Buen día con todos, hace unos 3 días descargué un archivo de internet y consigo se descargó un virus que en tanto en buscador de barra de tareas como en el de Google y el de carpetas me aparece “çççççççççççc” de forma infinita y no me deja escribir nada, necesito ayuda, ya he formateado mi pc… Pero continua el problema.
Hola @Yorbra ¡ Te damos la Bienvenida a los Foros de InfoSpyware !
Como estas seguro de que tu equipo esta infectado, deberíamos empezar con un procedimiento “básico” para detectar y eliminar malware en tu sistema. Dicho procedimiento se basa en nuestra guía de detección/eliminación con algunos ajustes
Tomando estas consideraciones en cuenta Por favor, realiza lo siguiente:
Conecta cualquier dispositivo extraíble como pendrives USB, tarjetas SD o discos duros externos que hayan tenido acceso al equipo. Debes mantenerlos conectados durante todo el procedimiento
Deshabilita tu Antivirus y toda protección residente que tengas para que no interfieran en la ejecución de las herramientas. Mantenlos deshabilitados durante todo el procedimiento
Descargue y ejecute la utilidad Rkill by Grinler (renombrada bajo el nombre de “iExplore.exe”) para evitar el bloqueo de los malwares. Una vez que esta fue ejecutada, es importante no reiniciar el sistema hasta que se le solicite.
Descargar Malwarebytes 4.x en el Escritorio. Lo instalas y ejecutas Realizas un Análisis Personalizado a tu equipo siguiendo las siguientes instrucciones
En tu próxima respuesta debes traernos el reporte de Malwarebytes Sigue las siguientes instrucciones para acceder a el y pegarlo en el foro
Realiza un Análisis Personalizado a tu equipo con Eset Online Scanner siguiendo las instrucciones del siguiente manual
Es muy importante que selecciones todo lo que Eset detecte y lo mandes todo a cuarentena Asegúrate de guardar su reporte Este deberas entregarlo junto con tus respuestas.
Cuando respondas:
- Debes traer los reportes de las herramientas que logres ejecutar
- Debes comentarnos cualquier problema que haya surgido antes, durante y después del procedimiento
- Necesitamos saber si el o los problemas planteados en tu consulta se siguen presentando y con que frecuencia
- Debes decirnos como esta funcionando el equipo y cualquier otro comportamiento extraño que observes
Te dejo estos enlaces, por si tienes alguna duda de como poner los reportes o necesitas agregar imágenes a tu consulta
- Como pegar reportes en el foro De preferencia usa el Método 2 o el Método 3
- Como agregar imágenes al foro
Saludos y esperamos tus respuestas, además de los reportes de las herramientas
1 me gusta
Buen Día estimado, envío lo solicitado despues de haber ejecutado el programa Malwarebytes.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 12/8/23
Hora del análisis: 10:07
Archivo de registro: f0acf3ec-3921-11ee-918d-4ceb42161925.json
-Información del software-
Versión: 4.5.34.275
Versión de los componentes: 1.0.2102
Versión del paquete de actualización: 1.0.73911
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 19045.2965)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-P0LBTME\yorbr
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 333911
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 1 hr, 3 min, 43 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 3
Generic.Malware/Suspicious, C:\WINDOWS.OLD\$RECYCLE.BIN\S-1-5-21-4119215622-3660084605-2344518382-1001\$R4PPKC5.47028\KMSAUTONET_SETUP\KMSAUTO-NET-1.5.4\KMSCLEANER.EXE, En cuarentena, 0, 392686, 1.0.73911, , shuriken, , 13EA767A7BA607744EBEA7409B9F8649, A6E2CDC0E9426D50BD72D866BFC80E0FBA941EFB3AE6D1C564D409F57D1EB117
Generic.Malware/Suspicious, C:\WINDOWS.OLD\$RECYCLE.BIN\S-1-5-21-4119215622-3660084605-2344518382-1001\$R54OD83.33968\KMSAUTONET_SETUP\KMSAUTO-NET-1.5.4\KMSCLEANER.EXE, En cuarentena, 0, 392686, 1.0.73911, , shuriken, , 13EA767A7BA607744EBEA7409B9F8649, A6E2CDC0E9426D50BD72D866BFC80E0FBA941EFB3AE6D1C564D409F57D1EB117
Generic.Malware/Suspicious, C:\WINDOWS.OLD\$RECYCLE.BIN\S-1-5-21-4119215622-3660084605-2344518382-1001\$R2IVFUZ.28241\KMSAUTONET_SETUP\KMSAUTO-NET-1.5.4\KMSCLEANER.EXE, En cuarentena, 0, 392686, 1.0.73911, , shuriken, , 13EA767A7BA607744EBEA7409B9F8649, A6E2CDC0E9426D50BD72D866BFC80E0FBA941EFB3AE6D1C564D409F57D1EB117
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Tambien he cumplido con ejecutar el programa Rkill by Grinler (renombrada bajo el nombre de “iExplore.exe”), teniendo como resultado lo siguiente:
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2023 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 08/12/2023 09:58:52 AM in x64 mode.
Windows Version: Windows 10 Pro
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 08/12/2023 09:59:07 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)
Resultado de ESET ONLINE SCAENNER ESET
12/08/2023 16:09:11
Archivos explorados: 228457
Archivos detectados: 3
Archivos desinfectados: 3
Tiempo total de exploración 04:14:36
Estado de la exploración: Finalizado
F:\$RECYCLE.BIN\S-1-5-21-1577168993-340762919-3516890007-1001\$RTUWTVV.exe una variante de Win32/DriverGenius.E aplicación potencialmente no deseada desinfectado por eliminación
F:\$RECYCLE.BIN\S-1-5-21-944738412-1533508970-1985770045-1001\$RDBACST.rar una variante de Win32/DriverGenius.C aplicación potencialmente no deseada eliminado
F:\PROGRAMAS\itube-studio-es_setup_full1947 descargar cualquier video de pag web.exe una variante de Win32/Aimersoft.A aplicación potencialmente no deseada desinfectado por eliminación
No te olvides de estos puntos, por favor. Esta información es muy importante para llevar un seguimiento adecuado al caso
Procura decirnos sobre estos puntos después de haber completado el procedimiento que se te haya indicado ¿de acuerdo?
Usaremos anti-rootkis para cubrir ese “hueco” y vamos a realizar lo siguiente
Descarga las siguientes herramientas, guardalas en el escritorio pero no las ejecutes aún
Empezamos con TDSSKiller
- Lo ejecutas como administrador
- Después de aceptar los acuerdos de licencia de usuario y el de KSN Statement se abrira el programa
- Presione sobre Change parameters y deberas marcar todas las casillas para que quede de esta forma
- Cuando marques la casilla Loaded modules TDSSKiller mostrara un mensaje solicitando que reinicies el equipo. Este reinicio es muy importante para que TDSSKiller instale un driver que necesita para ampliar su alcance de detección
Sigue las instrucciones de este manual
Para analizar tu equipo con los ajustes que hemos hecho y eliminar las amenazas encontradas, traes el reporte y unas capturas de lo que haya detectado TDSSKiller
Reinicia el equipo y luego ejecutas Malwarebytes Anti-Rootkit y sigue las instrucciones de este manual
para analizar tu equipo y eliminar todas las amenazas encontradas, observa con atención como localizar los dos reportes que son creados por esta herramienta.
Cuando respondas:
- Nos traes el reporte de TDSSKiller
- Traes los dos reportes de Malwarebytes Anti-Rootkit, Mbar-log.txt y System-log.txt
- Nos comentas cualquier problema que hayas tenido durante el procedimiento y como esta funcionando el equipo despues de realizar el procedimiento.
Esperamos tus reportes y comentarios al respecto
Saludos
1 me gusta
Hola, te comento… despues de ejecutar los programas Malwaebytes, el Rkill y ESET ONLINE SCANNER ESET el problema persistió…
aqui una imagen…
[img]
[/img]
Buen Día, he procedido a realizar la ejecución de los programas que indicaste, a qui abajo copio los resultados.
