Va lento, el nevegador le cuesta de abrir y de abrir páginas. Voy a volver a pasar el malba
Hola
Te indiqué que realizaras un análisis personalizado con Malwarebytes y lo hiciste de amenazas, mandaste a cuarentena lo que detectó?
Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus
Descarga Farbar Recovery Scan Tool en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 18/6/20
Hora del análisis: 21:52
Archivo de registro: 2f26419c-b19d-11ea-9c1c-94de803c577f.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.955
Versión del paquete de actualización: 1.0.25710
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Carmen-PC\Carmen
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 1103608
Amenazas detectadas: 10
Amenazas en cuarentena: 9
Tiempo transcurrido: 7 hr, 48 min, 1 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 10
Malware.Generic.3509283873, F:\DESCARGAS PONY\DESCARGA\DESCARGA\CAMBIAR IMAGEN\EQUIPO4.EXE, En cuarentena, 1000000, 0, 1.0.25710, 0A74B21262D1F79ED12B6C21, dds, 00770087
Malware.Generic.4018542805, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\PLUGINS SONY VEGAS\PLUGINS SONY VEGAS\SPICEMASTER PRO V. 2.5\KEYGEN.EXE, En cuarentena, 1000000, 0, 1.0.25710, 657DDD322FDCC430EF8618D5, dds, 00770087
PUP.Optional.DriverMax, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\DRIVERMAX.EXE, En cuarentena, 3539, 812463, 1.0.25710, , ame,
Malware.Generic.4177194417, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Adware.InstallCore, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DESCARGAS\ASF_AVI_RM_WMV_REPAIR.EXE, En cuarentena, 502, 670606, 1.0.25710, , ame,
Malware.Generic.4177194417, G:\DOCUMENTS AND SETTINGS\CARMEN\MIS DOCUMENTOS\DOWNLOADS\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Malware.Generic.4177194417, G:\DOCUMENTS AND SETTINGS\CARMEN\ESCRITORIO\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Malware.Generic.3509283873, H:\DESCARGAS MIAS\DESCARGA\CAMBIAR IMAGEN\EQUIPO4.EXE, En cuarentena, 1000000, 0, 1.0.25710, 0A74B21262D1F79ED12B6C21, dds, 00770087
Malware.Generic.4177194417, C:\USERS\CARMEN\DOCUMENTS\MIO\USB\KIKE\AT-DESTROYER.EXE, En cuarentena, 1000000, 0, 1.0.25710, 3627569779940148F8FAEDB1, dds, 00770087
Adware.StartPage, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\LEAGUE OF LEGENDS\LеAGUE оF LEGENDS.LNK, Error durante la eliminación, 364, 674077, 1.0.25710, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-06-2020
Ejecutado por Carmen (administrador) sobre CARMEN-PC (Gigabyte Technology Co., Ltd. H61M-D2H-USB3) (19-06-2020 10:06:11)
Ejecutado desde C:\Users\Carmen\Downloads
Perfiles cargados: Carmen & UpdatusUser
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Carmen\AppData\Roaming\Dropbox\bin\Dropbox.exe <3>
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\Carmen\AppData\Roaming\Dropbox\bin\99.4.501\QtWebEngineProcess.exe <3>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Magnify.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-10-29] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-04-26] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91683688 2020-06-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON Stylus Photo R285 Series 64MonitorBE: C:\Windows\system32\E_ILMCKE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon2.dll [29704 2013-04-30] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\d37301f97a\Dropbox.lnk [2020-06-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {1089F0E8-5701-447F-9F0E-7A6CB2823579} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000Core => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {24A22B6C-500E-4867-AF9A-59CAF3684A16} - System32\Tasks\{3263A8E7-E0CD-4D33-818D-E48B7A8058C1} => C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE [12829216 2007-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {341F4F05-70EA-44E7-8BCA-D757395112DE} - System32\Tasks\{C3B50838-C667-48B0-BBAE-0CB022082529} => C:\Program Files (x86)\ZD Soft\Screen Recorder\ScnRec.exe [1659392 2012-10-07] (ZD Soft) [Archivo no firmado]
Task: {3CEA1EEA-0A8F-47D2-AF1A-7C242E2E4083} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {3F508CE6-6841-4718-9D95-FCCC91CCC884} - System32\Tasks\Opera scheduled assistant Autoupdate 1582274861 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {40FA083A-9926-4A15-852D-B1BADE25616F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {48FAFC19-9FCF-47DD-B6B5-221E149CEA96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
Task: {5425661F-B410-4985-BC7C-F57308A43D87} - System32\Tasks\Opera GX scheduled Autoupdate 1582725757 => C:\Users\Carmen\AppData\Local\Programs\Opera GX\launcher.exe [1459224 2020-05-27] (Opera Software AS -> Opera Software)
Task: {57F64E36-8FF1-4061-8B73-8FB1E625BC2F} - System32\Tasks\{31D48B2D-0B18-4C0C-A2FC-7D19D35E67C4} => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6895736 2018-10-29] (ESET, spol. s r.o. -> ESET)
Task: {5DE3BEE4-7506-4225-AEB7-5D08642BB2F9} - System32\Tasks\Opera scheduled Autoupdate 1432404393 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {9D65F2B3-E9AD-4BB9-BA7C-F8329F40C1D8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A309D206-CD0D-4AD8-85E6-D9AAB6008282} - System32\Tasks\{76043FB6-F90C-4F9E-AA57-91FABF7AE378} => C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE [12829216 2007-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A46CC68B-9E16-441B-8D69-8E4CCFB09312} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {AAA44365-92BC-41B7-B248-EA0584A36511} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [168736 2018-07-10] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {C3216E06-E3B6-455A-90A8-B15E3B046008} - System32\Tasks\{04DBEDD2-15F6-43DB-AED1-510942B8B0C5} => C:\Program Files (x86)\ZD Soft\Screen Recorder\ScnRec.exe [1659392 2012-10-07] (ZD Soft) [Archivo no firmado]
Task: {C46FD7FA-EFF5-4BB8-9721-2090DDF8A324} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-10] (Adobe Inc. -> Adobe)
Task: {CA5EC0D6-AA6C-497C-9ADD-B3F675D28EED} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon\bin\Maxthon.exe [168736 2018-07-10] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {EC41F023-E5AF-4319-B428-8A555DBD81A5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe)
Task: {F2DA2D7F-06F7-4DEF-81CB-6C4C14C765F2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000UA => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000Core.job => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000UA.job => C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 32fd9fbc-dd57-4e63-8d88-8652aa6c0d7d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 595bf951-17b6-4f76-848f-a0e78ddbfed8.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 212.166.211.3 212.166.132.96
Tcpip\..\Interfaces\{4CB0D5A1-6B4A-4F7F-90A1-359C46AB7D1A}: [DhcpNameServer] 212.166.211.3 212.166.132.96
Internet Explorer:
==================
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.save-search.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> DefaultScope {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: fgfeta3g.default-1439366737652-1572261556736
FF ProfilePath: C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736 [2020-06-19]
FF Homepage: Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736 -> hxxps://www.google.es/
FF NewTab: Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736 -> hxxps://defaultsearch.co/homepage?hp=1&pId=BC180101&iDate=2020-06-17 05:36:26&bName=&bitmask=0300
FF Extension: (SaveFrom.net helper) - C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736\Extensions\[email protected] [2020-06-09]
FF Extension: (Video DownloadHelper) - C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\fgfeta3g.default-1439366737652-1572261556736\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-06-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-04-30] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-08-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-08-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Carmen\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [Archivo no firmado]
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Carmen\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall) [Archivo no firmado]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Carmen\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-07-10] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Carmen\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2019-10-15] (Google Inc (TEST) -> Coowon.) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Carmen\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2019-10-15] (Google Inc (TEST) -> Coowon.) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-811658154-4134238313-3946999917-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Carmen\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-05-11] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.save-search.com/
CHR StartupUrls: Default -> "hxxp://google.es/"
CHR Extension: (Presentaciones) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-11]
CHR Extension: (Documentos) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-11]
CHR Extension: (Google Drive) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-11]
CHR Extension: (YouTube) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-11]
CHR Extension: (Video Downloader PLUS) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-06-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]
Opera:
=======
OPR StartupUrls: "hxxp://google.es/"
OPR Session Restore: -> está habilitado.
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 APLI Master AutoUpdater; C:\Program Files (x86)\APLI Paper\APLI Master\ApliAutoUpdater.exe [167936 2011-10-24] (Home) [Archivo no firmado]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-10-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-10-29] (ESET, spol. s r.o. -> ESET)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104 2012-04-20] (Intel® Upgrade Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
S4 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-26] (Maxthon (Asia) Limited. -> Maxthon)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon\Bin\MxService.exe [143648 2018-07-10] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-04-30] (Nitro PDF Software -> Nitro PDF Software)
S4 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software s.r.o. -> Locktime Software)
S4 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron LTD -> Nalpeiron Ltd.) [Archivo no firmado]
S4 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] (Numedia Soft, Inc. -> )
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S4 wordpressApache; C:\Bitnami\WORDPR~1.2-0\apache2\bin\httpd.exe [20992 2014-07-19] (Apache Software Foundation) [Archivo no firmado]
S4 wordpressMySQL; C:\Bitnami\wordpress-3.9.2-0\mysql\bin\mysqld.exe [8140288 2014-05-11] () [Archivo no firmado]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S2 CamMask; C:\Windows\System32\DRIVERS\cmvcamdrv64.sys [954072 2013-12-23] (SageTech -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-10-29] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2017-02-03] (ESET, spol. s r.o. -> ESET)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65152 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [88832 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [58280 2018-07-27] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (ManyCam LLC -> Visicom Media Inc.)
S3 mcdevice; C:\Windows\System32\DRIVERS\mcdevice.sys [334400 2019-11-16] (Hefei GreenXin Technology Co. Ltd. -> ShiningMorning Inc.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software s.r.o. -> Locktime Software)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [Archivo no firmado]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-06-19 10:06 - 2020-06-19 10:07 - 000024251 _____ C:\Users\Carmen\Downloads\FRST.txt
2020-06-19 10:06 - 2020-06-19 10:06 - 000000000 ____D C:\FRST
2020-06-19 10:03 - 2020-06-19 10:04 - 002289152 _____ (Farbar) C:\Users\Carmen\Downloads\FRST64.exe
2020-06-18 21:42 - 2020-06-18 21:42 - 000000464 _____ C:\Users\Carmen\Desktop\cc_20200618_214202.reg
2020-06-18 21:04 - 2020-06-18 21:04 - 000001969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-18 21:03 - 2020-06-18 21:03 - 001988280 _____ (Malwarebytes) C:\Users\Carmen\Downloads\MBSetup(1).exe
2020-06-18 21:03 - 2020-06-18 21:03 - 000000000 ____D C:\Malwarebytes
2020-06-18 20:35 - 2020-06-18 20:35 - 001279483 _____ C:\Users\Carmen\Desktop\descryptor18junio.txt
2020-06-18 15:18 - 2020-06-18 15:18 - 001162528 _____ (Emsisoft Ltd.) C:\Users\Carmen\Downloads\decrypt_STOPDjvu.exe
2020-06-18 14:59 - 2020-06-18 14:59 - 000001934 _____ C:\Users\Carmen\Documents\eset18 junio.txt
2020-06-18 13:45 - 2020-06-18 13:45 - 001162528 _____ (Emsisoft Ltd.) C:\Users\Carmen\Desktop\decrypt_STOPDjvu.exe
2020-06-18 11:05 - 2020-06-18 11:05 - 014665312 _____ (ESET spol. s r.o.) C:\Users\Carmen\Desktop\esetonlinescanner.exe
2020-06-18 10:35 - 2020-06-18 10:39 - 000000000 ____D C:\ProgramData\d37301f97a
2020-06-18 10:35 - 2020-06-18 10:35 - 000000000 _____ C:\ProgramData\c51906dadd090eab302c587c52dd3ee9
2020-06-17 22:11 - 2020-06-17 22:12 - 000000000 ____D C:\AdwCleaner
2020-06-17 22:10 - 2020-06-17 22:11 - 008402608 _____ (Malwarebytes) C:\Users\Carmen\Desktop\adwcleaner_8.0.5.exe
2020-06-17 22:03 - 2020-06-17 22:03 - 000016372 _____ C:\Users\Carmen\AppData\LocalLow\Log.zip
