13:08.0971 0x1420  sppsvc - ok
01:13:08.0996 0x1420  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:13:08.0998 0x1420  sppuinotify - ok
01:13:09.0048 0x1420  [ 8980499A526581794A20B12E2E264661, 76C9AF4D95137F1258ACE45C1E254386F21A7900006FB151C8718875C8CA688B ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:13:09.0065 0x1420  srv - ok
01:13:09.0113 0x1420  [ 9B90A439B97EBBD2A9ABEFFBBC1EEC71, F40C5285205A2D50F1D5F4FCD5D3990597BD39B38AD82D439BC2D51D5BB6F666 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:13:09.0130 0x1420  srv2 - ok
01:13:09.0139 0x1420  [ 9E30361776E07AD940791927A0FC9B3A, 1B8FBC780BEEA1DB23861584C44F0EB55CC6B3817AF714020EBA675E38DF98B5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:13:09.0142 0x1420  srvnet - ok
01:13:09.0154 0x1420  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:13:09.0163 0x1420  SSDPSRV - ok
01:13:09.0184 0x1420  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:13:09.0186 0x1420  SstpSvc - ok
01:13:09.0226 0x1420  [ 383C219BFA39703A5AF40F1636E3A7F8, D515E572EF440CAA5A97335421B284743A331827010EC854480E0234D58FEF43 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
01:13:09.0232 0x1420  ssudmdm - ok
01:13:09.0359 0x1420  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
01:13:09.0380 0x1420  ss_conn_service - ok
01:13:09.0421 0x1420  [ A766CCAD980235FF34E7F8089D3175A3, ECC1F92F46FE8FC10075F14AC4FEAA9BAA0E2FDF49E693230C5077D408CAFA70 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:13:09.0426 0x1420  Stereo Service - ok
01:13:09.0439 0x1420  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
01:13:09.0440 0x1420  stexstor - ok
01:13:09.0485 0x1420  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
01:13:09.0519 0x1420  stisvc - ok
01:13:09.0554 0x1420  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
01:13:09.0556 0x1420  storflt - ok
01:13:09.0573 0x1420  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
01:13:09.0575 0x1420  storvsc - ok
01:13:09.0586 0x1420  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
01:13:09.0587 0x1420  swenum - ok
01:13:09.0608 0x1420  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
01:13:09.0626 0x1420  swprv - ok
01:13:09.0704 0x1420  [ 15CF7B24AA64FE958CAEA00274838B1C, 820F7CF1CCD036A1871D728C1CC80D9E9BB5E3BD5D9C7BC822B1711D8DB79707 ] SysMain         C:\Windows\system32\sysmain.dll
01:13:09.0740 0x1420  SysMain - ok
01:13:09.0749 0x1420  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:13:09.0752 0x1420  TabletInputService - ok
01:13:09.0772 0x1420  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:13:09.0778 0x1420  TapiSrv - ok
01:13:09.0860 0x1420  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:13:09.0898 0x1420  Tcpip - ok
01:13:09.0975 0x1420  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:13:10.0011 0x1420  TCPIP6 - ok
01:13:10.0043 0x1420  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:13:10.0044 0x1420  tcpipreg - ok
01:13:10.0059 0x1420  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:13:10.0060 0x1420  TDPIPE - ok
01:13:10.0091 0x1420  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:13:10.0092 0x1420  TDTCP - ok
01:13:10.0124 0x1420  [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:13:10.0128 0x1420  tdx - ok
01:13:10.0141 0x1420  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
01:13:10.0144 0x1420  TermDD - ok
01:13:10.0193 0x1420  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
01:13:10.0210 0x1420  TermService - ok
01:13:10.0213 0x1420  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:13:10.0215 0x1420  Themes - ok
01:13:10.0236 0x1420  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
01:13:10.0238 0x1420  THREADORDER - ok
01:13:10.0250 0x1420  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:13:10.0253 0x1420  TrkWks - ok
01:13:10.0294 0x1420  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:13:10.0296 0x1420  TrustedInstaller - ok
01:13:10.0324 0x1420  [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:13:10.0325 0x1420  tssecsrv - ok
01:13:10.0350 0x1420  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:13:10.0351 0x1420  TsUsbFlt - ok
01:13:10.0389 0x1420  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:13:10.0392 0x1420  tunnel - ok