REPORTE TDSS KILLER - PARTE 1
19:39:32.0369 0x19e8 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
19:39:37.0519 0x19e8 ============================================================
19:39:37.0519 0x19e8 Current date / time: 2023/08/12 19:39:37.0519
19:39:37.0519 0x19e8 SystemInfo:
19:39:37.0528 0x19e8
19:39:37.0528 0x19e8 OS Version: 10.0.19045 ServicePack: 0.0
19:39:37.0528 0x19e8 Product type: Workstation
19:39:37.0528 0x19e8 ComputerName: DESKTOP-P0LBTME
19:39:37.0529 0x19e8 UserName: yorbr
19:39:37.0529 0x19e8 Windows directory: C:\WINDOWS
19:39:37.0529 0x19e8 System windows directory: C:\WINDOWS
19:39:37.0529 0x19e8 Running under WOW64
19:39:37.0529 0x19e8 Processor architecture: Intel x64
19:39:37.0529 0x19e8 Number of processors: 4
19:39:37.0529 0x19e8 Page size: 0x1000
19:39:37.0529 0x19e8 Boot type: Normal boot
19:39:37.0529 0x19e8 CodeIntegrityOptions = 0x00000001
19:39:37.0529 0x19e8 ============================================================
19:39:37.0531 0x19e8 KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
19:39:37.0531 0x19e8 KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
19:39:37.0531 0x19e8 BG loaded
19:39:37.0779 0x19e8 System UUID: {7C17FB85-9FFB-7AD2-06F1-7D26599282A4}
19:39:38.0225 0x19e8 !crdlk
19:39:38.0240 0x19e8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
19:39:38.0250 0x19e8 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05800 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:39:38.0548 0x19e8 ============================================================
19:39:38.0548 0x19e8 \Device\Harddisk0\DR0:
19:39:38.0687 0x19e8 MBR partitions:
19:39:38.0687 0x19e8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
19:39:38.0687 0x19e8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x12338AA0
19:39:38.0702 0x19e8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x27E8D000
19:39:38.0702 0x19e8 \Device\Harddisk1\DR1:
19:39:38.0712 0x19e8 MBR partitions:
19:39:38.0712 0x19e8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
19:39:38.0712 0x19e8 ============================================================
19:39:38.0759 0x19e8 C: <-> \Device\Harddisk0\DR0\Partition2
19:39:38.0830 0x19e8 F: <-> \Device\Harddisk1\DR1\Partition1
19:39:38.0873 0x19e8 D: <-> \Device\Harddisk0\DR0\Partition3
19:39:38.0873 0x19e8 ============================================================
19:39:38.0873 0x19e8 Initialize success
19:39:38.0873 0x19e8 ============================================================
19:39:51.0749 0x17f8 ============================================================
19:39:51.0749 0x17f8 Scan started
19:39:51.0749 0x17f8 Mode: Manual; SigCheck; TDLFS;
19:39:51.0749 0x17f8 ============================================================
19:39:51.0749 0x17f8 KSN ping started
19:40:15.0009 0x17f8 KSN ping finished: false
19:40:22.0059 0x17f8 ================ Scan BIOS =================================
19:40:22.0064 0x17f8 BIOS info: vendor = Hewlett-Packard, version = F.28, releaseDate = 01/23/2013
19:40:22.0064 0x17f8 Base board info: manufacturer = Hewlett-Packard, product = 3585, version = KBC Version 31.1D
19:40:24.0448 0x17f8 [ 7A550BC65E6832523814FA1C15075022, 40D181189CCC71BB245F83649389A2587A9BA9C9C5A22D5ACB08A59C8977DABF ] BIOS
19:40:24.0448 0x17f8 BIOS - ok
19:40:24.0449 0x17f8 ================ Scan system memory ========================
19:40:24.0452 0x17f8 System memory - ok
19:40:24.0455 0x17f8 ================ Scan services =============================
19:40:24.0882 0x17f8 [ AF50A9D10FF7B1D999BA99D00CC128B3, 3D6E0579821BFA91B7F0A6E6DDC6E03BD3389202AD1A079B825D18D2A76250A0 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:40:25.0005 0x17f8 1394ohci - ok
19:40:25.0040 0x17f8 [ 1C29610EDF5FE3C9D313207BD65BCDD0, 5A29D80AF47D08998125CB81BC1D4E84093291A74DE422B63F7BBDA7BDE95311 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:40:25.0061 0x17f8 3ware - ok
19:40:25.0106 0x17f8 [ 439278CCDD4A601E78ECC4B67E19A761, 221741F5E7F76587EA819A27DF0BB68C81529E24687E73EEDA354F45A0ADE96D ] AarSvc C:\WINDOWS\System32\AarSvc.dll
19:40:25.0194 0x17f8 AarSvc - ok
19:40:25.0287 0x17f8 [ 3220DE56DB0C594CA2F41E0DF1FCA7EB, 44D64070F86261E33C15A72C7629371F0F95D0F8089AB7C442294BAA781E6AE7 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:40:25.0349 0x17f8 ACPI - ok
19:40:25.0376 0x17f8 [ 6A424E6ABD1970E23ECF3DA85725B6BF, 1D576471A8035AD3FF5B0616F47B79E43AA367ECDF009D7CADDA0F11F13A1345 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:40:25.0413 0x17f8 AcpiDev - ok
19:40:25.0439 0x17f8 [ 70D9FC69CED08E86B888717CC5C37367, 34856C805B67F3EE4ABFD81B61879112344C343BC7E76A7A466FAD276E0E5165 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:40:25.0461 0x17f8 acpiex - ok
19:40:25.0467 0x17f8 [ EF7CB34FB2D56305EF942012499AB8F7, 3A9A504797FD22BB5447BB36597D5001320ABC0D4A1853D478C038EAC6847913 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:40:25.0502 0x17f8 acpipagr - ok
19:40:25.0521 0x17f8 [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:40:25.0543 0x17f8 AcpiPmi - ok
19:40:25.0549 0x17f8 [ 85A86944A6163F0B7A8B10203B70CB9A, 72D35F5DB8714D38E4050A7F7A457C4AD99E3EA212040704F1C1ECBB70E865E9 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:40:25.0588 0x17f8 acpitime - ok
19:40:25.0636 0x17f8 [ 494072BF9EC1FDFFD54C47A80821FE6E, 8F302F43314C2F5C80E1D22B17C0246EF8A275C63FDB3C1CDC0DD999C4715A77 ] Acx01000 C:\WINDOWS\system32\drivers\Acx01000.sys
19:40:25.0719 0x17f8 Acx01000 - ok
19:40:25.0813 0x17f8 [ 29F9F3A703656EDE2EED10B41CBF694D, E451BE9843416DB5C902AE735B502AE7B9EBE0A43430547175B7E220BCCB3BA9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:40:25.0864 0x17f8 AdobeARMservice - ok
19:40:25.0940 0x17f8 [ B4B75D49BFBCFB2762593F77E5BD7789, B83072D77685F973701EC6629D8AC2626FDEFD657A4DB9AA7D532960A29FC67C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:40:26.0015 0x17f8 ADP80XX - ok
19:40:26.0095 0x17f8 [ 741A4DAC54E1E9D6E52EF1C57BCB7695, 6FB34E9FADD7973C04F64EAA2794207F9E22F570626B3577C73124821E92752F ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:40:26.0164 0x17f8 AFD - ok
19:40:26.0196 0x17f8 [ 21266728FF51F5AE872678783C6EAB78, F21DB146C437676A984AD0A8142D772AAD8F4B6950DCC0CFBB58566C1F4ECCE5 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
19:40:26.0274 0x17f8 afunix - ok
19:40:26.0304 0x17f8 [ E6C21EB564C1A177B484C3A53AEA49BF, F2BBD6F46E55B64F0F5798A029DD51433E961712C1FED12999199FA49058776D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:40:26.0341 0x17f8 ahcache - ok
19:40:26.0377 0x17f8 [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:40:26.0433 0x17f8 AJRouter - ok
19:40:26.0441 0x17f8 [ 551C155F4FCE82BBA4CC92E56F1ECB84, 6ABE94DF833EC0E6D145429BBA99FDCA9AD3FCBB685A432B20C04F74DE9A42A5 ] ALG C:\WINDOWS\System32\alg.exe
19:40:26.0486 0x17f8 ALG - ok
19:40:26.0516 0x17f8 [ 55578CF027B0AE9F0D653B209C9F1B6D, 46A53925BAA34FA9D87E7C3157504A4557D81CD8B8608E7AB6CAF02F482F7792 ] amdgpio2 C:\WINDOWS\System32\drivers\amdgpio2.sys
19:40:26.0560 0x17f8 amdgpio2 - ok
19:40:26.0567 0x17f8 [ D0E26E590DE1424CCC4F77D1687049EF, 387811D57DEF06C9736D9F0BAB0DFB0F83DBAB19E5489BF9A6DCDCBD682DD8FE ] amdi2c C:\WINDOWS\System32\drivers\amdi2c.sys
19:40:26.0600 0x17f8 amdi2c - ok
19:40:26.0628 0x17f8 [ AD13315B1213354E8B4CA0C76E0C4CA9, 2B3C9A884AB3B5BBE9DE1515F423E8A7187E9656388052CD02C09B5CCA48C24B ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:40:26.0657 0x17f8 AmdK8 - ok
19:40:26.0690 0x17f8 [ 2EFC758DB2108DD9639D2C3864A4157B, 7C17D4F4D09AB23578D56D9A5F3E0E7750179F408108C068F434202FCAFB27BF ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:40:26.0718 0x17f8 AmdPPM - ok
19:40:26.0754 0x17f8 [ 70D7BE6BB8D22A38AD0040A1EC41C1FE, D5231F97E5432234A8A19904E59C324E825AF04881AA195C19CCC9E6A7684B14 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:40:26.0772 0x17f8 amdsata - ok
19:40:26.0792 0x17f8 [ C47EDC5D81546677A772CFC86281ED29, 71C7E7E5AA74596A6725D8F70F1DE9A0C63D3C3E120D9CCF8A508854AC340A23 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:40:26.0818 0x17f8 amdsbs - ok
19:40:26.0824 0x17f8 [ F1A1CA86A1E3782A0CABB07EF3663C70, 1FC1D4287DB56A387BDF917C0CB3BFC30CA5D792A350E2EDBBDDEBF8127E1AF9 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:40:26.0840 0x17f8 amdxata - ok
19:40:26.0874 0x17f8 [ 4146A6050DEAB4DF8A97C1EFCF3197EA, D6A6F06810CF61799B35744A53ECBDC40EE6DBAD8E85A6BE05421894DCAC2FD8 ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:40:26.0898 0x17f8 AppID - ok