2020-06-17 22:03 - 2020-06-17 22:03 - 000016096 _____ C:\Users\Carmen\AppData\LocalLow\chrome_autofill.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000015255 _____ C:\Users\Carmen\AppData\LocalLow\passwords.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000004781 _____ C:\Users\Carmen\AppData\LocalLow\machineinfo.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000000550 _____ C:\Users\Carmen\AppData\LocalLow\outlook.txt
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0
2020-06-17 22:01 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y
2020-06-17 22:01 - 2020-06-17 22:01 - 000916735 _____ (SQLite Development Team) C:\Users\Carmen\AppData\LocalLow\sqlite3.dll
2020-06-17 21:56 - 2020-06-17 21:56 - 000013396 _____ C:\Users\Carmen\Desktop\cc_20200617_215647.reg
2020-06-17 21:49 - 2020-06-17 21:49 - 025859024 _____ (Piriform Software Ltd) C:\Users\Carmen\Downloads\ccsetup567.exe
2020-06-17 19:53 - 2020-06-17 19:53 - 000512512 _____ C:\Windows\system32\LBA-1-1953520066-k
2020-06-17 19:44 - 2020-06-17 20:34 - 000000004 _____ C:\ProgramData\rc.dat
2020-06-17 19:41 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\njgpq12jktc
2020-06-17 19:40 - 2020-06-17 19:57 - 000000024 _____ C:\ProgramData\irw.atsd
2020-06-17 19:40 - 2020-06-17 19:48 - 000000004 _____ C:\ProgramData\lock.dat
2020-06-17 19:40 - 2020-06-17 19:40 - 000000008 _____ C:\ProgramData\ts.dat
2020-06-17 19:39 - 2020-06-17 19:39 - 000001048 _____ C:\Users\Carmen\_readme.txt
2020-06-17 19:37 - 2020-06-17 19:37 - 000000000 ____D C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP
2020-06-17 19:36 - 2020-06-17 19:52 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Smart Clock
2020-06-17 19:36 - 2020-06-17 19:36 - 000000555 _____ C:\Users\Carmen\AppData\Local\bowsakkdestx.txt
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\SystemID
2020-06-17 19:35 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\indefendesv
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Program Files (x86)\IEJ
2020-06-17 19:18 - 2020-06-17 19:18 - 003959959 _____ C:\Users\Carmen\Downloads\manual-imagen-corporativa-grupo-esypro.pdf
2020-06-17 18:41 - 2020-06-17 18:41 - 000771785 _____ C:\Users\Carmen\Downloads\2. Manual branding END.pdf
2020-06-16 19:33 - 2020-06-16 19:33 - 004335175 _____ C:\Users\Carmen\Downloads\Vale REGALO.pdf
2020-06-16 17:50 - 2020-06-16 17:50 - 000111512 _____ C:\Users\Carmen\Downloads\UPDATED.6451569_BM Scottsdale 2020 Fact Sheet (1).pdf
2020-06-12 18:07 - 2020-06-12 18:07 - 000064303 _____ C:\Users\Carmen\Downloads\WhatsApp Image 2020-06-12 at 17.54.18.jpeg
2020-06-12 18:06 - 2020-06-12 18:06 - 056539371 _____ C:\Users\Carmen\Downloads\WhatsApp Video 2020-06-12 at 17.49.35.mp4
2020-06-10 13:53 - 2020-06-10 13:53 - 041896256 _____ (Apple Inc.) C:\Users\Carmen\Downloads\26909-682333-quicktime(1).exe
2020-06-10 13:46 - 2020-06-10 13:46 - 000660312 _____ (Sony Creative Software Inc.) C:\Users\Carmen\Downloads\qt7plug.dll
2020-06-10 13:22 - 2020-06-10 13:23 - 003933219 _____ C:\Users\Carmen\Downloads\Invitación Tony UPW Dallas 2020-1.mp4
2020-06-10 13:04 - 2020-06-10 13:04 - 041896256 _____ (Apple Inc.) C:\Users\Carmen\Downloads\26909-682333-quicktime.exe
2020-06-10 10:49 - 2020-06-10 10:49 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-09 12:16 - 2020-06-18 20:40 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-06-09 10:37 - 2020-06-09 10:38 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2020-06-09 10:37 - 2020-06-09 10:37 - 043467824 _____ (DownloadHelper ) C:\Users\Carmen\Downloads\DownloadHelper - Video download browser extension.mp4
2020-06-09 10:36 - 2020-06-09 10:36 - 043467824 _____ (DownloadHelper ) C:\Users\Carmen\Downloads\VdhCoAppSetup-1.5.0.exe
2020-06-03 13:20 - 2020-06-03 13:20 - 028076373 _____ C:\Users\Carmen\Downloads\WhatsApp Video 2020-06-03 at 13.05.14.mp4
2020-06-02 17:38 - 2020-06-02 17:38 - 000107793 _____ C:\Users\Carmen\Downloads\UPW_Dallas_Fact_Sheet_2020_v3.pdf
2020-05-27 13:30 - 2020-05-27 13:30 - 070848101 _____ C:\Users\Carmen\Downloads\REGALOS de Espai Coach .zip
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-06-19 09:59 - 2016-11-18 18:05 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\Mozilla
2020-06-19 09:56 - 2013-05-30 12:37 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-19 09:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-19 09:56 - 2009-07-14 06:45 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-19 09:56 - 2009-07-14 06:45 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-19 04:50 - 2015-06-20 09:49 - 000001006 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000UA.job
2020-06-18 21:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-18 21:04 - 2019-07-21 19:24 - 000001957 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-18 21:04 - 2019-07-21 19:24 - 000001957 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-18 21:04 - 2019-07-21 19:23 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-06-18 21:01 - 2013-05-30 12:37 - 000000000 ____D C:\Users\UpdatusUser
2020-06-18 17:25 - 2020-02-21 10:47 - 000004052 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582274861
2020-06-18 10:50 - 2015-06-20 09:49 - 000000954 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-811658154-4134238313-3946999917-1000Core.job
2020-06-17 21:53 - 2016-04-26 20:29 - 000000000 ____D C:\Users\Carmen\AppData\Local\CrashDumps
2020-06-17 21:49 - 2018-03-09 10:15 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-17 21:49 - 2014-01-18 23:57 - 000000831 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-17 21:49 - 2014-01-18 23:57 - 000000831 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-06-17 21:30 - 2020-05-14 17:21 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2020-06-17 20:34 - 2017-04-09 21:17 - 000000000 ____D C:\Users\DefaultAppPool
2020-06-17 19:39 - 2018-11-20 15:56 - 000000000 ____D C:\BigFishCache
2020-06-17 19:39 - 2018-03-08 23:29 - 000000000 ____D C:\FSTool
2020-06-17 19:39 - 2014-11-24 13:05 - 000000000 ____D C:\Riot Games
2020-06-17 19:39 - 2014-08-14 15:14 - 000000000 ____D C:\Bitnami
2020-06-17 19:39 - 2014-08-13 01:08 - 000000000 ____D C:\AppServ
2020-06-17 19:39 - 2014-08-12 20:00 - 000000000 ____D C:\xampp
2020-06-17 19:39 - 2014-06-26 10:51 - 000000000 ____D C:\AutoUpdater
2020-06-17 19:39 - 2014-05-15 18:03 - 000000000 ____D C:\VueScan
2020-06-17 19:39 - 2013-09-15 20:25 - 000000000 ____D C:\Game Recordings
2020-06-17 19:39 - 2013-06-02 17:45 - 000000000 ____D C:\EPSON EasyPrint31
2020-06-17 19:39 - 2013-05-30 20:59 - 000000000 ___HD C:\CanoScan
2020-06-17 19:39 - 2013-05-30 12:36 - 000000000 ____D C:\temp
2020-06-17 19:39 - 2013-05-30 12:08 - 000000000 ____D C:\Users\Carmen\AppData\Local\VirtualStore
2020-06-17 19:39 - 2013-05-30 12:08 - 000000000 ____D C:\Users\Carmen
2020-06-17 16:23 - 2016-11-22 23:12 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\discord
2020-06-17 12:02 - 2019-11-27 16:38 - 010856180 _____ C:\Users\Carmen\Downloads\UPW2020_Birmingham_Factsheet.pdf
2020-06-17 10:17 - 2018-03-11 15:56 - 000002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 10:17 - 2018-03-11 15:56 - 000002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 10:17 - 2018-03-11 15:56 - 000002190 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-17 10:05 - 2015-05-23 20:06 - 000000000 ____D C:\Program Files (x86)\Opera
2020-06-16 13:23 - 2015-05-23 20:06 - 000003856 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1432404393
2020-06-14 10:05 - 2018-06-16 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-06-11 09:55 - 2009-07-14 07:08 - 000032654 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-06-10 15:04 - 2015-06-11 11:13 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-10 15:04 - 2015-05-23 20:10 - 000004454 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-10 15:04 - 2013-05-31 10:34 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-10 15:04 - 2013-05-31 10:34 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-10 15:04 - 2013-05-31 10:34 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-10 15:04 - 2013-05-30 12:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-10 14:04 - 2018-03-14 11:04 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-10 13:56 - 2019-08-30 16:46 - 000000000 ____D C:\Users\Carmen\Documents\ferre
2020-06-10 13:06 - 2018-03-14 12:26 - 000000000 ____D C:\Program Files (x86)\QuickTime
2020-06-10 12:07 - 2019-10-03 16:05 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-10 12:07 - 2019-10-03 16:05 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-10 10:50 - 2013-05-30 22:41 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Dropbox
2020-06-09 11:06 - 2013-12-30 11:49 - 000000000 ____D C:\Users\Carmen\dwhelper
2020-06-05 11:08 - 2016-11-18 12:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-06-05 11:08 - 2013-05-31 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-03 09:59 - 2020-04-25 10:43 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-02 13:33 - 2017-02-28 16:24 - 000094161 _____ C:\Users\Carmen\Desktop\tasques 2017.xlsx
2020-06-02 13:32 - 2013-08-09 14:14 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\Nitro PDF
2020-06-01 13:07 - 2013-09-08 23:13 - 000000000 ____D C:\Users\Carmen\Documents\mio
2020-05-29 10:42 - 2020-02-26 16:02 - 000004082 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1582725757
2020-05-21 17:50 - 2013-06-26 11:47 - 000000132 _____ C:\Users\Carmen\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2020-05-20 10:21 - 2020-05-19 13:26 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
==================== Archivos en la raíz de algunos directorios ========
2020-06-17 19:40 - 2020-06-17 19:48 - 000000004 _____ () C:\ProgramData\lock.dat
2020-06-17 19:44 - 2020-06-17 20:34 - 000000004 _____ () C:\ProgramData\rc.dat
2020-06-17 19:40 - 2020-06-17 19:40 - 000000008 _____ () C:\ProgramData\ts.dat
2015-06-23 14:33 - 2015-06-23 14:33 - 000597624 _____ () C:\Users\Carmen\AppData\Roaming\gameboxsetup.exe
2016-01-12 19:51 - 2016-01-12 19:51 - 000007859 _____ () C:\Users\Carmen\AppData\Roaming\pcouffin.cat
2016-01-12 19:51 - 2016-01-12 19:51 - 000001167 _____ () C:\Users\Carmen\AppData\Roaming\pcouffin.inf
2016-01-12 19:51 - 2016-01-12 19:51 - 000000055 _____ () C:\Users\Carmen\AppData\Roaming\pcouffin.log
2016-01-12 19:51 - 2016-01-12 19:51 - 000082816 _____ (VSO Software) C:\Users\Carmen\AppData\Roaming\pcouffin.sys
2013-11-25 16:39 - 2013-11-25 16:39 - 000000132 _____ () C:\Users\Carmen\AppData\Roaming\Prefs. de formato AIFF de Adobe CS6
2015-12-18 14:52 - 2019-02-18 17:50 - 000000132 _____ () C:\Users\Carmen\AppData\Roaming\Prefs. de formato GIF de Adobe CS6
2013-06-26 11:47 - 2020-05-21 17:50 - 000000132 _____ () C:\Users\Carmen\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2014-01-18 16:59 - 2019-02-18 18:30 - 000001456 _____ () C:\Users\Carmen\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-06-17 19:36 - 2020-06-17 19:36 - 000000555 _____ () C:\Users\Carmen\AppData\Local\bowsakkdestx.txt
2014-03-31 19:06 - 2020-04-03 17:04 - 000012800 _____ () C:\Users\Carmen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 21:01 - 2014-05-15 21:01 - 000004096 ____H () C:\Users\Carmen\AppData\Local\keyfile3.drm
2018-09-29 09:26 - 2019-11-05 11:34 - 000001025 _____ () C:\Users\Carmen\AppData\Local\oobelibMkey.log
2017-09-21 15:40 - 2017-09-21 15:40 - 000007597 _____ () C:\Users\Carmen\AppData\Local\Resmon.ResmonCfg
2018-03-08 18:43 - 2018-03-08 18:43 - 000000003 _____ () C:\Users\Carmen\AppData\Local\wbem.ini
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-06-18 17:56
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por Carmen (19-06-2020 10:07:16)
Ejecutado desde C:\Users\Carmen\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-05-30 10:08:41)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-811658154-4134238313-3946999917-500 - Administrator - Disabled)
Carmen (S-1-5-21-811658154-4134238313-3946999917-1000 - Administrator - Enabled) => C:\Users\Carmen
HomeGroupUser$ (S-1-5-21-811658154-4134238313-3946999917-1003 - Limited - Enabled)
Invitado (S-1-5-21-811658154-4134238313-3946999917-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-811658154-4134238313-3946999917-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: ESET Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{A5B6B786-2D6F-4B75-940F-42B32D01D146}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{669EB263-0AFE-4FCB-A068-DB082CA6273C}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{042190ED-F17C-4A8D-95D8-87A37B4095BD}) (Version: - ) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{D3064ADE-5D4C-4AA4-8F71-C63D87D4A263}) (Version: - ) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0C0A-1000-0000000FF1CE}_ENTERPRISE_{35B14BD6-6042-4A55-B326-58309DC8C72A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{35B14BD6-6042-4A55-B326-58309DC8C72A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.0.2175 - Open Media LLC)
µTorrent (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.9 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Amazon Kindle (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
APLI Master (HKLM-x32\...\{4767CC38-E667-4447-B60C-4C0721C1E091}) (Version: 6.4.11 - APLI Paper S.A.) Hidden
APLI Master (HKLM-x32\...\InstallShield_{4767CC38-E667-4447-B60C-4C0721C1E091}) (Version: 6.4.11 - APLI Paper S.A.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft PhotoBase 3 (HKLM-x32\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version: - )
ArcSoft PhotoStudio 5 (HKLM-x32\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
BCC 8 OFX 64Bit (HKLM\...\{24D38864-527F-4688-B831-A1A4CC60CD54}) (Version: 8.0.1 - Boris FX, Inc.)