01:13:10.0404 0x1420  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
01:13:10.0406 0x1420  uagp35 - ok
01:13:10.0437 0x1420  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:13:10.0444 0x1420  udfs - ok
01:13:10.0460 0x1420  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:13:10.0463 0x1420  UI0Detect - ok
01:13:10.0471 0x1420  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:13:10.0473 0x1420  uliagpkx - ok
01:13:10.0505 0x1420  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
01:13:10.0506 0x1420  umbus - ok
01:13:10.0515 0x1420  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
01:13:10.0516 0x1420  UmPass - ok
01:13:10.0551 0x1420  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
01:13:10.0560 0x1420  UmRdpService - ok
01:13:10.0660 0x1420  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:13:10.0671 0x1420  UNS - ok
01:13:10.0699 0x1420  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:13:10.0716 0x1420  upnphost - ok
01:13:10.0745 0x1420  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
01:13:10.0747 0x1420  usbaudio - ok
01:13:10.0764 0x1420  [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:13:10.0768 0x1420  usbccgp - ok
01:13:10.0793 0x1420  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:13:10.0797 0x1420  usbcir - ok
01:13:10.0827 0x1420  [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
01:13:10.0830 0x1420  usbehci - ok
01:13:10.0868 0x1420  [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
01:13:10.0879 0x1420  usbhub - ok
01:13:10.0918 0x1420  [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci         C:\Windows\system32\drivers\usbohci.sys
01:13:10.0919 0x1420  usbohci - ok
01:13:10.0930 0x1420  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:13:10.0932 0x1420  usbprint - ok
01:13:10.0971 0x1420  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
01:13:10.0973 0x1420  usbscan - ok
01:13:10.0982 0x1420  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:13:10.0985 0x1420  USBSTOR - ok
01:13:11.0015 0x1420  [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
01:13:11.0017 0x1420  usbuhci - ok
01:13:11.0040 0x1420  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
01:13:11.0047 0x1420  usbvideo - ok
01:13:11.0079 0x1420  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
01:13:11.0081 0x1420  usb_rndisx - ok
01:13:11.0094 0x1420  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
01:13:11.0097 0x1420  UxSms - ok
01:13:11.0111 0x1420  [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] VaultSvc        C:\Windows\system32\lsass.exe
01:13:11.0113 0x1420  VaultSvc - ok
01:13:11.0147 0x1420  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:13:11.0148 0x1420  vdrvroot - ok
01:13:11.0201 0x1420  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
01:13:11.0216 0x1420  vds - ok
01:13:11.0231 0x1420  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:13:11.0232 0x1420  vga - ok
01:13:11.0235 0x1420  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:13:11.0236 0x1420  VgaSave - ok
01:13:11.0265 0x1420  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:13:11.0269 0x1420  vhdmp - ok
01:13:11.0295 0x1420  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:13:11.0296 0x1420  viaide - ok
01:13:11.0326 0x1420  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
01:13:11.0332 0x1420  vmbus - ok
01:13:11.0373 0x1420  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
01:13:11.0374 0x1420  VMBusHID - ok
01:13:11.0389 0x1420  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:13:11.0391 0x1420  volmgr - ok
01:13:11.0437 0x1420  [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:13:11.0447 0x1420  volmgrx - ok
01:13:11.0471 0x1420  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:13:11.0479 0x1420  volsnap - ok
01:13:11.0496 0x1420  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
01:13:11.0501 0x1420  vsmraid - ok
01:13:11.0565 0x1420  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
01:13:11.0585 0x1420  VSS - ok
01:13:11.0596 0x1420  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:13:11.0597 0x1420  vwifibus - ok
01:13:11.0612 0x1420  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
01:13:11.0619 0x1420  W32Time - ok
01:13:11.0698 0x1420  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