19:40:26.0932 0x17f8 [ 96E4FC3ED18F97D06A9CAACA74383C10, 0995C9042ADD669A1592BBA2EFFA13DD9743CD63D7458F2787A5BA3A736985FA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:40:26.0991 0x17f8 AppIDSvc - ok
19:40:27.0023 0x17f8 [ 200EAA2A0B8170C7C59004943B252608, A0BE7615F3D37233B496B5E64571326FF72BDC475855158FD6D8ED166577C996 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:40:27.0094 0x17f8 Appinfo - ok
19:40:27.0112 0x17f8 [ F3FD6E8F3E669D56193EE16BDB14280E, B7F56DBE711E629A3702D79F763820885F5E84167A143BE0E1DCE577808F5AB0 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:40:27.0144 0x17f8 applockerfltr - ok
19:40:27.0176 0x17f8 [ 9F7F9EF3CB7B2DB1DE97A8DC2A8053E7, 51EB3E2C8266AE07FDB1B69E3550FFD7B8500E0469A33D2064C4ECCAA942988C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:40:27.0261 0x17f8 AppMgmt - ok
19:40:27.0351 0x17f8 [ 138E9D5CA44A2AB6A9F86E9FA727A9E0, A6024BEC6E97F364E50FA62604FF12295485B5E211B603168D7BA05BD4078998 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:40:27.0486 0x17f8 AppReadiness - ok
19:40:27.0567 0x17f8 [ 8508776C9637EC3A9F673A7748456C07, D8986F979E3AE08F686824E577D64BBE8E0A57444770EF1064D4BA21FDC25CD6 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
19:40:27.0654 0x17f8 AppVClient - ok
19:40:27.0693 0x17f8 [ 79411D963150E110C794CB0A0817A9D4, EBAA2D3335569C937CEB0B14782DDEA402391ABCE74C4D829016A8DD71A8D529 ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
19:40:27.0719 0x17f8 AppvStrm - ok
19:40:27.0729 0x17f8 [ 3593F57C7241B96D0793A0A48FF989DC, D1F1068AAB19F48ADFFE2D7359C6EE73785E57EDBCBE7C3D0C3C3EA6E943B198 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:40:27.0751 0x17f8 AppvVemgr - ok
19:40:27.0769 0x17f8 [ 5D6691357FE03E4376A21726FDE0201B, 372813FCA3F13DB5781F5A0338CDBA7571396DE78B946423965A4B24FEAAAEE3 ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
19:40:27.0791 0x17f8 AppvVfs - ok
19:40:27.0961 0x17f8 [ 835912E06EBD59590D6DE070B772E2B2, B5BB207626AC6D24754B59B2EF54C3624E13E150D6CEDE7B7B4D316634AC9515 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:40:28.0235 0x17f8 AppXSvc - ok
19:40:28.0257 0x17f8 [ 46FD8469080917EE12425AF692C4BC20, 96DCA25AE619F38640B22702A10BC3191626F3A36DE0E1B0EDA3B079EA9DEB24 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:40:28.0278 0x17f8 arcsas - ok
19:40:28.0342 0x17f8 [ 619ADBF18044A651BBAF7E4619AFECAD, 6F35258BA4BFEFF5604DECF93F6E171BBE0A1A5EDE8FE145CAF7949A0CD4EA31 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
19:40:28.0451 0x17f8 AssignedAccessManagerSvc - ok
19:40:28.0466 0x17f8 [ D930AAE80A55116D07C41E95DE5671DB, 14985D6D2D52689C1B012F64ED0D7C9C5F6BADB51C4528BF6456D3EAE2FE69A7 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:40:28.0502 0x17f8 AsyncMac - ok
19:40:28.0508 0x17f8 [ B2C716CEBC11930E3C1E38C3B6B9DDED, 0A3F019951B7E218401A18CA52ADAA0B7B84F8ACB8D0636BA7522DD2691D138E ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:40:28.0529 0x17f8 atapi - ok
19:40:28.0635 0x17f8 [ CA03DA82D296CF7719B3CCCBD0AA73BD, 750947F2926C6C8452FF15B2920EB62C8B868C762CB5BDDCD1FB4C35BBBD59F5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:40:28.0737 0x17f8 AudioEndpointBuilder - ok
19:40:28.0818 0x17f8 [ BE9498289DFCE130F743E77E14A201F9, F8C54249C69C578536875ED6671C0CFFADF52209873906768C84495253DA47A6 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:40:29.0002 0x17f8 Audiosrv - ok
19:40:29.0043 0x17f8 [ A0F7C552FA2B0D848758F5010A7B3AE3, 7DBF94761B806AB47DBC948E723D718852416DC0E311CB40F31A55DA0DCB267F ] autotimesvc C:\WINDOWS\System32\autotimesvc.dll
19:40:29.0078 0x17f8 autotimesvc - ok
19:40:29.0102 0x17f8 [ FCE104053ECADACF4AFAFEC2FE805DBB, EB39D46FA07E7DC9028C671F45C5B51D8DC9B41977AC26D318AB39CD4382A0FB ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:40:29.0138 0x17f8 AxInstSV - ok
19:40:29.0172 0x17f8 [ 638C59D330A7AF943074678A70F22E7C, FEB2771428706126FEA1CC9A50EBE3CF4F8E8FB6FCB3CA19996497CA44FDAC45 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:40:29.0252 0x17f8 b06bdrv - ok
19:40:29.0273 0x17f8 [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam C:\WINDOWS\system32\drivers\bam.sys
19:40:29.0292 0x17f8 bam - ok
19:40:29.0348 0x17f8 [ 2CA1FD29DE910AEED426CF18A4ADB956, A2EBDDB0426D6E92744A3679B29CA08A9302295177FF5E02601D9181D4CB13CB ] BasicDisplay C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay.sys
19:40:29.0382 0x17f8 BasicDisplay - ok
19:40:29.0401 0x17f8 [ A2CAFE3F80961A59D5DE8CB91AE51E4B, C17C5FC2658CE24B187EF8E57BCD91ADB0226B03EDF97C468528212425BC89B1 ] BasicRender C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ed345fdc37d65139\BasicRender.sys
19:40:29.0448 0x17f8 BasicRender - ok
19:40:29.0551 0x17f8 [ 173D1EFC7C72A959CD03CDEA9ABC9B49, 53445742F752CA6FF160B67B519995E170F3A7E53D998DB39A7A6327C5B788D1 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
19:40:29.0669 0x17f8 BcastDVRUserService - ok
19:40:29.0720 0x17f8 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:40:29.0755 0x17f8 bcmfn2 - ok
19:40:29.0808 0x17f8 [ D72BEEEEB597A0A9142902008BC1B8E9, E84782CEFC0AB9D01BCF371FCCE594D2D7B14047C59A1A2B7A27243F8DCEB738 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:40:29.0939 0x17f8 BDESVC - ok
19:40:29.0962 0x17f8 [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:40:30.0044 0x17f8 Beep - ok
19:40:30.0118 0x17f8 [ 96A75D3B6797A862F5019AFDDAF16D8B, 1A315942C0F0C46CBB0A208D27F152E1CFB4DDFA4C91138E2DEAAAC39737E805 ] BFE C:\WINDOWS\System32\bfe.dll
19:40:30.0215 0x17f8 BFE - ok
19:40:30.0234 0x17f8 [ A09DEE5C85037C0FC50043A954C60C52, 97116DED2563BED9E69C9B139145A47335FF8B0C16232DCA5A1D3EF6A75F6EA0 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
19:40:30.0259 0x17f8 bindflt - ok
19:40:30.0345 0x17f8 [ 045E31DB13AAB0F2A3AFB908F926E2C2, DF7808B4040F255B8A43D4A8A08B290926017544E0444F1BAECAFCCFE46E5B60 ] BITS C:\WINDOWS\System32\qmgr.dll
19:40:30.0541 0x17f8 BITS - ok
19:40:30.0584 0x17f8 [ 399F428646DE8D9B82B9C833FD9DBC32, E8034B600E9E1A56A8DE14988476B8C5556128E35967F95EBAF8DF153FA9ECB6 ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
19:40:30.0658 0x17f8 BluetoothUserService - ok
19:40:30.0733 0x17f8 [ 55A234D0C8BBDDD400214AEF7A2EC69C, 9B1366BBA4631F6D5A4923905332E0D0B83FD041764461CC96F873723E3C75B4 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:40:30.0800 0x17f8 bowser - ok
19:40:30.0848 0x17f8 [ 666794D3C28A67355B71406ACAC34C54, 172A1392937C7B8BEB91427918B5A47B1AD7FC329AD410527C3683289C739AA5 ] BrokerInfrastructure C:\WINDOWS\System32\psmsrv.dll
19:40:30.0897 0x17f8 BrokerInfrastructure - ok
19:40:30.0949 0x17f8 [ B3EEA459B367A168F8769625A76BF792, 0002AEED8641E41CB078E421177E359B801776206582FA0BE0EF7AF01D6ACC8A ] BTAGService C:\WINDOWS\System32\BTAGService.dll
19:40:31.0035 0x17f8 BTAGService - ok
19:40:31.0074 0x17f8 [ 7F09708B8C651A0C0E2A2725136BA254, 0442A18BBED4E323265C66561C8F8C171D8E934E9089C12B94D1DFDBB057B737 ] BthA2dp C:\WINDOWS\System32\drivers\BthA2dp.sys
19:40:31.0114 0x17f8 BthA2dp - detected UnsignedFile.Multi.Generic ( 1 )
19:40:33.0280 0x17f8 BthA2dp ( UnsignedFile.Multi.Generic ) - warning
19:40:33.0499 0x17f8 [ CE43EF455E238036B73128A8B38D021E, 1A2470D2468A150965DE68FE279B998CEB7C5914FDE1948EB8A632DC34706F6C ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
19:40:33.0567 0x17f8 BthAvctpSvc - ok
19:40:33.0605 0x17f8 [ 6F7F5ABC52777C39467566A71413C2EC, 7839202763EB187965C19CE6E3736A8191892C56CAC695BAAABC77D534FF2669 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
19:40:33.0642 0x17f8 BthEnum - ok
19:40:33.0659 0x17f8 [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:40:33.0700 0x17f8 BthHFEnum - detected UnsignedFile.Multi.Generic ( 1 )
19:40:33.0700 0x17f8 BthHFEnum ( UnsignedFile.Multi.Generic ) - warning
19:40:33.0701 0x17f8 Force sending object to P2P due to detect: BthHFEnum
19:40:33.0703 0x17f8 Object send P2P result: false
19:40:33.0750 0x17f8 [ 0825C3B0D4A788E95DE80739E52C9174, 7B2C116DB586ADF3175AE4DC630C2BB9043CF3EE57A22A8DBFE55127F6065A51 ] BthLEEnum C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
19:40:33.0797 0x17f8 BthLEEnum - ok
19:40:33.0810 0x17f8 [ 6CBB5690A99EC6722D7109CB19124230, 2C796F5F48C699E0F9AB0DF9B26F6C4109334F25FF19672CA7B2D3EDBB947E60 ] BthMini C:\WINDOWS\System32\drivers\BTHMINI.sys
19:40:33.0849 0x17f8 BthMini - ok
19:40:33.0869 0x17f8 [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:40:33.0944 0x17f8 BTHMODEM - ok
19:40:33.0991 0x17f8 [ DF1F7C940B4682D23D214453CFE40319, 60E1EFA0E8CBC820D95CDFBD133F1B71CF4AE7F6F9DE1C19AA3481E25DC38A70 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