Bitnami WordPress Stack (HKLM-x32\...\Bitnami WordPress Stack 3.9.2-0) (Version: 3.9.2-0 - Bitnami)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 4.94 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{3318B54A-B5A8-49B1-8016-753DC6CAC63B}) (Version: 1.0.110 - Citrix)
Compact First 2nd Edition content (HKLM-x32\...\Compact First 2nd Edition content) (Version: 1.0.0.0 - Cambridge University Press)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Coowon (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Coowon) (Version: 1.6.8.0 - Coowon)
Digital Element Aurora Demo (HKLM-x32\...\{8A071001-2D1C-445A-ACFE-365D540C719B}) (Version: - )
Discord (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
Dropbox (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
EPSON Attach To Email (HKLM-x32\...\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FotoPrix FotoLibro v4 (HKLM-x32\...\{2FEC2258-5F07-400B-82AE-232510ED187D}) (Version: 6.10.0049 - FotoPrix, S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Earth Pro (HKLM\...\{B6EAFE41-5723-40EB-869B-4AF44CA17B35}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GoToMeeting 5.4.0.1082 (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Mega Codec Pack 9.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
League of Legends (HKLM-x32\...\{C3342033-211F-40DD-A03D-0E775B8DEA98}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MemoriesOnTV 4 Full (HKLM-x32\...\MemoriesOnTV 4 Full) (Version: - )
MemoriesOnTV 4.1.2 (HKLM-x32\...\MemoriesOnTV4_is1) (Version: - )
MemoriesOnTV ClipShow Volume 1 (HKLM-x32\...\MemoriesOnTV3-CS1_is1) (Version: - )
MemoriesOnTV ClipShow Volume 2 (HKLM-x32\...\MemoriesOnTV-CS2_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft MPEG-4 VKI Video Codec V1/V2/V3 (HKLM-x32\...\MS-MPEG4) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version: - )
Mozilla Firefox 77.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 77.0.1 (x64 es-ES)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.3.4000 - Maxthon International Limited)
Neat Video v2.6 Pro plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version: - Neat Video team, ABSoft)
Nero 8.3.2.1 (HKLM-x32\...\Nero8WinuE_is1) (Version: 8.3.2.1 - Bj @ WinuE)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software) Hidden
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: - )
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Sampler Pack for Windows (HKLM-x32\...\NewBlue Sampler Pack for Windows) (Version: 1.4 - NewBlue)
NewBlue Stabilizer for Windows (HKLM-x32\...\NewBlue Stabilizer for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: - )
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: - )
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: - )
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 1.4 - NewBlue)
Nitro Pro 8 (HKLM\...\{CF85054A-065D-4A60-9789-71CAB54A04AB}) (Version: 8.5.3.14 - Nitro)
NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX)
NVIDIA Controlador de 3D Vision 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Opera GX Stable 68.0.3618.142 (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Opera GX 68.0.3618.142) (Version: 68.0.3618.142 - Opera Software)
Opera Stable 68.0.3618.165 (HKLM-x32\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Panel de control de NVIDIA 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.23 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Resize 7.5 (HKLM-x32\...\{EFBAD7A9-39AB-4C34-8745-0DEBA5BDC793}) (Version: 7.5 - onOne Software)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
PokerStars.es (HKLM-x32\...\PokerStars.es) (Version: - PokerStars.es)
proDAD Heroglyph 4.0 (64bit) (HKLM\...\proDAD-Heroglyph-4.0) (Version: 4.0.215.1 - proDAD GmbH)
proDAD Heroglyph 4.0 (HKLM-x32\...\proDAD-Heroglyph-4.0) (Version: 4.0.187.1 - proDAD GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 8.1.8-1.0.3112.146 - raidcall.com.ru)
Raton Automatico (HKLM-x32\...\{3DAB198C-CAB0-4DD4-90A5-97CF77386B10}) (Version: 2.0.0 - Nanduky)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Skype versión 8.61 (HKLM-x32\...\Skype_is1) (Version: 8.61 - Skype Technologies S.A.)
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Update for Outlook 2007 Junk Email Filter (kb947945) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E397056B-7AE5-4FF1-8B13-276BF8201847}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vegas Pro 11.0 (64-bit) (HKLM\...\{7ECB8630-029B-11E2-8624-F04DA23A5C58}) (Version: 11.0.701 - Sony)
Vivaldi (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\Vivaldi) (Version: 1.10.867.42 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VSO Video Converter 1 (HKLM-x32\...\{{5289246A-D537-4823-88C2-38C17840E45A}_is1) (Version: 1.2.0.10 - VSO Software)
VueScan (HKLM\...\VueScan) (Version: - )
VueScan (HKLM-x32\...\VueScan) (Version: - )
Windows Live Messenger (HKLM-x32\...\{1692CC0E-8798-493A-9580-23555E21C14B}) (Version: 8.1.0178.00 - Microsoft Corporation)
Wondershare Filmora9(Build 9.1.2) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - XviD Development Team)
ZD Soft Screen Recorder (HKLM-x32\...\{A5577679-F710-4250-BAEE-B64FF88FEBC2}) (Version: 5.0.0 - ZD Soft)
Zoom (HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1082\G2MOutlookAddin64.dll (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-811658154-4134238313-3946999917-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2212224 2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2013-04-30] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [Archivo no firmado]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-08-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [Archivo no firmado]
ContextMenuHandlers1_S-1-5-21-811658154-4134238313-3946999917-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-811658154-4134238313-3946999917-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-811658154-4134238313-3946999917-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Carmen\AppData\Roaming\Dropbox\bin\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607688 2011-02-26] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2006-11-01] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-02-06] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-02] (x264vfw project) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-12-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.MP43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2013-05-30 12:53 - 2006-12-11 02:14 - 000043008 _____ () [Archivo no firmado] C:\Program Files (x86)\WinRAR\rarext64.dll
2013-06-02 17:32 - 2013-06-02 17:32 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-811658154-4134238313-3946999917-1000\...\localhost -> localhost
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-14 04:34 - 2020-06-17 19:41 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.166.211.3 - 212.166.132.96
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: APLI Master AutoUpdater => 2
MSCONFIG\Services: EPSON_PM_RPCV4_01 => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MaxthonUpdateSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: NMSAccess64 => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: wordpressApache => 2
MSCONFIG\Services: wordpressMySQL => 2
MSCONFIG\startupfolder: C:^Users^Carmen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Discord => C:\Users\Carmen\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Carmen\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EPSON Stylus Photo R285 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKE.EXE /FU "C:\Users\Carmen\AppData\Local\Temp\E_S4062.tmp" /EF "HKCU"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Carmen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: jjs => C:\Users\Carmen\AppData\Roaming\Java\3.5\jjs.exe
MSCONFIG\startupreg: Publisher => C:\Users\Carmen\AppData\Local\Temp\{852fe6dd5b974a2687ca0ba3ed14d906}\kCtTSN4Fun\publisher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall.RU\raidcall.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{DBAE61DD-71E5-4A23-9F4E-4E34927E0397}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{0DE6513F-ADA5-4855-9BFE-8F947ADEAC57}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{C0898FCA-42DC-4472-8FC7-AB0FDDD2E187}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E0338966-8EF8-4CAB-B3E7-9EBE42AEEFFD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2F662E28-2A56-4D73-863D-39842C1F26C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{108FC21D-087D-4028-B643-CE9386613CBE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A47513EB-5D23-47B4-AF14-A016A36194CA}] => (Allow) C:\Program Files (x86)\Opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AFF4B70A-B9FB-4FC9-924F-0BF9AFC774D4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A7BC2B8-5FDE-45E8-9CD4-A71E6C65EE41}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F7E5BD7-5CC3-4B77-B9A2-CC25EFBAC32F}] => (Allow) C:\Program Files (x86)\Opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C1187B92-047B-453A-BFA2-D56133E535FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
18-06-2020 18:02:59 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (06/19/2020 09:56:59 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.
Error: (06/19/2020 09:56:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005
Error: (06/18/2020 09:44:31 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.
Error: (06/18/2020 09:44:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005
Error: (06/18/2020 09:32:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.
Error: (06/18/2020 09:32:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005
Error: (06/18/2020 09:23:32 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.
Error: (06/18/2020 09:23:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005
Errores del sistema:
=============
Error: (06/19/2020 09:57:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio CamMask Virtual Webcam no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
Error: (06/19/2020 09:56:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\pfc.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.
Error: (06/18/2020 09:48:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {ABC01078-F197-4B0B-ADBC-CFE684B39C82} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (06/18/2020 09:44:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio CamMask Virtual Webcam no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
Error: (06/18/2020 09:44:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\pfc.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.
Error: (06/18/2020 09:32:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio CamMask Virtual Webcam no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
Error: (06/18/2020 09:32:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\pfc.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.
Error: (06/18/2020 09:31:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio debido a un error en el inicio de sesión.
CodeIntegrity:
===================================
Date: 2017-03-07 16:47:39.038
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 16:47:38.928
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 16:47:38.835
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 16:47:38.741
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 16:47:38.663
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 16:47:38.538
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 14:26:32.879
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-03-07 14:24:52.762
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
==================== Información de la memoria ===========================
BIOS: Award Software International, Inc. F7 07/13/2012
Placa base: Gigabyte Technology Co., Ltd. H61M-D2H-USB3
Procesador: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Porcentaje de memoria en uso: 55%
RAM física total: 8175.24 MB
RAM física disponible: 3645.33 MB
Virtual total: 16348.65 MB
Virtual disponible: 11384.48 MB
==================== Unidades ================================
Drive c: (Windows 7) (Fixed) (Total:244.24 GB) (Free:45.24 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
Drive d: (Datos) (Fixed) (Total:687.27 GB) (Free:659.74 GB) NTFS
Drive f: (DATOS 2) (Fixed) (Total:298.09 GB) (Free:75.74 GB) NTFS
Drive g: (Sistema Operativo vIEJO) (Fixed) (Total:195.32 GB) (Free:44.22 GB) NTFS
Drive h: (datos E) (Fixed) (Total:270.44 GB) (Free:49.15 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9465A43D)
Partition 1: (Active) - (Size=244.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=687.3 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 8F658F65)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 18CC18CB)
Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.4 GB) - (Type=0F Extended)
==================== Final de Addition.txt =======================
Hola
No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muévelo allí si no fallará el paso siguiente.
MUY Importante
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación con los demás programas cerrados ve a
Inicio
Ejecutar
y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.save-search.com/
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> DefaultScope {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
CHR HomePage: Default -> hxxp://www.save-search.com/
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
2020-06-18 10:35 - 2020-06-18 10:39 - 000000000 ____D C:\ProgramData\d37301f97a
2020-06-18 10:35 - 2020-06-18 10:35 - 000000000 _____ C:\ProgramData\c51906dadd090eab302c587c52dd3ee9
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0
2020-06-17 22:01 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y
2020-06-17 19:41 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\njgpq12jktc
2020-06-17 19:37 - 2020-06-17 19:37 - 000000000 ____D C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453
2020-06-17 19:35 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\indefendesv
2018-09-29 09:26 - 2019-11-05 11:34 - 000001025 _____ () C:\Users\Carmen\AppData\Local\oobelibMkey.log
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota
Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX/Corregir y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Hola Daniela, te dejo reporte
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por Carmen (20-06-2020 10:29:12) Run:1
Ejecutado desde C:\Users\Carmen\Desktop
Perfiles cargados: Carmen & UpdatusUser
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.save-search.com/
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> DefaultScope {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-811658154-4134238313-3946999917-1000 -> {A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} URL = hxxp://www.save-search.com/search?q={searchTerms}
CHR HomePage: Default -> hxxp://www.save-search.com/
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCI�N
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCI�N (Rootkit!/Servicio bloqueado)
2020-06-18 10:35 - 2020-06-18 10:39 - 000000000 ____D C:\ProgramData\d37301f97a
2020-06-18 10:35 - 2020-06-18 10:35 - 000000000 _____ C:\ProgramData\c51906dadd090eab302c587c52dd3ee9
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r
2020-06-17 22:03 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0
2020-06-17 22:01 - 2020-06-17 22:03 - 000000000 ____D C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y
2020-06-17 19:41 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\njgpq12jktc
2020-06-17 19:37 - 2020-06-17 19:37 - 000000000 ____D C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP
2020-06-17 19:36 - 2020-06-17 19:36 - 000000000 ____D C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453
2020-06-17 19:35 - 2020-06-17 19:47 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn
2020-06-17 19:34 - 2020-06-17 19:34 - 000000000 ____D C:\Users\Carmen\AppData\Roaming\indefendesv
2018-09-29 09:26 - 2019-11-05 11:34 - 000001025 _____ () C:\Users\Carmen\AppData\Local\oobelibMkey.log
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A8AE99AA-8F4F-4945-AB2C-BA5CA00580A1} => eliminado correctamente
"Chrome HomePage" => eliminado correctamente
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCI�N => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SYSTEM\ControlSet002\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCI�N (Rootkit!/Servicio bloqueado) => Error: Ninguna corrección automática encontrada para esta entrada.
C:\ProgramData\d37301f97a => movido correctamente
C:\ProgramData\c51906dadd090eab302c587c52dd3ee9 => movido correctamente
C:\Users\Carmen\AppData\LocalLow\cr6im03b56g32r => movido correctamente
C:\Users\Carmen\AppData\LocalLow\3098htrhpen8ifg0 => movido correctamente
C:\Users\Carmen\AppData\LocalLow\JN3by345by53432y => movido correctamente
C:\Users\Carmen\AppData\Roaming\njgpq12jktc => movido correctamente
C:\ProgramData\K07CJ7ZJYWTOF040I8BW0FFKP => movido correctamente
C:\Users\Carmen\AppData\Local\18f63213-44b7-4aa7-b2de-e345797e7453 => movido correctamente
C:\Users\Carmen\AppData\Roaming\pl0fqafq5fn => movido correctamente
C:\Users\Carmen\AppData\Roaming\indefendesv => movido correctamente
C:\Users\Carmen\AppData\Local\oobelibMkey.log => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-811658154-4134238313-3946999917-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . : home
V¡nculo: direcci¢n IPv6 local. . . : fe80::3110:d295:f5c3:75ae%10
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.3
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Adaptador de t£nel isatap.home:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : home
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17760645 B
Java, Flash, Steam htmlcache => 1129 B
Windows/system/drivers => 8338610 B
Edge => 0 B
Chrome => 62074412 B
Firefox => 387531241 B
Opera => 171864 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Carmen => 4499905 B
UpdatusUser => 4499905 B
DefaultAppPool => 4499905 B
RecycleBin => 51923 B
EmptyTemp: => 474.8 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 10:30:42 ====
Los navegadores parece que vuelven a funcionar bien. Se supone que ya he eliminado el ransomware y cualquier resto de infección? Vaya por delante toda mi gratitud hacia ti y tu gran apoyo.