01:13:11.0714 0x1420  W3SVC - ok
01:13:11.0724 0x1420  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
01:13:11.0725 0x1420  WacomPen - ok
01:13:11.0753 0x1420  [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:13:11.0756 0x1420  WANARP - ok
01:13:11.0772 0x1420  [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:13:11.0774 0x1420  Wanarpv6 - ok
01:13:11.0799 0x1420  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
01:13:11.0809 0x1420  WAS - ok
01:13:11.0865 0x1420  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
01:13:11.0885 0x1420  wbengine - ok
01:13:11.0914 0x1420  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:13:11.0919 0x1420  WbioSrvc - ok
01:13:11.0953 0x1420  [ 79E3903FD75A22386326B542F17A2563, 3CCCE0BCDE12240BE7E108A8C0A959A33C8462A0DE8510F28FA0107C4A9A1F05 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:13:11.0966 0x1420  wcncsvc - ok
01:13:11.0999 0x1420  [ 35050F01D00E7E72A2449EB6F9ABF8B4, CF45943E14D2418E83CF4DC836D3AFE4ED61186B6B9DA25EF745DC6FBB07FAC5 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:13:12.0001 0x1420  WcsPlugInService - ok
01:13:12.0009 0x1420  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
01:13:12.0010 0x1420  Wd - ok
01:13:12.0064 0x1420  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:13:12.0081 0x1420  Wdf01000 - ok
01:13:12.0109 0x1420  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:13:12.0112 0x1420  WdiServiceHost - ok
01:13:12.0118 0x1420  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:13:12.0120 0x1420  WdiSystemHost - ok
01:13:12.0157 0x1420  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
01:13:12.0163 0x1420  WebClient - ok
01:13:12.0171 0x1420  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:13:12.0177 0x1420  Wecsvc - ok
01:13:12.0190 0x1420  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:13:12.0193 0x1420  wercplsupport - ok
01:13:12.0204 0x1420  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:13:12.0207 0x1420  WerSvc - ok
01:13:12.0219 0x1420  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:13:12.0220 0x1420  WfpLwf - ok
01:13:12.0228 0x1420  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:13:12.0229 0x1420  WIMMount - ok
01:13:12.0246 0x1420  WinHttpAutoProxySvc - ok
01:13:12.0288 0x1420  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:13:12.0296 0x1420  Winmgmt - ok
01:13:12.0352 0x1420  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
01:13:12.0394 0x1420  WinRM - ok
01:13:12.0416 0x1420  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:13:12.0417 0x1420  WinUsb - ok
01:13:12.0461 0x1420  [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:13:12.0486 0x1420  Wlansvc - ok
01:13:12.0502 0x1420  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
01:13:12.0503 0x1420  WmiAcpi - ok
01:13:12.0512 0x1420  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:13:12.0515 0x1420  wmiApSrv - ok
01:13:12.0523 0x1420  WMPNetworkSvc - ok
01:13:12.0624 0x1420  [ 001DB740FF3DC6ABB6C45DB9513F87FC, E8DA7C8940BA628F9608D3463D1CDF7EE0BE92F2E7054D97538D797985B2FE92 ] wordpressApache C:\Bitnami\WORDPR~1.2-0\apache2\bin\httpd.exe
01:13:12.0625 0x1420  wordpressApache - ok
01:13:12.0680 0x1420  wordpressMySQL - ok
01:13:12.0708 0x1420  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:13:12.0710 0x1420  WPCSvc - ok
01:13:12.0741 0x1420  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:13:12.0746 0x1420  WPDBusEnum - ok
01:13:12.0762 0x1420  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:13:12.0764 0x1420  ws2ifsl - ok
01:13:12.0768 0x1420  WSearch - ok
01:13:12.0801 0x1420  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:13:12.0804 0x1420  WudfPf - ok
01:13:12.0839 0x1420  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:13:12.0846 0x1420  WUDFRd - ok
01:13:12.0883 0x1420  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:13:12.0888 0x1420  wudfsvc - ok
01:13:12.0924 0x1420  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:13:12.0933 0x1420  WwanSvc - ok
01:13:12.0942 0x1420  ================ Scan global ===============================
01:13:12.0972 0x1420  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
01:13:13.0011 0x1420  [ 630CFE0957470D4EDDB1B8FF1AA18B0A, D960DB8CD8A27464EFD6A940278A50424B3D6D5BB43837A1EF5DA1D59CE341DF ] C:\Windows\system32\winsrv.dll