19:40:34.0046 0x17f8 BthPan - ok
19:40:34.0155 0x17f8 [ 1DE518ED5AD0DFCEABA5AF20637D690D, C1D94FDF37FF917C3B629B4228DFEAF8778DDCF7C9D61B8E0C8FDDC66B530CB7 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
19:40:34.0276 0x17f8 BTHPORT - ok
19:40:34.0312 0x17f8 [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv C:\WINDOWS\system32\bthserv.dll
19:40:34.0360 0x17f8 bthserv - ok
19:40:34.0378 0x17f8 [ 4AD0DC34DCD744A4DF6ED95DAA89C212, BD6B7705EEA28ED174F8AF08FD5C95FA452CA3008BCE0AC91C5356E282C82D1D ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
19:40:34.0405 0x17f8 BTHUSB - ok
19:40:34.0420 0x17f8 [ 4FF20E869FE2B5A0B8CE2E8BE61C7F7F, 8DE3B7C87D88CF375417355A7C5052B2DE38805B563D61D0E483DB4AD96BD741 ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
19:40:34.0435 0x17f8 bttflt - ok
19:40:34.0468 0x17f8 [ EF2A1F3C5EC4EFFFBE9A69B892FBA29C, 16A900FBAB30D008F01F4CAE96347BF313D9D13C7FE430249A0BF4322534CB18 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:40:34.0492 0x17f8 buttonconverter - ok
19:40:34.0507 0x17f8 [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
19:40:34.0525 0x17f8 CAD - ok
19:40:34.0556 0x17f8 [ 54C6958CF06D6BB1776844811C34868C, D3681399A0458B9183C12B7F26980959EBD4BB0AEA1084497F2436339AD9E758 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
19:40:34.0629 0x17f8 camsvc - ok
19:40:34.0650 0x17f8 [ D73124119E80A2E13A1D5A7B7CD00889, 196215BFE0F198C8201B407C7E39A15E3180E8D03A051B3CEBE88FFFAB4072CE ] CaptureService C:\WINDOWS\System32\CaptureService.dll
19:40:34.0687 0x17f8 CaptureService - ok
19:40:34.0784 0x17f8 [ 37A8837CC731399AE7B3D141CF4ABF87, 9B1172915398724B30516A5A268FF25C19D35EF7A4C1BD39CF2366F565001FCF ] cbdhsvc C:\WINDOWS\System32\cbdhsvc.dll
19:40:34.0898 0x17f8 cbdhsvc - ok
19:40:34.0938 0x17f8 [ BD8897A464332FA5802486DC64248E03, 1F9B2C6642220814F6BAC150C91CB56819337F6B229004A39C76395217BBC407 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:40:34.0992 0x17f8 cdfs - ok
19:40:35.0049 0x17f8 [ 6B63D9B10FA9DB29E21CF24704A1D31A, 083E401584A137B4B9F181BC2D8E0DE0FB9826ADD3642B40F5933DA5EFE3F2FB ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:40:35.0161 0x17f8 CDPSvc - ok
19:40:35.0217 0x17f8 [ 9CC45C8EF01A6DAD014DCFBBD58D4CDC, 5AE5C93A0804DCF3031591A6BAA458D7DDB0CB0CB9263F1CBC47D9F96B54F430 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:40:35.0282 0x17f8 CDPUserSvc - ok
19:40:35.0317 0x17f8 [ 054ABC6C64AE969D033B7876C04D52B4, 492E4FD7A7CCE38D5A7E51C7B069FC0497BE3EFD2EEFEB6AFA3EA81D2A11BC0F ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:40:35.0347 0x17f8 cdrom - ok
19:40:35.0376 0x17f8 [ 51E79AABA84EB677AB3F0AEDBA5523B3, B6AF6AE092AE71AEFAE666D07938FF104B5821A6428393BD66DEF3EFBB9ACCED ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:40:35.0417 0x17f8 CertPropSvc - ok
19:40:35.0474 0x17f8 [ 198D403332FB8F2DA289BEBFEC8199AD, 5A7FD2D58C433B9B498A1B37A2F2D877061215360D8E6A752601F2ED4F283A8F ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:40:35.0520 0x17f8 cht4iscsi - ok
19:40:35.0630 0x17f8 [ 77065056FBE4E29054CB1D20303B9F59, 83E2C81274DDBE695EF845E541F7A2DB60EF5E195AE14FACDEEEBD30C0EF4E67 ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:40:35.0742 0x17f8 cht4vbd - ok
19:40:35.0769 0x17f8 [ F7CF43279D95785471920B8F4E9181E7, 307666EA179031A0B921B8535684B2469CFC9A79868B245A55C79CD7DCAE9FAE ] CimFS C:\WINDOWS\system32\drivers\CimFS.sys
19:40:35.0795 0x17f8 CimFS - ok
19:40:35.0829 0x17f8 [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:40:35.0852 0x17f8 circlass - ok
19:40:35.0924 0x17f8 [ FDE264087C635C0E26E8AAB91E09F08F, 598292A37B3C0C41F21DB0C1EC301457381D07666DA96F56742043B3344ED21E ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
19:40:35.0990 0x17f8 CldFlt - ok
19:40:36.0035 0x17f8 [ 73E73296E6FEE39DDD81659BC75F4E50, FB94A8E51C2FD06BD58E2569CE9CC91387746E1679BE4E68F481FB486663B19E ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:40:36.0077 0x17f8 CLFS - ok
19:40:36.0184 0x17f8 [ 7E973E94A9DD09491E63174DC3F8AE96, 819A9E2080C68D1FF8DF582BAA98F477ABC6EB8044A40E1E15634B1D5F2EEE84 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:40:36.0268 0x17f8 ClipSVC - ok
19:40:36.0327 0x17f8 [ 1C5BBC2CD8198622986F5B0028813347, 4D37A875EB3A7635C66FFC1CE63352FDDC39ECCFB737FFC6CF87E8AE2F741288 ] cloudidsvc C:\WINDOWS\system32\cloudidsvc.dll
19:40:36.0448 0x17f8 cloudidsvc - ok
19:40:36.0497 0x17f8 [ E127E772A705CD32BE34166F679C61C8, 209723632369404308EF6DF734077A99A295C2E380DB85AD1F8498CC8DFBC88A ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:40:36.0536 0x17f8 CmBatt - ok
19:40:36.0615 0x17f8 [ 75390E0CCA6B8CB134FB48E379341316, 87ACE5E45A0AF22ECDA872AAD68ADCD0FBC6968681EE803F65D149DEC0518688 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:40:36.0699 0x17f8 CNG - ok
19:40:36.0735 0x17f8 [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:40:36.0752 0x17f8 cnghwassist - ok
19:40:36.0777 0x17f8 [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
19:40:36.0814 0x17f8 CompositeBus - ok
19:40:36.0822 0x17f8 COMSysApp - ok
19:40:36.0831 0x17f8 [ 37BAC4413D147BAC2C0DDA67890F0F10, E4AE23EB73BB9F525822DFAB09D3DED0E921255467FA1341267B6AE9BCAA01F7 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:40:36.0849 0x17f8 condrv - ok
19:40:36.0885 0x17f8 [ 30567F197E1E1415FD5813FCE895E332, CAAC41134F6E01815888707D2FB76703B7A869912832D2173726B17511C3B17F ] ConsentUxUserSvc C:\WINDOWS\System32\ConsentUxClient.dll
19:40:36.0915 0x17f8 ConsentUxUserSvc - ok
19:40:36.0987 0x17f8 [ 317247ECF8A9DE852BFFADB39691AF18, DCD8C93BB748485F593A55D73CD6E23477DC86E6D37013EE8B52FB88DB2BA7FA ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:40:37.0039 0x17f8 CoreMessagingRegistrar - ok
19:40:37.0264 0x17f8 [ 5D19617245C798A0EED86D4D36B8C6E8, 90AB9125B1A56134489E81CE5AEE1F2C7005BE505E52603B1A884A2B8C3C4735 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:40:37.0322 0x17f8 cphs - ok
19:40:37.0383 0x17f8 [ 33915D0533AE7883BD50657C99EA45A4, 2063A8145D63798B948ECF755D2592B4751D8386B2B47B3D13D42B5D95557DCF ] CredentialEnrollmentManagerUserSvc C:\WINDOWS\system32\CredentialEnrollmentManager.exe
19:40:37.0433 0x17f8 CredentialEnrollmentManagerUserSvc - ok
19:40:37.0459 0x17f8 [ 33915D0533AE7883BD50657C99EA45A4, 2063A8145D63798B948ECF755D2592B4751D8386B2B47B3D13D42B5D95557DCF ] CredentialEnrollmentManagerUserSvc_18d1b3 C:\WINDOWS\system32\CredentialEnrollmentManager.exe
19:40:37.0486 0x17f8 CredentialEnrollmentManagerUserSvc_18d1b3 - ok
19:40:37.0513 0x17f8 [ 8AB3568419872D1A8A7B45153AF7B3D4, 5171ED876E0EC5CAE2BE9161ACC90F4865FF6416EFA376C82D8A5B65724A8910 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:40:37.0624 0x17f8 CryptSvc - ok
19:40:37.0676 0x17f8 [ 630470ED6E536352242E7014ADB9DBEE, 8847950F08FB52EEABFC05CBCFF4309FE4A5BE25EFA5EB4B46A73579F14D7109 ] CSC C:\WINDOWS\system32\drivers\csc.sys
19:40:37.0755 0x17f8 CSC - ok
19:40:37.0808 0x17f8 [ 26FC0AFFBA1051FEF73BBA040ACC6D12, 0BBBFDE91B48844B38B5C9A515D759C9D686CA1C22E835DA306C97CA1C1A1250 ] CscService C:\WINDOWS\System32\cscsvc.dll
19:40:37.0890 0x17f8 CscService - ok
19:40:37.0924 0x17f8 [ 4233BF1BA4FDD55A14DA16BE864B7504, 7B34CD50996D7F1B9636C8CD6612991039C4806B7094CC66CEECBB28E5F8D3F3 ] dam C:\WINDOWS\system32\drivers\dam.sys
19:40:37.0944 0x17f8 dam - ok
19:40:38.0014 0x17f8 [ 47E9BCAEF5978A15A48A9ABC50E3CBC9, 027B35CF51A686F2D5871615050DB0B071CAB01AC146055350A584F37A724643 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:40:38.0142 0x17f8 DcomLaunch - ok
19:40:38.0204 0x17f8 [ 5B319FCE98700D01DCDCB0BC80C93DED, D80E347B83F72BC09AC649036897830DD72A842E260871701D512C1DD045AF59 ] dcsvc C:\WINDOWS\system32\dcsvc.dll
19:40:38.0337 0x17f8 dcsvc - ok
19:40:38.0377 0x17f8 [ F58B99912057ED256C3331D964CEF2BC, 99E3207E724D73C21CFE67E01AE28797948F40070376A26E9DEBB239075193AF ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:40:38.0458 0x17f8 defragsvc - ok
19:40:38.0491 0x17f8 [ 468723FFCE6660FC64C2D48385FA4415, 6D668E0C987D10B5A30B337845CA5E478AD92FF0FE6C73DFF0AFD988592E3924 ] DeviceAssociationBrokerSvc C:\WINDOWS\System32\deviceaccess.dll
19:40:38.0522 0x17f8 DeviceAssociationBrokerSvc - ok
19:40:38.0549 0x17f8 [ 8AF8D1A8ACFBFFD65406193CFA4B9B37, CD0833890D34EA425E68B169F915AD61FFDAF29B78D5FA439FD2E8D257DF77D0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:40:38.0611 0x17f8 DeviceAssociationService - ok