Hola
No hay de qué, lo hago con mucho gusto
Vamos a realizar algún análisis más, por si queda algún resto.
Realizas lo siguiente:
Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.
Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso
- Este no da reporte cuando te encuentres al finalizar, si es que lo hace con alguna infección, tomas una imagen y la subes.
Comenta como sigue el problema.
Un saludo
Eset sale limpio ahi te pego imagenes del kaspesky
20/06/2020 16:22:08
Archivos analizados: 1146324
Archivos detectados: 0
Archivos desinfectados: 0
Tiempo total de análisis: 04:54:09
Estado del análisis: Finalizado
Hola
Vamos a realizar unos análisis más.
Realiza los siguientes pasos:
1.- Descarga Malwarebytes Anti-Rootkit (Beta) y descomprimes el contenido en tu escritorio.
- Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe
- En la ventana que saldrá pulsas en "Next".
- Pulsar en "Update", y cuando termine en "Next"
- Ahora inicias el análisis pulsando en el botón "Scan"
- Al terminar, si existe infección pulsamos en "CleanUp" y si no hay infección pulsamos en ""Exit"
Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.
2.- Analiza con TDSSKiller siguiendo el manual
Pega los reportes y comenta como sigue el problema.
Un saludo
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2020.06.20.11
rootkit: v2020.06.20.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18893
Carmen :: CARMEN-PC [administrator]
20/06/2020 23:58:29
mbar-log-2020-06-20 (23-58-29).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 282806
Time elapsed: 25 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.18893
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 3.292000 GHz
Memory total: 8572362752, free: 5520605184
Downloaded database version: v2020.06.20.11
Downloaded database version: v2020.06.20.11
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
06/20/2020 23:58:19
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\Drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
\??\C:\Program Files\ESET\ESET NOD32 Antivirus\Modules\em000k_64\1012\em000k_64.dll
\??\C:\Program Files\ESET\ESET NOD32 Antivirus\Modules\em006_64\1197\em006_64.dll
\??\C:\Program Files\ESET\ESET NOD32 Antivirus\Modules\em018k_64\1544\em018k_64.dll
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\??\C:\Program Files\NetLimiter 3\nltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\epfwwfp.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\System32\Drivers\EtronXHCI.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\nlndis.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\EtronHub3.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\75468149.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msctf.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\psapi.dll
\Windows\System32\ole32.dll
\Windows\System32\user32.dll
\Windows\System32\imm32.dll
\Windows\System32\usp10.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\gdi32.dll
\Windows\System32\normaliz.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shell32.dll
\Windows\System32\lpk.dll
\Windows\System32\difxapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\wininet.dll
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\nsi.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\userenv.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2020.06.20.11
rootkit: v2020.06.20.11
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007b35060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80079788f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b35060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80074e2580, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007876060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9465A43D
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 512216397
Partition is bootable
Partition file system is NTFS
Partition 1 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 512216460 Numsec = 1441303605
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007b36060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007b35b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b36060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007888520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007883680, DeviceName: \Device\Ide\IdeDeviceP2T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 8F658F65
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 625137282
Partition is bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8007b37060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007b36990, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b37060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007887520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800788a060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 18CC18CB
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 409609242
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 409609305 Numsec = 567158760
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-512216460-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-1-409609305-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
01:11:00.0095 0x0438 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
01:11:26.0211 0x0438 ============================================================
01:11:26.0211 0x0438 Current date / time: 2020/06/21 01:11:26.0211
01:11:26.0211 0x0438 SystemInfo:
01:11:26.0211 0x0438
01:11:26.0211 0x0438 OS Version: 6.1.7601 ServicePack: 1.0
01:11:26.0211 0x0438 Product type: Workstation
01:11:26.0211 0x0438 ComputerName: CARMEN-PC
01:11:26.0211 0x0438 UserName: Carmen
01:11:26.0211 0x0438 Windows directory: C:\Windows
01:11:26.0211 0x0438 System windows directory: C:\Windows
01:11:26.0211 0x0438 Running under WOW64
01:11:26.0211 0x0438 Processor architecture: Intel x64
01:11:26.0211 0x0438 Number of processors: 4
01:11:26.0211 0x0438 Page size: 0x1000
01:11:26.0211 0x0438 Boot type: Normal boot
01:11:26.0212 0x0438 CodeIntegrityOptions = 0x00000001
01:11:26.0212 0x0438 ============================================================
01:11:28.0216 0x0438 KLMD registered as C:\Windows\system32\drivers\90481654.sys
01:11:28.0216 0x0438 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.24000, osProperties = 0x1
01:11:28.0421 0x0438 System UUID: {63209CEF-3593-4A82-2025-FFE0481B6248}
01:11:28.0570 0x0438 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:11:33.0715 0x0438 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:11:37.0306 0x0438 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:11:37.0313 0x0438 ============================================================
01:11:37.0313 0x0438 \Device\Harddisk0\DR0:
01:11:37.0376 0x0438 MBR partitions:
01:11:37.0376 0x0438 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E87CD4D
01:11:37.0391 0x0438 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E87CDCB, BlocksNum 0x55E88BF6
01:11:37.0391 0x0438 \Device\Harddisk1\DR1:
01:11:37.0405 0x0438 MBR partitions:
01:11:37.0405 0x0438 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
01:11:37.0405 0x0438 \Device\Harddisk2\DR2:
01:11:37.0490 0x0438 MBR partitions:
01:11:37.0490 0x0438 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x186A241A
01:11:37.0504 0x0438 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x186A2498, BlocksNum 0x21CE27A9
01:11:37.0504 0x0438 ============================================================
01:11:37.0522 0x0438 C: <-> \Device\Harddisk0\DR0\Partition1
01:11:37.0542 0x0438 D: <-> \Device\Harddisk0\DR0\Partition2
01:11:37.0622 0x0438 F: <-> \Device\Harddisk1\DR1\Partition1
01:11:37.0640 0x0438 G: <-> \Device\Harddisk2\DR2\Partition1
01:11:37.0658 0x0438 H: <-> \Device\Harddisk2\DR2\Partition2
01:11:37.0658 0x0438 ============================================================
01:11:37.0658 0x0438 Initialize success
01:11:37.0658 0x0438 ============================================================
01:12:38.0076 0x1420 ============================================================
01:12:38.0076 0x1420 Scan started
01:12:38.0076 0x1420 Mode: Manual;
01:12:38.0076 0x1420 ============================================================
01:12:38.0076 0x1420 KSN ping started
01:12:50.0197 0x1420 KSN ping finished: true
01:12:51.0447 0x1420 ================ Scan BIOS =================================
01:12:51.0448 0x1420 BIOS info: vendor = Award Software International, Inc., version = F7, releaseDate = 07/13/2012
01:12:51.0448 0x1420 Base board info: manufacturer = Gigabyte Technology Co., Ltd., product = H61M-D2H-USB3, version =
01:12:54.0700 0x1420 [ 9AB9C01347958878E8400AB36AE2ECE4, 3FED3BCEAB96EB19AF56D3303208E66E135A772068815E4C36E2135BFBB6CA4A ] BIOS
01:12:54.0700 0x1420 BIOS - ok
01:12:54.0700 0x1420 ================ Scan system memory ========================
01:12:54.0702 0x1420 System memory - ok
01:12:54.0703 0x1420 ================ Scan services =============================
01:12:54.0768 0x1420 [ 98E06CAC2C508118450095E581202230, 8FC6C08487F2A481A28F1E5E500B61A21B7A0D44B342F9F887017D6FAE4F87F4 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:12:54.0773 0x1420 !SASCORE - ok
01:12:54.0904 0x1420 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
01:12:54.0910 0x1420 1394ohci - ok
01:12:54.0929 0x1420 16758783 - ok
01:12:54.0963 0x1420 [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883 C:\Windows\system32\DRIVERS\61883.sys
01:12:54.0965 0x1420 61883 - ok
01:12:55.0017 0x1420 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:12:55.0027 0x1420 ACPI - ok
01:12:55.0061 0x1420 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:12:55.0062 0x1420 AcpiPmi - ok
01:12:55.0148 0x1420 [ 60509DB7EFFAE80FFAD803261FA2B1DC, 2E969C34709DF4940368B0AB44A76A5CAEF69E0F507DCC4E6711B31588072ED3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:12:55.0157 0x1420 AdobeFlashPlayerUpdateSvc - ok
01:12:55.0299 0x1420 [ 3E80DA011ADFD0CD723DFFCC13D4BE4F, DC851922F5E20090DC2A6D8F20F165D3962D592B54B90222C0CE87E93A5967F3 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
01:12:55.0311 0x1420 AdobeUpdateService - ok
01:12:55.0338 0x1420 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:12:55.0348 0x1420 adp94xx - ok
01:12:55.0370 0x1420 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:12:55.0376 0x1420 adpahci - ok
01:12:55.0390 0x1420 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:12:55.0394 0x1420 adpu320 - ok
01:12:55.0425 0x1420 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:12:55.0427 0x1420 AeLookupSvc - ok
01:12:55.0492 0x1420 [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
01:12:55.0509 0x1420 AFD - ok
01:12:55.0630 0x1420 [ 6D437AC9A9FDE34DFAA7B36CD5F967A4, AF4187EC538AFF65770DC24194BB855F42AD6834E0E6308E40DF9A3F0E1ACB25 ] AGMService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
01:12:55.0676 0x1420 AGMService - ok
01:12:55.0701 0x1420 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
01:12:55.0703 0x1420 agp440 - ok
01:12:55.0826 0x1420 [ 2D32202F5B7D5E6A0945B17283962F9E, 9D4EBF6C7D6D03B0D797F3E4BDE83E4A8B25093F9F07256F5D19909E953C77A5 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
01:12:55.0895 0x1420 AGSService - ok
01:12:55.0923 0x1420 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
01:12:55.0925 0x1420 ALG - ok
01:12:55.0957 0x1420 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
01:12:55.0958 0x1420 aliide - ok
01:12:55.0969 0x1420 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
01:12:55.0970 0x1420 amdide - ok
01:12:55.0983 0x1420 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:12:55.0985 0x1420 AmdK8 - ok
01:12:55.0994 0x1420 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:12:55.0997 0x1420 AmdPPM - ok
01:12:56.0037 0x1420 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:12:56.0041 0x1420 amdsata - ok
01:12:56.0061 0x1420 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:12:56.0067 0x1420 amdsbs - ok
01:12:56.0083 0x1420 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:12:56.0084 0x1420 amdxata - ok
01:12:56.0141 0x1420 APLI Master AutoUpdater - ok
01:12:56.0200 0x1420 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
01:12:56.0203 0x1420 AppHostSvc - ok
01:12:56.0230 0x1420 [ C879C8AD47FB5CA30D81FDF35DAC1CC2, A289F43979631C52B2012B5AD09B37D9F13D61D2CC43FD556A254A4ADB9BE960 ] AppID C:\Windows\system32\drivers\appid.sys
01:12:56.0232 0x1420 AppID - ok
01:12:56.0267 0x1420 [ BDB0D304B0B849B88D91011F149D57E9, 027EBE1042C436909728E7DFBD756E0BCBD799D2F50E44E03DD010C874B8EF91 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:12:56.0269 0x1420 AppIDSvc - ok
01:12:56.0299 0x1420 [ DF34D0E61A40DCF29A3A88BEFFE4BDBE, 70B813F6CB8B584B2A11F0C8937F6A5B1A833A1B5BF51BB360E8E2F7904EBD3B ] Appinfo C:\Windows\System32\appinfo.dll
01:12:56.0302 0x1420 Appinfo - ok
01:12:56.0328 0x1420 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
01:12:56.0335 0x1420 AppMgmt - ok
01:12:56.0346 0x1420 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
01:12:56.0349 0x1420 arc - ok
01:12:56.0362 0x1420 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:12:56.0364 0x1420 arcsas - ok
01:12:56.0447 0x1420 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:12:56.0449 0x1420 aspnet_state - ok
01:12:56.0466 0x1420 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:12:56.0467 0x1420 AsyncMac - ok
01:12:56.0484 0x1420 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
01:12:56.0485 0x1420 atapi - ok
01:12:56.0538 0x1420 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:12:56.0562 0x1420 AudioEndpointBuilder - ok
01:12:56.0578 0x1420 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:12:56.0589 0x1420 AudioSrv - ok
01:12:56.0624 0x1420 [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc C:\Windows\system32\DRIVERS\avc.sys
01:12:56.0626 0x1420 Avc - ok
01:12:56.0652 0x1420 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:12:56.0657 0x1420 AxInstSV - ok