01:13:13.0045 0x1420  [ 630CFE0957470D4EDDB1B8FF1AA18B0A, D960DB8CD8A27464EFD6A940278A50424B3D6D5BB43837A1EF5DA1D59CE341DF ] C:\Windows\system32\winsrv.dll
01:13:13.0083 0x1420  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:13:13.0122 0x1420  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
01:13:13.0133 0x1420  [ Global ] - ok
01:13:13.0134 0x1420  ================ Scan MBR ==================================
01:13:13.0161 0x1420  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:13:13.0327 0x1420  \Device\Harddisk0\DR0 - ok
01:13:13.0337 0x1420  [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk1\DR1
01:13:13.0562 0x1420  \Device\Harddisk1\DR1 - ok
01:13:13.0564 0x1420  [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk2\DR2
01:13:13.0575 0x1420  \Device\Harddisk2\DR2 - ok
01:13:13.0575 0x1420  ================ Scan VBR ==================================
01:13:13.0577 0x1420  [ 577CEB09BE1C7CFAD42EF6EE6A9E9C88 ] \Device\Harddisk0\DR0\Partition1
01:13:13.0579 0x1420  \Device\Harddisk0\DR0\Partition1 - ok
01:13:13.0598 0x1420  [ EF327CFDF1160F49E20D99E687794108 ] \Device\Harddisk0\DR0\Partition2
01:13:13.0600 0x1420  \Device\Harddisk0\DR0\Partition2 - ok
01:13:13.0612 0x1420  [ 9CC3A82E55B231E42AC24EB3CC6D7B48 ] \Device\Harddisk1\DR1\Partition1
01:13:13.0614 0x1420  \Device\Harddisk1\DR1\Partition1 - ok
01:13:13.0617 0x1420  [ A84B74F97DF907FC61338C6D65D270E9 ] \Device\Harddisk2\DR2\Partition1
01:13:13.0619 0x1420  \Device\Harddisk2\DR2\Partition1 - ok
01:13:13.0622 0x1420  [ 2D5C9411BE4B5448DE96C25347D70016 ] \Device\Harddisk2\DR2\Partition2
01:13:13.0624 0x1420  \Device\Harddisk2\DR2\Partition2 - ok
01:13:13.0625 0x1420  ================ Scan generic autorun ======================
01:13:13.0911 0x1420  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:13:14.0062 0x1420  RtHDVCpl - ok
01:13:14.0182 0x1420  [ 25AF016667164408F02D05FAD8C313B1, A6D4E74E6A88CFF259F5A20A895B7F58247E7BFAD84E25D7499BE5BB428DD4FF ] C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe
01:13:14.0189 0x1420  egui - ok
01:13:14.0265 0x1420  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:14.0307 0x1420  Sidebar - ok
01:13:14.0333 0x1420  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:14.0336 0x1420  mctadmin - ok
01:13:14.0361 0x1420  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:14.0378 0x1420  Sidebar - ok
01:13:14.0382 0x1420  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:14.0384 0x1420  mctadmin - ok
01:13:14.0439 0x1420  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
01:13:14.0457 0x1420  Sidebar - ok
01:13:14.0662 0x1420  [ BB572C1A4A0963E317CAF54E72F0B84C, 587513491D3C493BCF4E63838702659BAC88CB4FACA0B89164DB9D0A20CB08DB ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
01:13:14.0852 0x1420  SUPERAntiSpyware - ok
01:13:14.0904 0x1420  Skype for Desktop - ok
01:13:14.0945 0x1420  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:14.0961 0x1420  Sidebar - ok
01:13:14.0965 0x1420  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:14.0966 0x1420  mctadmin - ok
01:13:14.0989 0x1420  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:15.0003 0x1420  Sidebar - ok
01:13:15.0007 0x1420  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:15.0009 0x1420  mctadmin - ok
01:13:15.0009 0x1420  Waiting for KSN requests completion. In queue: 111
01:13:16.0026 0x1420  AV detected via SS2: ESET Security, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe ( 12.0.27.0 ), 0x40010 ( disabled : outofdate )
01:13:16.0031 0x1420  Win FW state via NFP2: enabled ( trusted )
01:13:16.0151 0x1420  ============================================================
01:13:16.0151 0x1420  Scan finished
01:13:16.0151 0x1420  ============================================================
01:13:16.0159 0x1670  Detected object count: 0
01:13:16.0159 0x1670  Actual detected object count: 0

El último lo puse en dos partes (no cabía entero). Salieron los 2 limpios.

Hola

Parece que ya está limpio tu equipo, queda alguna duda?

Un saludo

Todo genial. Muchas gracias por la ayuda. :heart_eyes:

1 me gusta

Hola @Nubol

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :+1: Damos el tema por solucionado.

Solucionado

Un saludo