19:40:38.0663 0x17f8 [ 47997A891009AD881DFA69E018D3DF41, 954BBFB9E4C7FF79A811123D31954840590837ECDC9108161717EE29C8EFB676 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:40:38.0714 0x17f8 DeviceInstall - ok
19:40:38.0751 0x17f8 [ 14279A4BD2CC0F1F5C5AE77A3EFCD604, DBB2B93A2E2C8F006118A11385BF571907032A49C09CE4B7F97B5945EEF7396E ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
19:40:38.0829 0x17f8 DevicePickerUserSvc - ok
19:40:38.0892 0x17f8 [ FC34E5E9CF5E3965DB8C878461DAE4BC, 400B1E3B1245FF3FE83E7EF8E811D55787A926BA343776337D8216A67120AFBC ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
19:40:38.0970 0x17f8 DevicesFlowUserSvc - ok
19:40:39.0016 0x17f8 [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:40:39.0043 0x17f8 DevQueryBroker - ok
19:40:39.0074 0x17f8 [ AC8F072A3B69339079A65D5F5FC56459, 0997BB96C3BB0718FF2C3F1B773DAC47C793B55A35BFC50F85CCAA79B1E4668A ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:40:39.0137 0x17f8 Dfsc - ok
19:40:39.0176 0x17f8 [ A3E782404689F48FD21B85108B7DCED0, CC9FBAE6FCC00AF62C5A6C90DF9918C2D9096445B8CD2FACC0C8FAE87A62ABB9 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:40:39.0248 0x17f8 Dhcp - ok
19:40:39.0314 0x17f8 [ 834FFB6194446D80212613701D50A07D, BF3B5723E80356CAF6777462705398DA52981FC7D80C467AA3BE6A5F06B36887 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:40:39.0375 0x17f8 diagnosticshub.standardcollector.service - ok
19:40:39.0418 0x17f8 [ 83697F18D13EAE3557EE2A4DEB43C6B0, 1183CBD9B86F4F9999D64E83DA0CBA6B07407B37A91707B8F69AACA5CC6CE574 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
19:40:39.0464 0x17f8 diagsvc - ok
19:40:39.0644 0x17f8 [ D7A9B490031BBDC8532889B90D34C65E, AF36C162D47CCA357520BFD7383F43469D94F2A088307A40C4AE64981E03B0F5 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:40:39.0912 0x17f8 DiagTrack - ok
19:40:39.0959 0x17f8 [ DD44DBAC8E8CC0D514C02BEFE9A3EB8D, 2BC82CB90E77DD3D0EAA9F89AA6BB820DE47CE6A3DF91FB34B454CC64BA4DCFB ] DialogBlockingService C:\WINDOWS\System32\DialogBlockingService.dll
19:40:40.0012 0x17f8 DialogBlockingService - ok
19:40:40.0029 0x17f8 [ 953F239FFD563AFA513DBD9BAAF517A9, 1AB271B9E716D7A831AF7ABEE1E83D7AB6135F07321F862B5B2D6982485ECAA1 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:40:40.0053 0x17f8 disk - ok
19:40:40.0089 0x17f8 [ 88A37D67ACA845EE72E9A07E15273EB1, 21779D6C7B4480873992C13908CFE58568D15073460A88AE452EA1BEE54037EF ] DispBrokerDesktopSvc C:\WINDOWS\System32\DispBroker.Desktop.dll
19:40:40.0178 0x17f8 DispBrokerDesktopSvc - ok
19:40:40.0259 0x17f8 [ 38D8C032C7AFBA2725A98719C2E03FCE, 43E01AEC265954E5E47EED1F9CA4872A1AEE9DCCE8536993AEA2CD5440BAF2CA ] DisplayEnhancementService C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
19:40:40.0349 0x17f8 DisplayEnhancementService - ok
19:40:40.0434 0x17f8 [ BE657B09219DE3573DFBD594BFE8AD1A, 4346CAD086046756B331BE67BB58E60092E665D0A8CAF6BADC1C70C6274B9A78 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:40:40.0545 0x17f8 DmEnrollmentSvc - ok
19:40:40.0566 0x17f8 [ 48AA813AAA7E347CD7D6D56FE32144C6, 6604DC0E7607E46B83F1239934646AC4ADF5CA4CC463FB9DF521B243F434579B ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:40:40.0583 0x17f8 dmvsc - ok
19:40:40.0612 0x17f8 [ 9F1C56CE3764F006ECA9207C8FB66B71, 92A1C554726AD06E1BDBCF6D97513A0E3F45792637E9F713756EEEB000251A66 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:40:40.0649 0x17f8 dmwappushservice - ok
19:40:40.0686 0x17f8 [ AD450D67A6CE48C4DB63599035E1CAC0, 14A56910E276C41EA6663ADFE89FF14D6AAAF90ECDA5F289D1EA1582C747C0A5 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:40:40.0750 0x17f8 Dnscache - ok
19:40:40.0803 0x17f8 [ 15AC2FF064E84F9B84D06C683C03990B, 7299C1BF75052DDEEDF3B70B52FB677BE70FE953113013D3EC4236CD43783509 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:40:40.0840 0x17f8 dot3svc - ok
19:40:40.0873 0x17f8 [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS C:\WINDOWS\system32\dps.dll
19:40:40.0914 0x17f8 DPS - ok
19:40:40.0937 0x17f8 [ 6ADB3F56899519673D735C3C09476234, 8A97F4C5FC8BB83C819409B1E3F70F87D13034B9E6F8F0A041E38ADAADED1D8D ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
19:40:40.0954 0x17f8 drmkaud - ok
19:40:40.0985 0x17f8 [ 25260949377D51A7DF55CC4116D1E328, 3C0FE5F039318C57C06FE733FAC00C2753B25905833DC4D76304757EBA5155A5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:40:41.0036 0x17f8 DsmSvc - ok
19:40:41.0067 0x17f8 [ 4B903583999E571ED2B3B1CB6D694605, 30B4DD37228E0FE50C200F511505C09D3FD5B3395E5AE49931E752463424C302 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:40:41.0117 0x17f8 DsSvc - ok
19:40:41.0147 0x17f8 [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
19:40:41.0198 0x17f8 DusmSvc - ok
19:40:41.0372 0x17f8 [ A2A1DBEAF9CA379ADD9104DC1A1AB83E, DF82DD0ED5B6A4DDAC6558195BB78C222149D5D08222CE9BD861A757C94664C1 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:40:41.0583 0x17f8 DXGKrnl - ok
19:40:41.0611 0x17f8 [ AF7B5676A104F8A7D87DDA84DDFD5240, C89BE2506C647924E94FA2F44AA4AF9EAA2F794FA444C8854FEA5B3F563AC185 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:40:41.0663 0x17f8 Eaphost - ok
19:40:41.0800 0x17f8 [ E7B7E38AD720352CFE9A5FF3A82AB124, 48D9F61E943A7855562950FF26B866BD51A27D980757B065504FCD3F1A1D6F07 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:40:41.0992 0x17f8 ebdrv - ok
19:40:42.0063 0x17f8 [ C019E421D9F897108E51666CBAE2C8B0, 3096D8E82917A9B73F322F4B1743E52E9B0C8B3C5933A957E73E29D6973CDD5B ] edgeupdate C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
19:40:42.0096 0x17f8 edgeupdate - ok
19:40:42.0118 0x17f8 [ C019E421D9F897108E51666CBAE2C8B0, 3096D8E82917A9B73F322F4B1743E52E9B0C8B3C5933A957E73E29D6973CDD5B ] edgeupdatem C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
19:40:42.0139 0x17f8 edgeupdatem - ok
19:40:42.0165 0x17f8 [ 289D6A47B7692510E2FD3B51979A9FED, 0777FD312394AE1AFEED0AD48AE2D7B5ED6E577117A4F40305EAEB4129233650 ] EFS C:\WINDOWS\System32\lsass.exe
19:40:42.0184 0x17f8 EFS - ok
19:40:42.0209 0x17f8 [ 75335F1918D78A10B8DBD220F394FA75, 7F5E80B866BAF62CD4A5667F91F05B6AF094BE2EBD4067BBBABA7A9C1C1E6ECB ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:40:42.0230 0x17f8 EhStorClass - ok
19:40:42.0367 0x17f8 [ 9F04CF369B93A78B2E56A3DF9B41F25F, 514A0687D2ABE6C52D6BFF8F0F5E47DD77EBEEDC4E6C6539B05BD0EC27B6704D ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:40:42.0415 0x17f8 EhStorTcgDrv - ok
19:40:42.0450 0x17f8 [ 48066A0A516271CF80868075216A7A41, DEC15E25420771EC4CB2D724D5F5B8627E9DFA3F56C4ACFFB01D8DF688D3617F ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:40:42.0503 0x17f8 embeddedmode - ok
19:40:42.0588 0x17f8 [ 21339AD531D5B97BDBB02F2B0F60CE4B, F4884735C9FB36BB7A4909C271B0AF4AEC6AE3B9AE94431CF60A3F3E5E6929F5 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:40:42.0691 0x17f8 EntAppSvc - ok
19:40:42.0728 0x17f8 [ E87F3FA1F9133DEEC1B3692976487777, BF14DB2762B48ACE54977E98DC2A4060B8B1122B58FDEFBB4C84546ABEB410A5 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:40:42.0781 0x17f8 ErrDev - ok
19:40:42.0913 0x17f8 [ 1A3A73C7BB1C23AC1B4CF56F88DB07B5, F16139CAA57A0923EFA79C3016C717E41E70CF2BF863CD50BD959603052A7968 ] EventLog C:\WINDOWS\System32\wevtsvc.dll
19:40:43.0131 0x17f8 EventLog - ok
19:40:43.0177 0x17f8 [ 75AE3ECE8595A1BED76FFE607CBD5955, 375E0841098237B29CA57D7B4144638C67B0471CEEE33F998AD42A7E1BBAA069 ] EventSystem C:\WINDOWS\system32\es.dll
19:40:43.0252 0x17f8 EventSystem - ok
19:40:43.0305 0x17f8 [ 3089A3D905AD11C99E972086F345D2CD, 234D422A87D2A27BE93E242F6D8D8FF31D05EC16F85593A8313A832F607BEE9F ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:40:43.0347 0x17f8 exfat - ok
19:40:43.0378 0x17f8 [ 046EA3CC7A988747E7CD6B1D151A4D5A, B701F33EEC82E9110CB9E134F849F40EFB8B2C99B9E1CEC1A69EFA5C275C73C5 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:40:43.0420 0x17f8 fastfat - ok
19:40:43.0490 0x17f8 [ 05CC2A525AE92756B9CA2D12CA1C2B5D, 19B0C89D01B857D126B562AD21668270DC4687F172F22326F009639D23D9074D ] Fax C:\WINDOWS\system32\fxssvc.exe
19:40:43.0613 0x17f8 Fax - ok
19:40:43.0654 0x17f8 [ F567A0C101AECF4548E0BF61EE25D332, 26BC9C2F1D42CE5BEF55E98DC0DA557F09B747186580C796003CF84229F6D151 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:40:43.0709 0x17f8 fdc - ok
19:40:43.0731 0x17f8 [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:40:43.0792 0x17f8 fdPHost - ok
19:40:43.0808 0x17f8 [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:40:43.0835 0x17f8 FDResPub - ok
19:40:43.0853 0x17f8 [ 3AA883D460D1A6169A2A654C9596172F, 737195664878BBB629F731DC9805754FD42CABA36F9D72EAF562DDCC3E7AD567 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:40:43.0915 0x17f8 fhsvc - ok