01:12:56.0683 0x1420 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:12:56.0698 0x1420 b06bdrv - ok
01:12:56.0715 0x1420 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:12:56.0720 0x1420 b57nd60a - ok
01:12:56.0740 0x1420 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
01:12:56.0742 0x1420 BDESVC - ok
01:12:56.0772 0x1420 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
01:12:56.0773 0x1420 Beep - ok
01:12:56.0828 0x1420 [ E3ED6C06462FDDE33100F7E45E8F5213, 71AA528F8912106FDAD83175A7529CF94B5B19093D2C63C25FAC198587286F87 ] BFE C:\Windows\System32\bfe.dll
01:12:56.0851 0x1420 BFE - ok
01:12:56.0920 0x1420 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
01:12:56.0963 0x1420 BITS - ok
01:12:56.0989 0x1420 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:12:56.0991 0x1420 blbdrive - ok
01:12:57.0028 0x1420 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:12:57.0030 0x1420 bowser - ok
01:12:57.0038 0x1420 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:12:57.0040 0x1420 BrFiltLo - ok
01:12:57.0047 0x1420 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:12:57.0048 0x1420 BrFiltUp - ok
01:12:57.0082 0x1420 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
01:12:57.0086 0x1420 Browser - ok
01:12:57.0110 0x1420 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:12:57.0119 0x1420 Brserid - ok
01:12:57.0127 0x1420 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:12:57.0129 0x1420 BrSerWdm - ok
01:12:57.0138 0x1420 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:12:57.0139 0x1420 BrUsbMdm - ok
01:12:57.0153 0x1420 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:12:57.0154 0x1420 BrUsbSer - ok
01:12:57.0169 0x1420 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:12:57.0171 0x1420 BTHMODEM - ok
01:12:57.0188 0x1420 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
01:12:57.0190 0x1420 bthserv - ok
01:12:57.0246 0x1420 [ 79B48605F009BEBB2D4A397BA167A199, DF7DE5F6A7192EBAB7AB75D91B165824EEE9F11479DC42E8CC9D2E19D6184FA5 ] CamMask C:\Windows\system32\DRIVERS\cmvcamdrv64.sys
01:12:57.0271 0x1420 CamMask - ok
01:12:57.0306 0x1420 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:12:57.0308 0x1420 cdfs - ok
01:12:57.0335 0x1420 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
01:12:57.0338 0x1420 cdrom - ok
01:12:57.0374 0x1420 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
01:12:57.0407 0x1420 CertPropSvc - ok
01:12:57.0448 0x1420 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:12:57.0506 0x1420 circlass - ok
01:12:57.0573 0x1420 [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS C:\Windows\system32\CLFS.sys
01:12:57.0584 0x1420 CLFS - ok
01:12:57.0642 0x1420 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:12:57.0645 0x1420 clr_optimization_v2.0.50727_32 - ok
01:12:57.0683 0x1420 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:12:57.0686 0x1420 clr_optimization_v2.0.50727_64 - ok
01:12:57.0770 0x1420 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:12:57.0774 0x1420 clr_optimization_v4.0.30319_32 - ok
01:12:57.0787 0x1420 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:12:57.0792 0x1420 clr_optimization_v4.0.30319_64 - ok
01:12:57.0808 0x1420 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:12:57.0810 0x1420 CmBatt - ok
01:12:57.0820 0x1420 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:12:57.0821 0x1420 cmdide - ok
01:12:57.0868 0x1420 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
01:12:57.0882 0x1420 CNG - ok
01:12:57.0916 0x1420 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:12:57.0917 0x1420 Compbatt - ok
01:12:57.0944 0x1420 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:12:57.0946 0x1420 CompositeBus - ok
01:12:57.0950 0x1420 COMSysApp - ok
01:12:57.0961 0x1420 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:12:57.0962 0x1420 crcdisk - ok
01:12:57.0980 0x1420 [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:12:57.0986 0x1420 CryptSvc - ok
01:12:58.0034 0x1420 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
01:12:58.0052 0x1420 CSC - ok
01:12:58.0101 0x1420 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
01:12:58.0125 0x1420 CscService - ok
01:12:58.0168 0x1420 [ BA6C9EE518A11DA4AD061B223EBED3D3, 0FDDEF3FFB375712567212BD7D31DA91AB97F8CE0D468C5FC6D4918CDF204B5A ] DcomLaunch C:\Windows\system32\rpcss.dll
01:12:58.0176 0x1420 DcomLaunch - ok
01:12:58.0212 0x1420 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
01:12:58.0222 0x1420 defragsvc - ok
01:12:58.0251 0x1420 [ 7D2D2284833760A82308CF09F7618E8B, A78F9369D4614D305D2F8E3CD2C697107781DD83A695022A192B2D8E1E21A05D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:12:58.0254 0x1420 DfsC - ok
01:12:58.0294 0x1420 [ 58425D987F155F44C0BD4D0DB230327E, 9F4F5711325118D4C165F7BAC96D8248A387E14363662F735E7B9331FC222C30 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
01:12:58.0298 0x1420 dg_ssudbus - ok
01:12:58.0336 0x1420 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
01:12:58.0346 0x1420 Dhcp - ok
01:12:58.0381 0x1420 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
01:12:58.0382 0x1420 discache - ok
01:12:58.0414 0x1420 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
01:12:58.0416 0x1420 Disk - ok
01:12:58.0452 0x1420 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:12:58.0458 0x1420 Dnscache - ok
01:12:58.0490 0x1420 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
01:12:58.0498 0x1420 dot3svc - ok
01:12:58.0531 0x1420 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
01:12:58.0535 0x1420 DPS - ok
01:12:58.0569 0x1420 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:12:58.0570 0x1420 drmkaud - ok
01:12:58.0629 0x1420 [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:12:58.0659 0x1420 DXGKrnl - ok
01:12:58.0712 0x1420 [ 41AE1D550365D449F2D8B4DD4D4049FF, 864B49CB0F622B113D39F3DBF2F93912748E8B06EC651FCB14D8182622CB5F28 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
01:12:58.0715 0x1420 eamonm - ok
01:12:58.0737 0x1420 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
01:12:58.0741 0x1420 EapHost - ok
01:12:58.0825 0x1420 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:12:58.0889 0x1420 ebdrv - ok
01:12:58.0904 0x1420 [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] EFS C:\Windows\System32\lsass.exe
01:12:58.0904 0x1420 EFS - ok
01:12:58.0952 0x1420 [ 6F5E4C5F655945E19CC2934164C36DFC, 3E9EA59DA5031478EAB0173C80BB23222A205BFA62FAEAA13B837D4ABF5EE7F5 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
01:12:58.0958 0x1420 ehdrv - ok
01:12:58.0999 0x1420 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:12:59.0033 0x1420 ehRecvr - ok
01:12:59.0055 0x1420 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
01:12:59.0059 0x1420 ehSched - ok
01:12:59.0234 0x1420 [ 584E1867D88CCFC72D7D248E50AB6A11, FE52B5A4493DD7E8B8AEB36C8FD9BBF4340EEDED68DE3BAEDF0122137FCFC82D ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
01:12:59.0271 0x1420 ekrn - ok
01:12:59.0329 0x1420 [ 584E1867D88CCFC72D7D248E50AB6A11, FE52B5A4493DD7E8B8AEB36C8FD9BBF4340EEDED68DE3BAEDF0122137FCFC82D ] ekrnEpfw C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
01:12:59.0358 0x1420 ekrnEpfw - ok
01:12:59.0382 0x1420 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:12:59.0392 0x1420 elxstor - ok
01:12:59.0417 0x1420 [ C0EF0049604461DC48726AF6B180EDA8, 962561702D6BA4FBD888E4D1BBD857F4E385A90BB6F40AFDAD7FA0FB215F51CC ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
01:12:59.0419 0x1420 epfwwfp - ok
01:12:59.0505 0x1420 [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
01:12:59.0510 0x1420 EPSON_PM_RPCV4_01 - ok
01:12:59.0521 0x1420 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:12:59.0522 0x1420 ErrDev - ok
01:12:59.0574 0x1420 [ F037314138494EE6BD7DDC4C19C63012, C78477093374BA57DDDDC8F25E67397126AF03700513D24128BDA5C8EA8CFF1A ] ESETCleanersDriver C:\Windows\system32\Drivers\ESETCleanersDriver.sys
01:12:59.0579 0x1420 ESETCleanersDriver - ok
01:12:59.0617 0x1420 [ 3DBC10CBC436288801FAEE66DE91AE47, CE50732C43AEB8ACF977DF7CF609C88CB022E596EBE0C0AA9DDBC4D6BB25B804 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
01:12:59.0619 0x1420 EtronHub3 - ok
01:12:59.0657 0x1420 [ DE261095A2220D400D9603E1E42D4185, F5C4493EDCE92EC46BC7940764F719131FE27AE695201EDF143D678881CD239D ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
01:12:59.0660 0x1420 EtronXHCI - ok
01:12:59.0709 0x1420 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
01:12:59.0726 0x1420 EventSystem - ok
01:12:59.0759 0x1420 [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
01:12:59.0766 0x1420 exfat - ok
01:12:59.0811 0x1420 [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:12:59.0818 0x1420 fastfat - ok
01:12:59.0872 0x1420 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
01:12:59.0889 0x1420 Fax - ok
01:12:59.0925 0x1420 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:12:59.0927 0x1420 fdc - ok
01:12:59.0931 0x1420 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
01:12:59.0932 0x1420 fdPHost - ok
01:12:59.0948 0x1420 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
01:12:59.0950 0x1420 FDResPub - ok
01:12:59.0967 0x1420 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:12:59.0970 0x1420 FileInfo - ok
01:12:59.0985 0x1420 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:12:59.0987 0x1420 Filetrace - ok
01:13:00.0052 0x1420 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:13:00.0074 0x1420 FLEXnet Licensing Service - ok
01:13:00.0088 0x1420 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:13:00.0089 0x1420 flpydisk - ok
01:13:00.0118 0x1420 [ DC591A7A196E99EFB5A48D708CB989FD, 1C34C0A4AEEE977D290EF5E79C3B13B1F1F18E051F49815013D360F62458D82A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:13:00.0124 0x1420 FltMgr - ok
01:13:00.0168 0x1420 [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll
01:13:00.0194 0x1420 FontCache - ok
01:13:00.0224 0x1420 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:13:00.0225 0x1420 FontCache3.0.0.0 - ok
01:13:00.0239 0x1420 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:13:00.0240 0x1420 FsDepends - ok
01:13:00.0271 0x1420 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:13:00.0272 0x1420 Fs_Rec - ok
01:13:00.0308 0x1420 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:13:00.0315 0x1420 fvevol - ok
01:13:00.0330 0x1420 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:13:00.0333 0x1420 gagp30kx - ok
01:13:00.0459 0x1420 [ 21CA0B28765208BE1276E5E525681DB9, 4B578555A3D6448928612CD0E8FA6524B5EDC8013E192B6C74CAC74312D790D8 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\elevation_service.exe
01:13:00.0485 0x1420 GoogleChromeElevationService - ok
01:13:00.0534 0x1420 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
01:13:00.0556 0x1420 gpsvc - ok
01:13:00.0571 0x1420 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:13:00.0572 0x1420 hcw85cir - ok
01:13:00.0600 0x1420 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:13:00.0607 0x1420 HdAudAddService - ok
01:13:00.0618 0x1420 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:13:00.0621 0x1420 HDAudBus - ok
01:13:00.0634 0x1420 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:13:00.0635 0x1420 HidBatt - ok
01:13:00.0644 0x1420 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:13:00.0646 0x1420 HidBth - ok
01:13:00.0658 0x1420 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:13:00.0659 0x1420 HidIr - ok
01:13:00.0677 0x1420 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
01:13:00.0678 0x1420 hidserv - ok
01:13:00.0695 0x1420 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:13:00.0696 0x1420 HidUsb - ok
01:13:00.0721 0x1420 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:13:00.0723 0x1420 hkmsvc - ok
01:13:00.0738 0x1420 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:13:00.0746 0x1420 HomeGroupListener - ok
01:13:00.0765 0x1420 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:13:00.0772 0x1420 HomeGroupProvider - ok
01:13:00.0782 0x1420 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:13:00.0786 0x1420 HpSAMD - ok
01:13:00.0857 0x1420 [ 93C367EA831FB39DEE3BA96539A187FB, 8B912152CA8B89B4429278F93163481BAA07E2D940EE61CE1B7AD178AB13E105 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:13:00.0880 0x1420 HTTP - ok
01:13:00.0911 0x1420 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:13:00.0911 0x1420 hwpolicy - ok
01:13:00.0946 0x1420 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:13:00.0949 0x1420 i8042prt - ok
01:13:00.0977 0x1420 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:13:00.0987 0x1420 iaStorV - ok
01:13:01.0043 0x1420 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:13:01.0062 0x1420 idsvc - ok
01:13:01.0076 0x1420 IEEtwCollectorService - ok
01:13:01.0092 0x1420 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:13:01.0093 0x1420 iirsp - ok
01:13:01.0136 0x1420 [ 25AF7D5C819F19D7C97F4A9607F2609A, 70142B97F1087E20758AFECF5A7AB2EC1FDBBF68019A3BEC6C49F168650FEFC8 ] IKEEXT C:\Windows\System32\ikeext.dll
01:13:01.0161 0x1420 IKEEXT - ok
01:13:01.0274 0x1420 [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:13:01.0353 0x1420 IntcAzAudAddService - ok
01:13:01.0411 0x1420 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:13:01.0437 0x1420 Intel(R) Capability Licensing Service Interface - ok
01:13:01.0460 0x1420 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
01:13:01.0461 0x1420 intelide - ok
01:13:01.0472 0x1420 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:13:01.0474 0x1420 intelppm - ok
01:13:01.0488 0x1420 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:13:01.0491 0x1420 IPBusEnum - ok
01:13:01.0503 0x1420 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:13:01.0505 0x1420 IpFilterDriver - ok
01:13:01.0531 0x1420 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:13:01.0544 0x1420 iphlpsvc - ok
01:13:01.0562 0x1420 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:13:01.0565 0x1420 IPMIDRV - ok
01:13:01.0583 0x1420 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:13:01.0586 0x1420 IPNAT - ok
01:13:01.0594 0x1420 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:13:01.0595 0x1420 IRENUM - ok
01:13:01.0603 0x1420 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:13:01.0604 0x1420 isapnp - ok
01:13:01.0626 0x1420 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:13:01.0633 0x1420 iScsiPrt - ok
01:13:01.0663 0x1420 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
01:13:01.0668 0x1420 jhi_service - ok
01:13:01.0708 0x1420 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:13:01.0710 0x1420 kbdclass - ok
01:13:01.0714 0x1420 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:13:01.0715 0x1420 kbdhid - ok
01:13:01.0728 0x1420 [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] KeyIso C:\Windows\system32\lsass.exe
01:13:01.0730 0x1420 KeyIso - ok
01:13:01.0772 0x1420 [ 4DFBEF9BDA2D720F9AADC2FB698C9FEF, B13916215B83A2ECCDCC3548D31FD8F0365B8D8D537FAC2DC0C7850BAEEB05AC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:13:01.0774 0x1420 KSecDD - ok
01:13:01.0803 0x1420 [ 678D90A262C1FD81B1AE40163255EFAB, E41767DBC5327EFF70242D87A0A4069845746738F047D633A894E5C1C9DE8141 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:13:01.0807 0x1420 KSecPkg - ok
01:13:01.0832 0x1420 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:13:01.0833 0x1420 ksthunk - ok
01:13:01.0855 0x1420 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
01:13:01.0866 0x1420 KtmRm - ok
01:13:01.0898 0x1420 [ A43A9920D2409BB9DA747D2FD20A2E61, 6D48897F3B9F0D04FC0C09017A34F1614C708476829F275682963F162BCBE8A0 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
01:13:01.0902 0x1420 L1C - ok
01:13:01.0950 0x1420 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:13:01.0959 0x1420 LanmanServer - ok
01:13:01.0984 0x1420 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:13:01.0990 0x1420 LanmanWorkstation - ok
01:13:02.0025 0x1420 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:13:02.0028 0x1420 lltdio - ok
01:13:02.0046 0x1420 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:13:02.0056 0x1420 lltdsvc - ok
01:13:02.0080 0x1420 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:13:02.0082 0x1420 lmhosts - ok
01:13:02.0119 0x1420 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:13:02.0126 0x1420 LMS - ok
01:13:02.0153 0x1420 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:13:02.0156 0x1420 LSI_FC - ok
01:13:02.0163 0x1420 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:13:02.0165 0x1420 LSI_SAS - ok
01:13:02.0179 0x1420 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:13:02.0181 0x1420 LSI_SAS2 - ok
01:13:02.0195 0x1420 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:13:02.0197 0x1420 LSI_SCSI - ok
01:13:02.0236 0x1420 [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv C:\Windows\system32\drivers\luafv.sys
01:13:02.0239 0x1420 luafv - ok
01:13:02.0282 0x1420 [ BD3DE3C80821AB493DEA62DD97A71BCA, 11ADDB78B3D1F3DCB78E9F1A51AB5F7ED710E76DF8D5A461F8C27E1D9865E25C ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv.sys
01:13:02.0284 0x1420 ManyCam - ok
01:13:02.0411 0x1420 [ 9A5728733FC3B2BD46A82D39CC49B24E, 1E12D4E539FE2885B8652A2C846FE2DF8C1B049FA54467A830AF70E860E65644 ] MaxthonUpdateSvc C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
01:13:02.0492 0x1420 MaxthonUpdateSvc - ok
01:13:02.0716 0x1420 [ D22F94683E57BD98D4110E44DB9BA433, 75BFB3EE2591EA2A62343644F1A197BDDFE462A15418CD1F8CB4A6D754070D26 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
01:13:02.0802 0x1420 MBAMService - ok
01:13:02.0858 0x1420 [ A1CB214CAD55EFE911245FD79AD01CD3, 0A05F9FF66B0829769075F6EBC1668003913F2A08A78322E70464BDA95F7EDC9 ] MBAMSwissArmy C:\Windows\system32\Drivers\mbamswissarmy.sys
01:13:02.0866 0x1420 MBAMSwissArmy - ok
01:13:02.0903 0x1420 [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
01:13:02.0905 0x1420 mcaudrv_simple - ok
01:13:02.0942 0x1420 [ 3CD0D8FC5FE6F7AE85AC8B818F9029B4, 532A384881A27A687BE856F3CE76ABA939AB2D5DD48D9A07CF5326216859EF8E ] mcdevice C:\Windows\system32\DRIVERS\mcdevice.sys
01:13:02.0953 0x1420 mcdevice - ok
01:13:02.0988 0x1420 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:13:02.0992 0x1420 Mcx2Svc - ok
01:13:03.0000 0x1420 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:13:03.0002 0x1420 megasas - ok
01:13:03.0023 0x1420 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:13:03.0032 0x1420 MegaSR - ok
01:13:03.0063 0x1420 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
01:13:03.0065 0x1420 MEIx64 - ok
01:13:03.0133 0x1420 [ 033B947AF4A997820E86FCB070B1F450, 2F54F9D1E8374187B2F206E7CF22A907C735C71F38445A94BDC84E83081D3A88 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
01:13:03.0136 0x1420 Microsoft Office Groove Audit Service - ok
01:13:03.0155 0x1420 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
01:13:03.0158 0x1420 MMCSS - ok
01:13:03.0171 0x1420 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
01:13:03.0173 0x1420 Modem - ok
01:13:03.0196 0x1420 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:13:03.0198 0x1420 monitor - ok
01:13:03.0235 0x1420 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:13:03.0237 0x1420 mouclass - ok
01:13:03.0250 0x1420 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:13:03.0252 0x1420 mouhid - ok
01:13:03.0284 0x1420 [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:13:03.0287 0x1420 mountmgr - ok
01:13:03.0340 0x1420 [ 04111D68D0FD2C594FD1FC731E191271, E8ACE49C09A6150384115E9910854DB1D15824DCC6A80C4E3BC0C97B6F2293E1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:13:03.0346 0x1420 MozillaMaintenance - ok
01:13:03.0366 0x1420 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
01:13:03.0371 0x1420 mpio - ok
01:13:03.0383 0x1420 [ 6D9BB8B53394B62540A3971FCE2BE8DB, C1942B2F3C6A4282FE39FCE5DCF46FA446D4F086F2F9ABDED9A4163A83A253B8 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:13:03.0386 0x1420 mpsdrv - ok
01:13:03.0444 0x1420 [ 92B4079384B8BE97AEE3CA8B43E0AAEB, 0AB87851F91274DDB19E21052E1D66FF76BA031D39A716EB4242BC5C0AC4ADB7 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:13:03.0487 0x1420 MpsSvc - ok
01:13:03.0516 0x1420 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:13:03.0520 0x1420 MRxDAV - ok
01:13:03.0563 0x1420 [ EEC4E22876AFC905C9EDBFEB829B8022, 91159A2BDF19CB2EA25AA0AF8271D823F5C66C90632E074954672E972BBF6B95 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:13:03.0569 0x1420 mrxsmb - ok
01:13:03.0590 0x1420 [ 386EFD770CA3B2D36049C17A7A1239BA, F86F964C27766BAB1761C4C9DFF631ECC1DFB140BE9668797D95A006B13CFF07 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:13:03.0599 0x1420 mrxsmb10 - ok
01:13:03.0645 0x1420 [ A052D084A01D65993DABE3CFE2D8D1BE, 703B027F11BBD7804874655B412B71443E2BB13CBFDA05A44B2D171BFCF62F70 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:13:03.0649 0x1420 mrxsmb20 - ok
01:13:03.0681 0x1420 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
01:13:03.0683 0x1420 msahci - ok
01:13:03.0715 0x1420 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:13:03.0719 0x1420 msdsm - ok
01:13:03.0737 0x1420 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
01:13:03.0741 0x1420 MSDTC - ok
01:13:03.0780 0x1420 [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
01:13:03.0783 0x1420 MSDV - ok
01:13:03.0788 0x1420 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:13:03.0789 0x1420 Msfs - ok
01:13:03.0804 0x1420 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:13:03.0805 0x1420 mshidkmdf - ok
01:13:03.0828 0x1420 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:13:03.0829 0x1420 msisadrv - ok
01:13:03.0849 0x1420 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:13:03.0855 0x1420 MSiSCSI - ok
01:13:03.0858 0x1420 msiserver - ok
01:13:03.0877 0x1420 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:13:03.0878 0x1420 MSKSSRV - ok
01:13:03.0890 0x1420 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:13:03.0891 0x1420 MSPCLOCK - ok
01:13:03.0902 0x1420 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:13:03.0903 0x1420 MSPQM - ok
01:13:03.0948 0x1420 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:13:03.0960 0x1420 MsRPC - ok
01:13:04.0000 0x1420 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:13:04.0001 0x1420 mssmbios - ok
01:13:04.0013 0x1420 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:13:04.0014 0x1420 MSTEE - ok
01:13:04.0028 0x1420 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:13:04.0029 0x1420 MTConfig - ok
01:13:04.0046 0x1420 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
01:13:04.0048 0x1420 Mup - ok
01:13:04.0135 0x1420 [ 1BE159EE1C21EB0CFE23DFBDAEC8D18F, 8E3B7830F9648210676B6C0BE6827811220C0A253C625B288DD9507097E4F62A ] MxService C:\Program Files (x86)\Maxthon\Bin\MxService.exe
01:13:04.0140 0x1420 MxService - ok
01:13:04.0186 0x1420 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
01:13:04.0203 0x1420 napagent - ok
01:13:04.0246 0x1420 [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:13:04.0256 0x1420 NativeWifiP - ok
01:13:04.0298 0x1420 [ 261F27367EB6EA6478B940811F0A6F03, C5924B8B00E93DA9B8B1DBAA05A4D53BB1720C2FFA9B3EDA63CB20A64F59808B ] NDIS C:\Windows\system32\drivers\ndis.sys
01:13:04.0324 0x1420 NDIS - ok
01:13:04.0338 0x1420 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:13:04.0339 0x1420 NdisCap - ok
01:13:04.0362 0x1420 [ 3F217F77899654833B650ED6A1372BE4, BB351A685D8F05E8066716F7346D28F950FB263D6C4F6957D908EA602FFF0681 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:13:04.0364 0x1420 NdisTapi - ok
01:13:04.0396 0x1420 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:13:04.0399 0x1420 Ndisuio - ok
01:13:04.0430 0x1420 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:13:04.0436 0x1420 NdisWan - ok
01:13:04.0464 0x1420 [ E46AF308E96F7730F59B0F250A884CD6, F5D00B950AAE1F38E295385C934FDC6C24608E65A8357317AE889947A2FE2BDC ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:13:04.0467 0x1420 NDProxy - ok
01:13:04.0500 0x1420 [ 2E19EB10185992AB08BC3688AACA4CE2, D9E3A5CFE8887B7F66239000116723FAA119107870A6FB65FD6F108CE5C9D9EB ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:13:04.0502 0x1420 NetBIOS - ok
01:13:04.0553 0x1420 [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:13:04.0562 0x1420 NetBT - ok
01:13:04.0567 0x1420 [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] Netlogon C:\Windows\system32\lsass.exe
01:13:04.0568 0x1420 Netlogon - ok
01:13:04.0597 0x1420 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
01:13:04.0606 0x1420 Netman - ok
01:13:04.0631 0x1420 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0635 0x1420 NetMsmqActivator - ok
01:13:04.0640 0x1420 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0642 0x1420 NetPipeActivator - ok
01:13:04.0666 0x1420 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
01:13:04.0674 0x1420 netprofm - ok
01:13:04.0689 0x1420 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0691 0x1420 NetTcpActivator - ok
01:13:04.0695 0x1420 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:04.0697 0x1420 NetTcpPortSharing - ok
01:13:04.0719 0x1420 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:13:04.0720 0x1420 nfrd960 - ok
01:13:04.0804 0x1420 [ 56DAF68C65E739B148FD3A71994FB994, 8D73BF14F06B6BE7C5C2CE077A3EF776DB5503E4B3C462BDDE5A0DBC81334F40 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
01:13:04.0811 0x1420 NitroDriverReadSpool8 - ok
01:13:04.0832 0x1420 [ 93DEDBE8E24F31962755E6AA4AC2D7B0, 368B3F48F230514F496CE24339EC8943A87A6BB9815912AE192B73837AB3E3B7 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:13:04.0841 0x1420 NlaSvc - ok
01:13:04.0869 0x1420 [ 05AB59A94A5D6B2508C551169E7AC197, 279FF9781C110DAD3BE8DB8865F93889222C4990C54A7F5A8A1F24E902BFB487 ] NLNdisMP C:\Windows\system32\DRIVERS\nlndis.sys
01:13:04.0870 0x1420 NLNdisMP - ok
01:13:04.0874 0x1420 [ 05AB59A94A5D6B2508C551169E7AC197, 279FF9781C110DAD3BE8DB8865F93889222C4990C54A7F5A8A1F24E902BFB487 ] NLNdisPT C:\Windows\system32\DRIVERS\nlndis.sys
01:13:04.0875 0x1420 NLNdisPT - ok
01:13:04.0957 0x1420 [ ED816753DF45E807314A6ECB88B93204, 7C653CED064121E0EE0703324883A1F23F2E0C42DAE3A6CAE9D033C76497F8BF ] nlsvc C:\Program Files\NetLimiter 3\nlsvc.exe
01:13:04.0993 0x1420 nlsvc - ok
01:13:05.0068 0x1420 [ B1EF4686961986DFFB7FE8F18E6FCB5B, 562F144DAA8C2D6E4D55C7ABEF1DB52FC67F1A09E03CD700E27DFC3A4920E271 ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
01:13:05.0070 0x1420 nlsX86cc - ok
01:13:05.0094 0x1420 [ 84765ACB534DC025A757970B69099E0E, 43851A938770F04C158758327ACC3790E6F1DC04EF6BB7C7EFCAFA2474408241 ] nltdi C:\Program Files\NetLimiter 3\nltdi.sys
01:13:05.0097 0x1420 nltdi - ok
01:13:05.0135 0x1420 [ 8ACF8E802087880B
01:13:05.0135 0x1420 [ 8ACF8E802087880B821EC985FEACCD72, B9803FBA1D907A75B0F3E7CE7C28671BC765F18F1C4353C6726F2E2D669B00EC ] NMSAccess64 C:\Windows\SysWOW64\NMSAccess64.exe
01:13:05.0139 0x1420 NMSAccess64 - ok
01:13:05.0155 0x1420 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:13:05.0156 0x1420 Npfs - ok
01:13:05.0185 0x1420 [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll
01:13:05.0187 0x1420 nsi - ok
01:13:05.0223 0x1420 [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:13:05.0225 0x1420 nsiproxy - ok
01:13:05.0295 0x1420 [ A97B92D11270695B15C3663BCCB737D3, 3C5AF4C85A3121359C9E8BB66CC10ECDA48766C765E1D83D107D5DF21BE24756 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:13:05.0332 0x1420 Ntfs - ok
01:13:05.0346 0x1420 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
01:13:05.0346 0x1420 Null - ok
01:13:05.0369 0x1420 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
01:13:05.0373 0x1420 NVHDA - ok