19:40:43.0937 0x17f8 [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:40:43.0961 0x17f8 FileCrypt - ok
19:40:43.0979 0x17f8 [ EE7605E60374CBD2DDAAA120FA2E458A, 832BF32B9EFA04FBDD9638D00B209DFC88C4C69E0AEC7FF1B5AD4DDEC0F20878 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:40:43.0997 0x17f8 FileInfo - ok
19:40:44.0018 0x17f8 [ C7F6F4B73E410087C6DE5658AAD70232, 42C56B93FF52CAC5B74CE0A16D9D4425E8B3E690B3BD76A5A3C657655B62A34A ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:40:44.0060 0x17f8 Filetrace - ok
19:40:44.0066 0x17f8 [ C867FE1865F45469DD96957900073361, 1534A840C56912D34DEC8F487683C0A782070A89726BF87DFAAF7F953A18A1DA ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:40:44.0098 0x17f8 flpydisk - ok
19:40:44.0139 0x17f8 [ AD77CDDDB35E407585E40C57A3EFD76C, A74AD4D7624FB741B7008711336B37F3A27D96C3EF6361C107155B3BDFD8592B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:40:44.0184 0x17f8 FltMgr - ok
19:40:44.0278 0x17f8 [ BA3596F48CBB9BE2855A7DBAD7202757, E28C65C91136349BA508E918A15C69F179594C688F6C9142DCA8A8A9C136CE24 ] FontCache C:\WINDOWS\system32\FntCache.dll
19:40:44.0386 0x17f8 FontCache - ok
19:40:44.0451 0x17f8 [ E4812A2263960AF95C99341255F56EDA, 50E9A9E2AC75E5BA4B839222989EAF5948E91931019E20271C9A074D4A0BBD28 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:40:44.0546 0x17f8 FrameServer - ok
19:40:44.0563 0x17f8 [ E02B44DD96797C68D22C9EAA568A224B, 849EFE1469748BA1494AFBEE48C1E6C96F4E2B4305F3282D31D916A17AD7C71A ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:40:44.0582 0x17f8 FsDepends - ok
19:40:44.0597 0x17f8 [ A3631ADDD926826110A436D6A04B31CA, 2073327E5C1E542EA2740CA0D43204940EB72652619B5209A2E4A4A0FB18D20A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:40:44.0613 0x17f8 Fs_Rec - ok
19:40:44.0689 0x17f8 [ 355D999283FAF71F18ADD4608C11F92D, 91B3305A60C5CD9CF3A0AF363DB860CC507EEBE8EF18B501441B7B5F9599399B ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:40:44.0748 0x17f8 fvevol - ok
19:40:44.0785 0x17f8 [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:40:44.0802 0x17f8 gencounter - ok
19:40:44.0899 0x17f8 [ DF2344160D1E58AB5E1DDB174D46853D, B263D352479812A4DEB6BB8AF573150491EA9F5D55DCD00185AF6759FF2601F6 ] genericusbfn C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys
19:40:44.0935 0x17f8 genericusbfn - ok
19:40:45.0099 0x17f8 [ BC0A5D481BEF2B82BF401519964207A4, 1992166F268F36CCE7862EF72BD9C0D83EAE33B4F3BBCFFE0D71E6FB0CBE766E ] GoogleChromeElevationService C:\Program Files\Google\Chrome\Application\115.0.5790.171\elevation_service.exe
19:40:45.0176 0x17f8 GoogleChromeElevationService - ok
19:40:45.0216 0x17f8 [ E0C0B02E56EE1E639CA3928F55D59D59, 1019FF6F1B423CBF1512F15EA72536F93D0380B052D5C679313F5FFF8BB0A4DF ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:40:45.0239 0x17f8 GPIOClx0101 - ok
19:40:45.0312 0x17f8 [ 9D1EBF89162D47AD274E5D32E6A804C7, E8CAA1A7BB682389E291FCE9E6262038F192C0F0314AD8539FA1B371AF73123F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:40:45.0432 0x17f8 gpsvc - ok
19:40:45.0447 0x17f8 [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:40:45.0478 0x17f8 GpuEnergyDrv - ok
19:40:45.0514 0x17f8 [ 98C05369D9E8AFF249F6AB0837E87912, 7C059098A69C513CB93BF15583C9D11E4E83096FB94FD5C46584E74A988D6828 ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
19:40:45.0555 0x17f8 GraphicsPerfSvc - ok
19:40:45.0616 0x17f8 [ 047FDBAE45C6D08B606BF3E8CEEFB4C5, 0010A33FCDA893D72DA357D8F8751F0ED243908F1A83B51748E81B508EBF03BA ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:45.0656 0x17f8 gupdate - ok
19:40:45.0678 0x17f8 [ 047FDBAE45C6D08B606BF3E8CEEFB4C5, 0010A33FCDA893D72DA357D8F8751F0ED243908F1A83B51748E81B508EBF03BA ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:45.0701 0x17f8 gupdatem - ok
19:40:45.0734 0x17f8 [ 6A3D89AC2F01A375CC6F12FEC588EFC9, 3BAB7BEB30ED64634587B6EBE625FB78A8C58058AED4151FF83231E0D5CBEFDE ] HdAudAddService C:\WINDOWS\System32\drivers\HdAudio.sys
19:40:45.0804 0x17f8 HdAudAddService - ok
19:40:45.0833 0x17f8 [ 0823AE866BF27AB24F2033DAD69691FA, 5ED1F6E2B0AC37B8BBAC1344DEFAE517F5C0839B6E3594388DAACD39355D4557 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:40:45.0860 0x17f8 HDAudBus - ok
19:40:45.0885 0x17f8 [ 05FC1B768ACB2D5CADDCA2F2E89F579C, D773640F980BF832D74FBB5E19FC1FFC06F9401C10698C0C26CFB7C067F3DB73 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:40:45.0903 0x17f8 HidBatt - ok
19:40:45.0923 0x17f8 [ BAA82FAEFCCA50270C6F38D4108403A3, 7704F6F7716D9DF1C3CD81A228B361574A5783DC89A8DFE9B27318EBE3131345 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:40:45.0964 0x17f8 HidBth - ok
19:40:45.0982 0x17f8 [ 1E129E905072A79282D6CC929284DFE5, C161D2122638690CE4DA546CE8827B4BBD96747A4A7D799A776FEC5BC57D1582 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:40:46.0024 0x17f8 hidi2c - ok
19:40:46.0041 0x17f8 [ 1E9F3C9B201614CF4816C5D5B6C570D8, 60CF06F1668FFFB870E76D8231A090AB3AD7EA44F1F45A36FC28814CC845B94D ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:40:46.0058 0x17f8 hidinterrupt - ok
19:40:46.0082 0x17f8 [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:40:46.0105 0x17f8 HidIr - ok
19:40:46.0142 0x17f8 [ 2A41AF60430E686985E9101C07A77B80, 2B6EC0692A09E5943C5BBA0E3AEFC746E96412E1836C84B1857B4DCF242DD28B ] hidserv C:\WINDOWS\system32\hidserv.dll
19:40:46.0186 0x17f8 hidserv - ok
19:40:46.0220 0x17f8 [ 60E8A828AE68BC5DCAEDCBB3C01ABA81, 09B89A88146C7ACAEC5DD841F3E7A23E97D40D0382D24AB98F540C777B5DA524 ] hidspi C:\WINDOWS\System32\drivers\hidspi.sys
19:40:46.0259 0x17f8 hidspi - ok
19:40:46.0329 0x17f8 [ C2B03233681DAC80CC0211001A1FA969, 1140DB06546A4565432B1A580918A29AC75E89C980437DADD799577C0AFBCFC2 ] HidSpiCx C:\WINDOWS\system32\drivers\HidSpiCx.sys
19:40:46.0392 0x17f8 HidSpiCx - ok
19:40:46.0430 0x17f8 [ 99A02F2398890E2DC8D50610FFED16A6, 792A782EE7E58C225143D1CC5796FB7D4EE238D5325C6155C6BBECF8567521F3 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:40:46.0464 0x17f8 HidUsb - ok
19:40:46.0498 0x17f8 [ 530C0E730B5E6BA332FB4AC98F760789, 0ADE20523619D5705B941591DF0C19D6B0030F96FECEBBC7A4ADEF963A476383 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:40:46.0515 0x17f8 HpSAMD - ok
19:40:46.0584 0x17f8 [ 82E94634EC04E950DB36A30245EE6090, B49A74DD2E62AB47840D62B7525FC6C791AB1318D570EBA4BAFC5335B0C8C87F ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:40:46.0681 0x17f8 HTTP - ok
19:40:46.0705 0x17f8 [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
19:40:46.0722 0x17f8 hvcrash - ok
19:40:46.0751 0x17f8 [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:40:46.0769 0x17f8 HvHost - ok
19:40:46.0800 0x17f8 [ 9302A5D435C58B288A87747475862A47, 2B72A0BFBE440FA0D2D510A8C9DFD865F040FEF9641A76F40FEC5F672BD02908 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:40:46.0829 0x17f8 hvservice - ok
19:40:46.0858 0x17f8 [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
19:40:46.0886 0x17f8 HwNClx0101 - ok
19:40:46.0905 0x17f8 [ D734926DC33F9D7E306F8B3BF68EAC57, F1CCE47AEC0E653CA6DC04C21CBC78EC6C6D74D4BF329D50BE9A7497ADD1FB3F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:40:46.0922 0x17f8 hwpolicy - ok
19:40:46.0941 0x17f8 [ 22362F7C8B7B1456DDF019BFB0523C26, 3DCA435A621FC3CD786E02D013B363ADA9399839E0A31F2969E094F69AD3A183 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:40:46.0959 0x17f8 hyperkbd - ok
19:40:46.0976 0x17f8 [ BE7559280E3327E9B35E843414957438, 157D5626090149A2F71BB483C57CB20259B98C61C35185AA7C6FCD533ABE7D90 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
19:40:46.0992 0x17f8 HyperVideo - ok
19:40:47.0001 0x17f8 [ E4B36C6EAAAB703CBFECB92EE590FB31, E1887A4E678BBA7226E7EBE5B49EC821C2F23642D321A9E1513F7477E4B9340D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:40:47.0045 0x17f8 i8042prt - ok
19:40:47.0074 0x17f8 [ 9E5AECAB5F05218D9AC923E7CEA1CE15, FAAA46F22944E043A90AE6E9F0F86AF187FC2819C563DA375B2A409347BB2C35 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:40:47.0129 0x17f8 iagpio - ok
19:40:47.0156 0x17f8 [ 48EDB9B5DAB7D294951A520330F13715, 9296A14590DFD94A3C728CAF3CA91BA211F27974F9CFF8417CDDC00D1453315C ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:40:47.0196 0x17f8 iai2c - ok
19:40:47.0207 0x17f8 [ 6C3EDE394C71D5A67A504F55E35B6F47, 6FF5D13EF69E8FBCB4772C7B5C4D5770C78E0B29F9164FA1611EFDE91CE876BE ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:40:47.0230 0x17f8 iaLPSS2i_GPIO2 - ok