01:13:05.0658 0x1420 [ BF7A24A71E1932200D864BC1CE15E596, 59736CE4AC16BADCDDA935F2F7CEC93F6C245C359D699F841260AA817DC65442 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:13:05.0919 0x1420 nvlddmkm - ok
01:13:05.0956 0x1420 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:13:05.0959 0x1420 nvraid - ok
01:13:05.0969 0x1420 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:13:05.0972 0x1420 nvstor - ok
01:13:06.0023 0x1420 [ 43F91595049DE14C4B61D1E76436164F, AADBB9C4C47F9CC6A89CD4729C26E5DE3CCF649BCFC540B9D6F4A3DEFB92DA0B ] nvsvc C:\Windows\system32\nvvsvc.exe
01:13:06.0043 0x1420 nvsvc - ok
01:13:06.0111 0x1420 [ 322B69422836F97B76F4AA59B47507BA, 9BE48FB784B574466340069DCA86E3BDE5E8357A8079406ABDA9C2CE5AD76111 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:13:06.0137 0x1420 nvUpdatusService - ok
01:13:06.0164 0x1420 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:13:06.0167 0x1420 nv_agp - ok
01:13:06.0248 0x1420 [ E54AA592A65F317390EEE386A8821692, 7997F8C07802F6C49F06620B35C4C382ADD5419EA8BE02CD7AF0F2EF42A93E53 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:13:06.0257 0x1420 odserv - ok
01:13:06.0288 0x1420 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:13:06.0290 0x1420 ohci1394 - ok
01:13:06.0326 0x1420 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:13:06.0329 0x1420 ose - ok
01:13:06.0366 0x1420 [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:13:06.0375 0x1420 p2pimsvc - ok
01:13:06.0413 0x1420 [ 79DB2B358BF0B152F15D1C5A525233BD, 374D9E8D7FBBC3EB14BDC651378120FCB075A36404F1E76A3F291F89CD5C3362 ] p2psvc C:\Windows\system32\p2psvc.dll
01:13:06.0424 0x1420 p2psvc - ok
01:13:06.0441 0x1420 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:13:06.0443 0x1420 Parport - ok
01:13:06.0473 0x1420 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:13:06.0476 0x1420 partmgr - ok
01:13:06.0513 0x1420 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
01:13:06.0520 0x1420 PcaSvc - ok
01:13:06.0541 0x1420 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
01:13:06.0546 0x1420 pci - ok
01:13:06.0552 0x1420 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
01:13:06.0553 0x1420 pciide - ok
01:13:06.0572 0x1420 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:13:06.0578 0x1420 pcmcia - ok
01:13:06.0591 0x1420 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
01:13:06.0593 0x1420 pcw - ok
01:13:06.0646 0x1420 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:13:06.0672 0x1420 PEAUTH - ok
01:13:06.0748 0x1420 [ C59E17D5E30972ECA28A72004795AEA7, 24CE4698F578BB6BE51101BA083C5E4A6A1AA449439C125BA3E5793E54260525 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
01:13:06.0779 0x1420 PeerDistSvc - ok
01:13:06.0799 0x1420 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:13:06.0800 0x1420 PerfHost - ok
01:13:06.0805 0x1420 pfc - ok
01:13:06.0859 0x1420 [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
01:13:06.0902 0x1420 pla - ok
01:13:06.0949 0x1420 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:13:06.0966 0x1420 PlugPlay - ok
01:13:06.0985 0x1420 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:13:06.0986 0x1420 PNRPAutoReg - ok
01:13:07.0010 0x1420 [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:13:07.0019 0x1420 PNRPsvc - ok
01:13:07.0057 0x1420 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:13:07.0067 0x1420 PolicyAgent - ok
01:13:07.0087 0x1420 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
01:13:07.0091 0x1420 Power - ok
01:13:07.0129 0x1420 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:13:07.0133 0x1420 PptpMiniport - ok
01:13:07.0145 0x1420 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:13:07.0148 0x1420 Processor - ok
01:13:07.0179 0x1420 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
01:13:07.0185 0x1420 ProfSvc - ok
01:13:07.0194 0x1420 [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:13:07.0196 0x1420 ProtectedStorage - ok
01:13:07.0226 0x1420 [ 4CE827A5433451551E99C2C1D20E4A43, B2E0806BB5C32A9126584941EE92526BFD45BB9EE18D7E598A2FFE7AAB495930 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:13:07.0229 0x1420 Psched - ok
01:13:07.0278 0x1420 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:13:07.0320 0x1420 ql2300 - ok
01:13:07.0328 0x1420 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:13:07.0330 0x1420 ql40xx - ok
01:13:07.0351 0x1420 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
01:13:07.0356 0x1420 QWAVE - ok
01:13:07.0365 0x1420 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:13:07.0367 0x1420 QWAVEdrv - ok
01:13:07.0380 0x1420 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:13:07.0381 0x1420 RasAcd - ok
01:13:07.0395 0x1420 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:13:07.0396 0x1420 RasAgileVpn - ok
01:13:07.0410 0x1420 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
01:13:07.0413 0x1420 RasAuto - ok
01:13:07.0452 0x1420 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:13:07.0457 0x1420 Rasl2tp - ok
01:13:07.0495 0x1420 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
01:13:07.0507 0x1420 RasMan - ok
01:13:07.0520 0x1420 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:13:07.0522 0x1420 RasPppoe - ok
01:13:07.0535 0x1420 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:13:07.0537 0x1420 RasSstp - ok
01:13:07.0552 0x1420 [ FB45727105E27756B3252572A138FA19, B11A375C7377C2DD02175921F5A3BBD23191207DE76DB220ACF72BD5CF74E09A ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:13:07.0557 0x1420 rdbss - ok
01:13:07.0565 0x1420 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:13:07.0566 0x1420 rdpbus - ok
01:13:07.0572 0x1420 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:13:07.0572 0x1420 RDPCDD - ok
01:13:07.0605 0x1420 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
01:13:07.0611 0x1420 RDPDR - ok
01:13:07.0626 0x1420 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:13:07.0627 0x1420 RDPENCDD - ok
01:13:07.0637 0x1420 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:13:07.0638 0x1420 RDPREFMP - ok
01:13:07.0689 0x1420 [ 4D3B50366F453BF1D17CB3DD72A024FF, 1D2F351CACBDF3C26586AE23BAAA6DADC99B664A81C213B8B54D17EBA5C308A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:13:07.0689 0x1420 RdpVideoMiniport - ok
01:13:07.0723 0x1420 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:13:07.0727 0x1420 RDPWD - ok
01:13:07.0753 0x1420 [ F4287A980C0AA41DE3073F053E5EA73C, 04A386884DE32C6813486FD2D8FD9B9B275758CE5354459D8862A60E7F134833 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:13:07.0757 0x1420 rdyboost - ok
01:13:07.0786 0x1420 [ 0301EEE83B03229F555C6F8025FB5540, 3ABBA482E59FF9FC831A0FEA75A8C937BAE5077108A0EB3F89205C72FEDC2CD9 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:13:07.0788 0x1420 RemoteAccess - ok
01:13:07.0801 0x1420 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:13:07.0805 0x1420 RemoteRegistry - ok
01:13:07.0808 0x1420 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:13:07.0811 0x1420 RpcEptMapper - ok
01:13:07.0827 0x1420 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
01:13:07.0828 0x1420 RpcLocator - ok
01:13:07.0871 0x1420 [ BA6C9EE518A11DA4AD061B223EBED3D3, 0FDDEF3FFB375712567212BD7D31DA91AB97F8CE0D468C5FC6D4918CDF204B5A ] RpcSs C:\Windows\system32\rpcss.dll
01:13:07.0878 0x1420 RpcSs - ok
01:13:07.0916 0x1420 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:13:07.0918 0x1420 rspndr - ok
01:13:07.0949 0x1420 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
01:13:07.0950 0x1420 s3cap - ok
01:13:07.0955 0x1420 [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] SamSs C:\Windows\system32\lsass.exe
01:13:07.0956 0x1420 SamSs - ok
01:13:07.0992 0x1420 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:13:07.0993 0x1420 SASDIFSV - ok
01:13:08.0013 0x1420 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:13:08.0014 0x1420 SASKUTIL - ok
01:13:08.0046 0x1420 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:13:08.0049 0x1420 sbp2port - ok
01:13:08.0069 0x1420 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:13:08.0076 0x1420 SCardSvr - ok
01:13:08.0110 0x1420 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:13:08.0112 0x1420 scfilter - ok
01:13:08.0162 0x1420 [ E5A1E7B40B5086E643705B2D85A139C4, 0B298C16689C8AA475396C9BEAF1032A156A0D7986931337D47FE3AF72228026 ] Schedule C:\Windows\system32\schedsvc.dll
01:13:08.0191 0x1420 Schedule - ok
01:13:08.0233 0x1420 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:13:08.0236 0x1420 SCPolicySvc - ok
01:13:08.0270 0x1420 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:13:08.0277 0x1420 SDRSVC - ok
01:13:08.0292 0x1420 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:13:08.0293 0x1420 secdrv - ok
01:13:08.0323 0x1420 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
01:13:08.0326 0x1420 seclogon - ok
01:13:08.0343 0x1420 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
01:13:08.0346 0x1420 SENS - ok
01:13:08.0358 0x1420 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:13:08.0361 0x1420 SensrSvc - ok
01:13:08.0372 0x1420 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:13:08.0373 0x1420 Serenum - ok
01:13:08.0399 0x1420 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:13:08.0402 0x1420 Serial - ok
01:13:08.0413 0x1420 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:13:08.0414 0x1420 sermouse - ok
01:13:08.0454 0x1420 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
01:13:08.0459 0x1420 SessionEnv - ok
01:13:08.0486 0x1420 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:13:08.0488 0x1420 sffdisk - ok
01:13:08.0493 0x1420 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:13:08.0494 0x1420 sffp_mmc - ok
01:13:08.0502 0x1420 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:13:08.0504 0x1420 sffp_sd - ok
01:13:08.0520 0x1420 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:13:08.0521 0x1420 sfloppy - ok
01:13:08.0563 0x1420 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:13:08.0579 0x1420 SharedAccess - ok
01:13:08.0625 0x1420 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:13:08.0642 0x1420 ShellHWDetection - ok
01:13:08.0653 0x1420 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:13:08.0654 0x1420 SiSRaid2 - ok
01:13:08.0674 0x1420 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:13:08.0676 0x1420 SiSRaid4 - ok
01:13:08.0685 0x1420 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:13:08.0688 0x1420 Smb - ok
01:13:08.0711 0x1420 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:13:08.0713 0x1420 SNMPTRAP - ok
01:13:08.0723 0x1420 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
01:13:08.0724 0x1420 spldr - ok
01:13:08.0767 0x1420 [ 8003D39B386EDCCFB08DC21AACC0683A, 99D6A4DBE810335A69AE3053DC4B6AAC267639AD7F9C568431FA0714F6E71F30 ] Spooler C:\Windows\System32\spoolsv.exe
01:13:08.0778 0x1420 Spooler - ok
01:13:08.0886 0x1420 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
01:13:08.0971 0x1420 sppsvc - ok
01:13:08.0996 0x1420 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:13:08.0998 0x1420 sppuinotify - ok
01:13:09.0048 0x1420 [ 8980499A526581794A20B12E2E264661, 76C9AF4D95137F1258ACE45C1E254386F21A7900006FB151C8718875C8CA688B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:13:09.0065 0x1420 srv - ok
01:13:09.0113 0x1420 [ 9B90A439B97EBBD2A9ABEFFBBC1EEC71, F40C5285205A2D50F1D5F4FCD5D3990597BD39B38AD82D439BC2D51D5BB6F666 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:13:09.0130 0x1420 srv2 - ok
01:13:09.0139 0x1420 [ 9E30361776E07AD940791927A0FC9B3A, 1B8FBC780BEEA1DB23861584C44F0EB55CC6B3817AF714020EBA675E38DF98B5 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:13:09.0142 0x1420 srvnet - ok
01:13:09.0154 0x1420 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:13:09.0163 0x1420 SSDPSRV - ok
01:13:09.0184 0x1420 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:13:09.0186 0x1420 SstpSvc - ok
01:13:09.0226 0x1420 [ 383C219BFA39703A5AF40F1636E3A7F8, D515E572EF440CAA5A97335421B284743A331827010EC854480E0234D58FEF43 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
01:13:09.0232 0x1420 ssudmdm - ok
01:13:09.0359 0x1420 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
01:13:09.0380 0x1420 ss_conn_service - ok
01:13:09.0421 0x1420 [ A766CCAD980235FF34E7F8089D3175A3, ECC1F92F46FE8FC10075F14AC4FEAA9BAA0E2FDF49E693230C5077D408CAFA70 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:13:09.0426 0x1420 Stereo Service - ok
01:13:09.0439 0x1420 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:13:09.0440 0x1420 stexstor - ok
01:13:09.0485 0x1420 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
01:13:09.0519 0x1420 stisvc - ok
01:13:09.0554 0x1420 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
01:13:09.0556 0x1420 storflt - ok
01:13:09.0573 0x1420 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
01:13:09.0575 0x1420 storvsc - ok
01:13:09.0586 0x1420 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
01:13:09.0587 0x1420 swenum - ok
01:13:09.0608 0x1420 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
01:13:09.0626 0x1420 swprv - ok
01:13:09.0704 0x1420 [ 15CF7B24AA64FE958CAEA00274838B1C, 820F7CF1CCD036A1871D728C1CC80D9E9BB5E3BD5D9C7BC822B1711D8DB79707 ] SysMain C:\Windows\system32\sysmain.dll
01:13:09.0740 0x1420 SysMain - ok
01:13:09.0749 0x1420 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:13:09.0752 0x1420 TabletInputService - ok
01:13:09.0772 0x1420 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
01:13:09.0778 0x1420 TapiSrv - ok
01:13:09.0860 0x1420 [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:13:09.0898 0x1420 Tcpip - ok
01:13:09.0975 0x1420 [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:13:10.0011 0x1420 TCPIP6 - ok
01:13:10.0043 0x1420 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:13:10.0044 0x1420 tcpipreg - ok
01:13:10.0059 0x1420 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:13:10.0060 0x1420 TDPIPE - ok