19:40:47.0248 0x17f8 [ 806D14CEAF25E5F2DFCBA8E7E33B86BB, 2141DE558461B592D4111A0388D1AAC8062FA72CD1E2A2D2D68279A9633288E9 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
19:40:47.0299 0x17f8 iaLPSS2i_GPIO2_BXT_P - ok
19:40:47.0308 0x17f8 [ 87DDDAE1693484BD0A210C877BDA00C2, E353D90D0B79A70F976FD5EA1CB7E25A97835E25116962EA035424715B2F43FE ] iaLPSS2i_GPIO2_CNL C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys
19:40:47.0333 0x17f8 iaLPSS2i_GPIO2_CNL - ok
19:40:47.0350 0x17f8 [ 8D3E3C431367E3BA632B4396CA662E1A, 71FDC25244298D62A335769D6ED43394C33FBD8DB05AA54CA924A2977F37858F ] iaLPSS2i_GPIO2_GLK C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys
19:40:47.0390 0x17f8 iaLPSS2i_GPIO2_GLK - ok
19:40:47.0401 0x17f8 [ 149F1260537C4F68C3F67C363B62F3C5, 3F1F9EC7571D0F82D3F5BBA298965491260708F05EBAAA2CC23483521A5FF079 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:40:47.0448 0x17f8 iaLPSS2i_I2C - ok
19:40:47.0468 0x17f8 [ 3E641E905A6DBF29CBA1E72BBE349808, BF354297A55713D9E2DD4044D42810C007733EE54D5A80D58B96DD279D92C716 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
19:40:47.0541 0x17f8 iaLPSS2i_I2C_BXT_P - ok
19:40:47.0553 0x17f8 [ 897478D8FACEAE8681F6F3502201EC68, F105EDD16E38F5C0044CC7139E4084A04B0AE3212171A1C7F6FE759F3F5F77FC ] iaLPSS2i_I2C_CNL C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys
19:40:47.0595 0x17f8 iaLPSS2i_I2C_CNL - ok
19:40:47.0629 0x17f8 [ 2ED3B41C7CB4101ACB15D84D8AB5AA9D, A92487129B81376471C842B9932FF3A7B3ABBBB89797978E3FDEAF71A6FD5E3F ] iaLPSS2i_I2C_GLK C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys
19:40:47.0689 0x17f8 iaLPSS2i_I2C_GLK - ok
19:40:47.0709 0x17f8 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:40:47.0724 0x17f8 iaLPSSi_GPIO - ok
19:40:47.0739 0x17f8 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:40:47.0782 0x17f8 iaLPSSi_I2C - ok
19:40:47.0832 0x17f8 [ E2E64636CD6A6902BD81AC3B90089484, 7274F33E5EED8AF739FFCC80B9A62CDF12553EBD2724E2F8E93FD67376CC6E84 ] iaStorAVC C:\WINDOWS\system32\drivers\iaStorAVC.sys
19:40:47.0892 0x17f8 iaStorAVC - ok
19:40:47.0920 0x17f8 [ 215525477CBDCD07A82AC518BAE3DEC3, 30BEE94794953E2DBF0FC5AFCE0566F335AF022E89819DE145329E7C09C636BD ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:40:47.0961 0x17f8 iaStorV - ok
19:40:47.0992 0x17f8 [ 329F2FEC47FD8754FC44A8F3F283C915, 0F3E4F33B019B278B6657B4ECEC25D04B128578622539FF5855330BDB6537545 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:40:48.0034 0x17f8 ibbus - ok
19:40:48.0071 0x17f8 [ 933AB796194214F99353FE2525942BC9, 12AD73C3C3D5354AFF5284590288D3C664F40AA2437FBCB619F90C2F678CF9A3 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:40:48.0107 0x17f8 icssvc - ok
19:40:48.0349 0x17f8 [ 226EAECA4F21F899E3F0C95297678A0B, DC18AAE3F1505C9BECB75218F4CCCD8DC6E1C6258EDA9A57B57028246EF346FA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:40:48.0612 0x17f8 igfx - ok
19:40:48.0674 0x17f8 [ 389C990C9B9FDC023005FDFD1E92802F, EE986A8463D7803A831E2BC4F4A454217CD8DF0CD0A32A60C8A0A6D3B452A8F7 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:40:48.0762 0x17f8 IKEEXT - ok
19:40:48.0780 0x17f8 [ 9B943585EF2A4917E1BC2186045E4B64, 2F4FE50C3ABB7A37E0ADB4429F18B8067EDE0608BC4539BAC626C2C6D75844B7 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:40:48.0804 0x17f8 IndirectKmd - ok
19:40:48.0938 0x17f8 [ F2B765A26BBDAC9E35444C67EF05BCA0, 697DBF6EF2043B2418B2F08441D922E7A598F642A333016C84B24045322E65A1 ] InstallService C:\WINDOWS\system32\InstallService.dll
19:40:49.0141 0x17f8 InstallService - ok
19:40:49.0150 0x17f8 [ 1C05B2A3D4698256421A4B35D9DDFBAE, AA618C98778E941E471BC9CE865058A0EEB42BFDCD7A4E0D421DE156ADE5C40E ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:40:49.0171 0x17f8 intelide - ok
19:40:49.0204 0x17f8 [ 4B8355CFE8040201551215F760B051A8, 5D6958F2C527D465AED88B6604F9527B4612B4B5BC4F9F234E5200DEF7438BAD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:40:49.0263 0x17f8 intelpep - ok
19:40:49.0286 0x17f8 [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax C:\WINDOWS\System32\drivers\intelpmax.sys
19:40:49.0318 0x17f8 intelpmax - ok
19:40:49.0357 0x17f8 [ A214EA1EA1B71757FD705A3AB3CDE87A, C325E30B206F0F285C354FFF562D934105C9532FCD4178D31DDE708E01B796CD ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:40:49.0386 0x17f8 intelppm - ok
19:40:49.0394 0x17f8 [ BCDEA9631377ADEC401C734B48FD5E40, CD855142F264A9756ED8DF075C044C82117C1C0EAB84A1567EF3DC3B8E9CE1FF ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:40:49.0411 0x17f8 iorate - ok
19:40:49.0420 0x17f8 [ 2663BB5F755FD3FD3C66DAD3FA14B6DD, 5B68940160CAF89C9611E57A81571BE6EDE1EDF47C801B1F9AE714E5D64AB6A9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:40:49.0451 0x17f8 IpFilterDriver - ok
19:40:49.0529 0x17f8 [ D8AFA4E5C071C63551234DB2E721C41C, BDD7FFE08D3CA8D49CC6904119B0DF23D0024ADB1B5B7B8DE4C9E4FD0114F480 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:40:49.0631 0x17f8 iphlpsvc - ok
19:40:49.0654 0x17f8 [ 401845D7F55CD1EB6AC00DEBCA3FB0B5, B3B22C1098303A89A8BD15157C899634475AAC18A4A25383BC7D4C7185AD1B90 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:40:49.0675 0x17f8 IPMIDRV - ok
19:40:49.0720 0x17f8 [ E143A8B531B719C681A5FE27DAD7CFB3, F8BCEA0FBFD25C26FC5E3DCD8813F9194EC7B8BA0F0A91C611B323310AEDD780 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:40:49.0758 0x17f8 IPNAT - ok
19:40:49.0765 0x17f8 [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT C:\WINDOWS\System32\drivers\ipt.sys
19:40:49.0782 0x17f8 IPT - ok
19:40:49.0819 0x17f8 [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
19:40:49.0856 0x17f8 IpxlatCfgSvc - ok
19:40:49.0863 0x17f8 [ 7CD67E281BAAA6FB6509B1383BE5C8A9, 1C5E077FC688F309EA0EC052E2A94AEF18CF940C67A2251A3D69EF3426147973 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:40:49.0880 0x17f8 isapnp - ok
19:40:49.0923 0x17f8 [ CDBFA4C9ADC01506BEC25E9526F69DD1, 11DE713D4809B41FCAEA3E65FA07EA2F84A328C46C4F13743830F2FBEBF859DF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:40:49.0950 0x17f8 iScsiPrt - ok
19:40:49.0967 0x17f8 [ 2DAB988FDD06CACD99B9DB2A05569449, A66C90009C7B20736A8B291889C518CBAF9D0C32A5EC720330EF25F30C056F1B ] ItSas35i C:\WINDOWS\system32\drivers\ItSas35i.sys
19:40:49.0991 0x17f8 ItSas35i - ok
19:40:50.0015 0x17f8 [ 02A6967D5AEF2F15AA9C838DBF3E1C04, 7639DCD4328C14F3FB522EC501F4DF374CCBE87699EB4A2B238C9F9C526FDF59 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:40:50.0033 0x17f8 kbdclass - ok
19:40:50.0040 0x17f8 [ DD56D35E1708207B5006B491AFBD47D7, 4DDDE0AF2816A5302511E99FD26F77517EA5C2C6D9BE76D70199A33BF3EE9FE3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:40:50.0078 0x17f8 kbdhid - ok
19:40:50.0112 0x17f8 [ F0B7FEB4D627FAA3E2BF8764D83F7479, 0E483D46D22A2171DC844B53D31BC44E73DB90FAD7602E20FDDF3051FD2278D9 ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
19:40:50.0130 0x17f8 kbldfltr - ok
19:40:50.0137 0x17f8 [ 6B7422A382C1788AAF7C6CE6D4A4B375, F14AC6EF3695E05CD2D5CD9524AF7D0327E11A8B2BA9315A1EBF53828A608D33 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:40:50.0157 0x17f8 kdnic - ok
19:40:50.0177 0x17f8 [ 289D6A47B7692510E2FD3B51979A9FED, 0777FD312394AE1AFEED0AD48AE2D7B5ED6E577117A4F40305EAEB4129233650 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:40:50.0195 0x17f8 KeyIso - ok
19:40:50.0214 0x17f8 [ DC2F7867AC245DBB12FEC19494C0E9B1, 2883D42BF3020B02F2EB5F949F5D7B1BBC0E772BC0F585D51972EDA311D10A94 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:40:50.0235 0x17f8 KSecDD - ok
19:40:50.0265 0x17f8 [ B7F54D45D5407C193EDDA47D63628CDF, 602240968765DF3C2E82CA40F96AF09DFCBAE37B6ACEC7B52982079B61429424 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:40:50.0289 0x17f8 KSecPkg - ok
19:40:50.0296 0x17f8 [ E5304DE29BB9666DF0E57E5BA71C0E10, 491802A11F9E563369DB69E1D838C6F0F54F69F31BDC14018339CEE1B6C9C3CA ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:40:50.0331 0x17f8 ksthunk - ok
19:40:50.0375 0x17f8 [ AA1C38EDD07920B1A546252918EE8578, 6617C9F2AB1C4EC0D9DAEFF78AF4D34312CE6DED99DC3BEB8CB9D51160C7BD44 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:40:50.0437 0x17f8 KtmRm - ok
19:40:50.0474 0x17f8 [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
19:40:50.0513 0x17f8 L1C - ok
19:40:50.0558 0x17f8 [ 4C6A79E8264AAC72C398A673E8B14059, 36AFA5136677B30EC9B97DB090B6A4106711617EF15CC09A506E7981D2145CA2 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:40:50.0625 0x17f8 LanmanServer - ok