01:13:10.0091 0x1420 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:13:10.0092 0x1420 TDTCP - ok
01:13:10.0124 0x1420 [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:13:10.0128 0x1420 tdx - ok
01:13:10.0141 0x1420 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
01:13:10.0144 0x1420 TermDD - ok
01:13:10.0193 0x1420 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
01:13:10.0210 0x1420 TermService - ok
01:13:10.0213 0x1420 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
01:13:10.0215 0x1420 Themes - ok
01:13:10.0236 0x1420 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
01:13:10.0238 0x1420 THREADORDER - ok
01:13:10.0250 0x1420 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
01:13:10.0253 0x1420 TrkWks - ok
01:13:10.0294 0x1420 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:13:10.0296 0x1420 TrustedInstaller - ok
01:13:10.0324 0x1420 [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:13:10.0325 0x1420 tssecsrv - ok
01:13:10.0350 0x1420 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:13:10.0351 0x1420 TsUsbFlt - ok
01:13:10.0389 0x1420 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:13:10.0392 0x1420 tunnel - ok
01:13:10.0404 0x1420 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:13:10.0406 0x1420 uagp35 - ok
01:13:10.0437 0x1420 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:13:10.0444 0x1420 udfs - ok
01:13:10.0460 0x1420 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:13:10.0463 0x1420 UI0Detect - ok
01:13:10.0471 0x1420 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:13:10.0473 0x1420 uliagpkx - ok
01:13:10.0505 0x1420 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
01:13:10.0506 0x1420 umbus - ok
01:13:10.0515 0x1420 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:13:10.0516 0x1420 UmPass - ok
01:13:10.0551 0x1420 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
01:13:10.0560 0x1420 UmRdpService - ok
01:13:10.0660 0x1420 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:13:10.0671 0x1420 UNS - ok
01:13:10.0699 0x1420 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
01:13:10.0716 0x1420 upnphost - ok
01:13:10.0745 0x1420 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
01:13:10.0747 0x1420 usbaudio - ok
01:13:10.0764 0x1420 [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:13:10.0768 0x1420 usbccgp - ok
01:13:10.0793 0x1420 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:13:10.0797 0x1420 usbcir - ok
01:13:10.0827 0x1420 [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci C:\Windows\system32\drivers\usbehci.sys
01:13:10.0830 0x1420 usbehci - ok
01:13:10.0868 0x1420 [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub C:\Windows\system32\drivers\usbhub.sys
01:13:10.0879 0x1420 usbhub - ok
01:13:10.0918 0x1420 [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:13:10.0919 0x1420 usbohci - ok
01:13:10.0930 0x1420 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:13:10.0932 0x1420 usbprint - ok
01:13:10.0971 0x1420 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:13:10.0973 0x1420 usbscan - ok
01:13:10.0982 0x1420 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:13:10.0985 0x1420 USBSTOR - ok
01:13:11.0015 0x1420 [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:13:11.0017 0x1420 usbuhci - ok
01:13:11.0040 0x1420 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
01:13:11.0047 0x1420 usbvideo - ok
01:13:11.0079 0x1420 [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
01:13:11.0081 0x1420 usb_rndisx - ok
01:13:11.0094 0x1420 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
01:13:11.0097 0x1420 UxSms - ok
01:13:11.0111 0x1420 [ 569E8136EF71455A389F4F8A4F6F7FE7, 887C2EB25E8E64D95A70E789FB9ACB46F6BC74F392FA7466942FBE347380F945 ] VaultSvc C:\Windows\system32\lsass.exe
01:13:11.0113 0x1420 VaultSvc - ok
01:13:11.0147 0x1420 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:13:11.0148 0x1420 vdrvroot - ok
01:13:11.0201 0x1420 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
01:13:11.0216 0x1420 vds - ok
01:13:11.0231 0x1420 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:13:11.0232 0x1420 vga - ok
01:13:11.0235 0x1420 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
01:13:11.0236 0x1420 VgaSave - ok
01:13:11.0265 0x1420 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:13:11.0269 0x1420 vhdmp - ok
01:13:11.0295 0x1420 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
01:13:11.0296 0x1420 viaide - ok
01:13:11.0326 0x1420 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
01:13:11.0332 0x1420 vmbus - ok
01:13:11.0373 0x1420 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
01:13:11.0374 0x1420 VMBusHID - ok
01:13:11.0389 0x1420 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:13:11.0391 0x1420 volmgr - ok
01:13:11.0437 0x1420 [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:13:11.0447 0x1420 volmgrx - ok
01:13:11.0471 0x1420 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:13:11.0479 0x1420 volsnap - ok
01:13:11.0496 0x1420 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:13:11.0501 0x1420 vsmraid - ok
01:13:11.0565 0x1420 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
01:13:11.0585 0x1420 VSS - ok
01:13:11.0596 0x1420 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
01:13:11.0597 0x1420 vwifibus - ok
01:13:11.0612 0x1420 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
01:13:11.0619 0x1420 W32Time - ok
01:13:11.0698 0x1420 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
01:13:11.0714 0x1420 W3SVC - ok
01:13:11.0724 0x1420 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:13:11.0725 0x1420 WacomPen - ok
01:13:11.0753 0x1420 [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:13:11.0756 0x1420 WANARP - ok
01:13:11.0772 0x1420 [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:13:11.0774 0x1420 Wanarpv6 - ok
01:13:11.0799 0x1420 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
01:13:11.0809 0x1420 WAS - ok
01:13:11.0865 0x1420 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
01:13:11.0885 0x1420 wbengine - ok
01:13:11.0914 0x1420 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:13:11.0919 0x1420 WbioSrvc - ok
01:13:11.0953 0x1420 [ 79E3903FD75A22386326B542F17A2563, 3CCCE0BCDE12240BE7E108A8C0A959A33C8462A0DE8510F28FA0107C4A9A1F05 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:13:11.0966 0x1420 wcncsvc - ok
01:13:11.0999 0x1420 [ 35050F01D00E7E72A2449EB6F9ABF8B4, CF45943E14D2418E83CF4DC836D3AFE4ED61186B6B9DA25EF745DC6FBB07FAC5 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:13:12.0001 0x1420 WcsPlugInService - ok
01:13:12.0009 0x1420 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:13:12.0010 0x1420 Wd - ok
01:13:12.0064 0x1420 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:13:12.0081 0x1420 Wdf01000 - ok
01:13:12.0109 0x1420 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:13:12.0112 0x1420 WdiServiceHost - ok
01:13:12.0118 0x1420 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:13:12.0120 0x1420 WdiSystemHost - ok
01:13:12.0157 0x1420 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
01:13:12.0163 0x1420 WebClient - ok
01:13:12.0171 0x1420 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:13:12.0177 0x1420 Wecsvc - ok
01:13:12.0190 0x1420 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:13:12.0193 0x1420 wercplsupport - ok
01:13:12.0204 0x1420 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
01:13:12.0207 0x1420 WerSvc - ok
01:13:12.0219 0x1420 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:13:12.0220 0x1420 WfpLwf - ok
01:13:12.0228 0x1420 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:13:12.0229 0x1420 WIMMount - ok
01:13:12.0246 0x1420 WinHttpAutoProxySvc - ok
01:13:12.0288 0x1420 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:13:12.0296 0x1420 Winmgmt - ok
01:13:12.0352 0x1420 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
01:13:12.0394 0x1420 WinRM - ok
01:13:12.0416 0x1420 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:13:12.0417 0x1420 WinUsb - ok
01:13:12.0461 0x1420 [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:13:12.0486 0x1420 Wlansvc - ok
01:13:12.0502 0x1420 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:13:12.0503 0x1420 WmiAcpi - ok
01:13:12.0512 0x1420 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:13:12.0515 0x1420 wmiApSrv - ok
01:13:12.0523 0x1420 WMPNetworkSvc - ok
01:13:12.0624 0x1420 [ 001DB740FF3DC6ABB6C45DB9513F87FC, E8DA7C8940BA628F9608D3463D1CDF7EE0BE92F2E7054D97538D797985B2FE92 ] wordpressApache C:\Bitnami\WORDPR~1.2-0\apache2\bin\httpd.exe
01:13:12.0625 0x1420 wordpressApache - ok
01:13:12.0680 0x1420 wordpressMySQL - ok
01:13:12.0708 0x1420 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:13:12.0710 0x1420 WPCSvc - ok
01:13:12.0741 0x1420 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:13:12.0746 0x1420 WPDBusEnum - ok
01:13:12.0762 0x1420 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:13:12.0764 0x1420 ws2ifsl - ok
01:13:12.0768 0x1420 WSearch - ok
01:13:12.0801 0x1420 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:13:12.0804 0x1420 WudfPf - ok
01:13:12.0839 0x1420 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:13:12.0846 0x1420 WUDFRd - ok
01:13:12.0883 0x1420 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:13:12.0888 0x1420 wudfsvc - ok
01:13:12.0924 0x1420 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
01:13:12.0933 0x1420 WwanSvc - ok
01:13:12.0942 0x1420 ================ Scan global ===============================
01:13:12.0972 0x1420 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
01:13:13.0011 0x1420 [ 630CFE0957470D4EDDB1B8FF1AA18B0A, D960DB8CD8A27464EFD6A940278A50424B3D6D5BB43837A1EF5DA1D59CE341DF ] C:\Windows\system32\winsrv.dll
01:13:13.0045 0x1420 [ 630CFE0957470D4EDDB1B8FF1AA18B0A, D960DB8CD8A27464EFD6A940278A50424B3D6D5BB43837A1EF5DA1D59CE341DF ] C:\Windows\system32\winsrv.dll
01:13:13.0083 0x1420 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:13:13.0122 0x1420 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
01:13:13.0133 0x1420 [ Global ] - ok
01:13:13.0134 0x1420 ================ Scan MBR ==================================
01:13:13.0161 0x1420 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:13:13.0327 0x1420 \Device\Harddisk0\DR0 - ok
01:13:13.0337 0x1420 [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk1\DR1
01:13:13.0562 0x1420 \Device\Harddisk1\DR1 - ok
01:13:13.0564 0x1420 [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk2\DR2
01:13:13.0575 0x1420 \Device\Harddisk2\DR2 - ok
01:13:13.0575 0x1420 ================ Scan VBR ==================================
01:13:13.0577 0x1420 [ 577CEB09BE1C7CFAD42EF6EE6A9E9C88 ] \Device\Harddisk0\DR0\Partition1
01:13:13.0579 0x1420 \Device\Harddisk0\DR0\Partition1 - ok
01:13:13.0598 0x1420 [ EF327CFDF1160F49E20D99E687794108 ] \Device\Harddisk0\DR0\Partition2
01:13:13.0600 0x1420 \Device\Harddisk0\DR0\Partition2 - ok
01:13:13.0612 0x1420 [ 9CC3A82E55B231E42AC24EB3CC6D7B48 ] \Device\Harddisk1\DR1\Partition1
01:13:13.0614 0x1420 \Device\Harddisk1\DR1\Partition1 - ok
01:13:13.0617 0x1420 [ A84B74F97DF907FC61338C6D65D270E9 ] \Device\Harddisk2\DR2\Partition1
01:13:13.0619 0x1420 \Device\Harddisk2\DR2\Partition1 - ok
01:13:13.0622 0x1420 [ 2D5C9411BE4B5448DE96C25347D70016 ] \Device\Harddisk2\DR2\Partition2
01:13:13.0624 0x1420 \Device\Harddisk2\DR2\Partition2 - ok
01:13:13.0625 0x1420 ================ Scan generic autorun ======================
01:13:13.0911 0x1420 [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:13:14.0062 0x1420 RtHDVCpl - ok
01:13:14.0182 0x1420 [ 25AF016667164408F02D05FAD8C313B1, A6D4E74E6A88CFF259F5A20A895B7F58247E7BFAD84E25D7499BE5BB428DD4FF ] C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe
01:13:14.0189 0x1420 egui - ok
01:13:14.0265 0x1420 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:14.0307 0x1420 Sidebar - ok
01:13:14.0333 0x1420 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:14.0336 0x1420 mctadmin - ok
01:13:14.0361 0x1420 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:14.0378 0x1420 Sidebar - ok
01:13:14.0382 0x1420 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:14.0384 0x1420 mctadmin - ok
01:13:14.0439 0x1420 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
01:13:14.0457 0x1420 Sidebar - ok
01:13:14.0662 0x1420 [ BB572C1A4A0963E317CAF54E72F0B84C, 587513491D3C493BCF4E63838702659BAC88CB4FACA0B89164DB9D0A20CB08DB ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
01:13:14.0852 0x1420 SUPERAntiSpyware - ok
01:13:14.0904 0x1420 Skype for Desktop - ok
01:13:14.0945 0x1420 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:14.0961 0x1420 Sidebar - ok
01:13:14.0965 0x1420 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:14.0966 0x1420 mctadmin - ok
01:13:14.0989 0x1420 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:13:15.0003 0x1420 Sidebar - ok
01:13:15.0007 0x1420 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:13:15.0009 0x1420 mctadmin - ok
01:13:15.0009 0x1420 Waiting for KSN requests completion. In queue: 111
01:13:16.0026 0x1420 AV detected via SS2: ESET Security, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe ( 12.0.27.0 ), 0x40010 ( disabled : outofdate )
01:13:16.0031 0x1420 Win FW state via NFP2: enabled ( trusted )
01:13:16.0151 0x1420 ============================================================
01:13:16.0151 0x1420 Scan finished
01:13:16.0151 0x1420 ============================================================
01:13:16.0159 0x1670 Detected object count: 0
01:13:16.0159 0x1670 Actual detected object count: 0
El último lo puse en dos partes (no cabía entero). Salieron los 2 limpios.
Hola
Parece que ya está limpio tu equipo, queda alguna duda?
Un saludo
Todo genial. Muchas gracias por la ayuda.
Hola @Nubol
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte
Nos alegramos que se te haya resuelto Damos el tema por solucionado.
Un saludo