19:40:50.0668 0x17f8 [ B695AAF5DF6D1A5B966AF8DFD537B0F7, 421C7F0F2945143192B0E6E54936BEFEF1411B6AC576495FC116F53CD0403450 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:40:50.0743 0x17f8 LanmanWorkstation - ok
19:40:50.0779 0x17f8 [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:40:50.0823 0x17f8 lfsvc - ok
19:40:50.0830 0x17f8 [ 98B6DF0BC14DC6BE7FEF49998FA36896, 2146FE84B3AC6EB3D91AC56F5A4A25D005E36FF7A1B01E1051271776C59538F6 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:40:50.0877 0x17f8 LicenseManager - ok
19:40:50.0892 0x17f8 [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:40:50.0929 0x17f8 lltdio - ok
19:40:50.0956 0x17f8 [ 199738EF3AFC628823A7A5C74D5CA887, 164B6C738FC416143C49BF0D1CFDCC952360693F41F799B79FEBA72CD542F9B6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:40:51.0006 0x17f8 lltdsvc - ok
19:40:51.0065 0x17f8 [ 4A501E9429650B678610ABCCAD1D2609, 71F33FD997D36B8CFB7FD36397CB768AEF1B6329B3882D445B72246621F3BD7E ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:40:51.0125 0x17f8 lmhosts - ok
19:40:51.0162 0x17f8 [ 89EB90814DA5FB6F5299240AD8B9C7A7, 36857AFABD064196B7D2A7CFAE3696D96C1FE13431DB49ACE161E706680231DA ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:40:51.0182 0x17f8 LSI_SAS - ok
19:40:51.0248 0x17f8 [ 2FD85E518EA97BB642B018EEB453401A, 7EA218BB57843B80AB5A987BA915829B8262629F72EEC84238634A016D05504E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:40:51.0289 0x17f8 LSI_SAS2i - ok
19:40:51.0299 0x17f8 [ 8B7995D9E487C8F90BEA8F1EF6331C10, 2EE68AFEB6D5EC98A996C1722057275C1648411898359248D390B6AA9F697AB5 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:40:51.0319 0x17f8 LSI_SAS3i - ok
19:40:51.0328 0x17f8 [ ED902EBC8DEEF6E5FC00D0816DDFFB42, FFDDB7BA54C999D5689152E4EDACC838A769B6C479F0A0FCF294C8632F4E4C1F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:40:51.0348 0x17f8 LSI_SSS - ok
19:40:51.0406 0x17f8 [ 480A4C157B960F354380EC809BA30AF2, 139DD9ABEC71459DE66C23275F0094E53D23338080D7F331113D3B5B1750A4CC ] LSM C:\WINDOWS\System32\lsm.dll
19:40:51.0507 0x17f8 LSM - ok
19:40:51.0536 0x17f8 [ 68FEF985578A9F27C0068E81A1E18332, A3145E1D14E6D528691E41025581DC75BB1634A943C9F00A69E27CBEF3BEE700 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:40:51.0574 0x17f8 luafv - ok
19:40:51.0608 0x17f8 [ 73F9820F0B049287662863543C4960DE, 10E51514E86C2EEE421FBCD0AC3FE2C28450451E97B3BC492C3F707269D2234C ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
19:40:51.0668 0x17f8 LxpSvc - ok
19:40:51.0709 0x17f8 [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:40:51.0745 0x17f8 MapsBroker - ok
19:40:51.0800 0x17f8 [ 6C965A0AC264AF1A8E0A69882A7EAFDC, DA40E73A7F584D944F58C7F489B701315B8D30A29E5A6C840C9D291302271834 ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
19:40:51.0851 0x17f8 mausbhost - ok
19:40:51.0872 0x17f8 [ 6C6C1EFC46A62091224333E1E9304FBC, AEADB11E2BE2EEB4BB5E4E13ADDA4633475022312AEE777CFE7FEB27C490B54C ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
19:40:51.0891 0x17f8 mausbip - ok
19:40:51.0933 0x17f8 [ 6A21162E1C8A9F65787B14BC439EB077, 8B7990E1C676F53918E41F6B18B20179D77E598352D9243B05E2EA22B2D9E4FE ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
19:40:51.0959 0x17f8 MBAMChameleon - ok
REPORTE TDSS KILLER - PARTE 2
19:40:52.0002 0x17f8 [ 9E77C51E14FA9A323EE1635DC74ECC07, B5619D758AE6A65C1663F065E53E6B68A00511E7D7ACCB3E07ED94BFD0B1EDE0 ] MbamElam C:\WINDOWS\system32\DRIVERS\MbamElam.sys
19:40:52.0022 0x17f8 MbamElam - ok
19:40:52.0058 0x17f8 [ 6B187634792CEB280735D542946F226E, 4A9CC386803F32DA7F0CD97CBF0B7712ADCD9196F036ECA505C00F05DFE7F622 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
19:40:52.0080 0x17f8 MBAMFarflt - ok
19:40:52.0111 0x17f8 [ 5B781DEED8F09AA901E8C066642D8AF6, 982DDC31DA34F23DC1E2F68DFD69BE6B9B0B73FBD59BA6A8284563D6ABD12D2A ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
19:40:52.0130 0x17f8 MBAMProtection - ok
19:40:52.0512 0x17f8 [ E7D1BFBEE9A8FCA1D3DF7DFC6FA1D629, 75F5D1DB040C215957C848981101F1194E6502CB064C599F59A8202B137121BA ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
19:40:52.0843 0x17f8 MBAMService - ok
19:40:52.0960 0x17f8 [ 1DC6D344EE9B6B024BA23278891DB9A5, 823E1C7321E177B006C1F3FD1EC8B99607A12D2C3C321F3A6CBBCF7030B6C240 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
19:40:53.0007 0x17f8 MBAMSwissArmy - ok
19:40:53.0042 0x17f8 [ 2152A9ABA3407E2CFCAA84E4C20423A2, A7D456C7679717500C4A8968A9EA205107DD6E72C81BA1435777AF2BD3BD95D3 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
19:40:53.0072 0x17f8 MBAMWebProtection - ok
19:40:53.0113 0x17f8 [ 079D1EC6462AEA1BD9D6122F0514232D, 580C048AF400C1E9890A210C949DDCD2BDE1F855FD81E425A0C66A983E953B1B ] MbbCx C:\WINDOWS\system32\drivers\MbbCx.sys
19:40:53.0154 0x17f8 MbbCx - ok
19:40:53.0228 0x17f8 [ D069E5927A5477187E8A527C0E663D3F, 95CB0ADC13EF2648BB52E0C5A0CC18674BC696BC1C509BBA371F6F3966B68FC5 ] McpManagementService C:\WINDOWS\System32\McpManagementService.dll
19:40:53.0334 0x17f8 McpManagementService - ok
19:40:53.0365 0x17f8 [ CE4B01081B8FD211A7A34219D5E8154A, 9041FDEB932F2CBBCE4A017256C81B3733604403AA343D4532910436E8288CA9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:40:53.0387 0x17f8 megasas - ok
19:40:53.0405 0x17f8 [ F3C6B901E3FF70F27A17CFDDD7BA85AA, 6D67F52F0B63724126DD7B75B3489D14A6CBC3BD1E0D19188026DA21E85A620A ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:40:53.0423 0x17f8 megasas2i - ok
19:40:53.0441 0x17f8 [ EB84966D14F9342C8AD3D78BA9AA8754, 83C982FC61094A9E9F3E3CB5174B7409698C12FE3B6BF9B2F4C9365E56C642B2 ] megasas35i C:\WINDOWS\system32\drivers\megasas35i.sys
19:40:53.0460 0x17f8 megasas35i - ok
19:40:53.0511 0x17f8 [ A4DC7070D92AD82A7BDF2F69C155AF69, 8A902DDB6016E4D5C28808FBA5741751D94FFBD4B55724D47BBA0A8C29900E53 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:40:53.0566 0x17f8 megasr - ok
19:40:53.0597 0x17f8 [ 38A4736FC5B74F176BDD592EF95AB035, 10411BA97B3479F22655C4A9949DFBD037843030538FAA881529048D28E8FC4E ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:40:53.0635 0x17f8 MessagingService - ok
19:40:53.0830 0x17f8 [ 1C0652C5940307D891BC300AB374C6E4, 8E8B5EC477169F8E74022AB8616869AE077C1F8621FAF32E140E145106D7968D ] MicrosoftEdgeElevationService C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.203\elevation_service.exe
19:40:53.0905 0x17f8 MicrosoftEdgeElevationService - ok
19:40:53.0947 0x17f8 [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
19:40:53.0971 0x17f8 Microsoft_Bluetooth_AvrcpTransport - ok
19:40:54.0002 0x17f8 [ AF70C76096A5C905D195ED0F40E0A294, 2E78475D0F618A2F988727F5C21DC083546A6DDAB24E1152DCBF9C993EE419C7 ] MixedRealityOpenXRSvc C:\WINDOWS\System32\MixedRealityRuntime.dll
19:40:54.0025 0x17f8 MixedRealityOpenXRSvc - ok
19:40:54.0082 0x17f8 [ 517DC2DF12A391699F8432AF89947F2B, 2C6B268486AD0F3BFB82DE0F61D076DF7C334C1C94A0316084713EBDB0C9C518 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:40:54.0153 0x17f8 mlx4_bus - ok
19:40:54.0175 0x17f8 [ F087703FAC478379323262C54CE85DD4, 56AC6F16B94E9BF9EB140B21C8397CBBE2DB9D6C6B01D2879C5ABEE060631138 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:40:54.0214 0x17f8 MMCSS - ok
19:40:54.0229 0x17f8 [ BF7ECB119071501EAB6C01374CBD25A0, F1DBC9307B3FCA67CFBF3DE4F1FF62B25B85BC832B2C05B96CA5EC0130B41108 ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:40:54.0266 0x17f8 Modem - ok
19:40:54.0274 0x17f8 [ D279BFB856809EB1C2E1CED379DF897A, 7C8F7839463AB2ED09F8D8AA2D2910624BE18199FB197CF12D0D99BBDDEDDD57 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:40:54.0298 0x17f8 monitor - ok
19:40:54.0321 0x17f8 [ 4352C109DD892A5A5413897A74103024, DB5D99DBFF8C84A7D87109DFB71396DF8E0F0754FC0D263E45116915A39735CE ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:40:54.0340 0x17f8 mouclass - ok
19:40:54.0346 0x17f8 [ 66E41E31DEBD4E1A2762945B4F15C780, 3A05D657E03B6CD9D62023061F9C652357F16DA2F2337FB6C617AEEFFAD794B4 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:40:54.0389 0x17f8 mouhid - ok
19:40:54.0397 0x17f8 [ 180D9E273A958B6D2B55410DB2C431C4, EE3598DECA591E8735DE0F449F292E9DDDBCE28A8A7B814E78DFD90AC867B7F2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:40:54.0418 0x17f8 mountmgr - ok
19:40:54.0427 0x17f8 [ 19623B4213820840730EF00BA52201B6, E9AF731D982F2E6D6DEF9239E4912881043804E6C557C6DBA9B16AD6AE0473F7 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:40:54.0453 0x17f8 mpsdrv - ok
19:40:54.0541 0x17f8 [ 3B97C4B4A84236A239838CCAAAA74807, 660FDA2D5F5051F51599B7F51DD722697BF1165E4C08C00CA0899C16C1127660 ] mpssvc C:\WINDOWS\system32\mpssvc.dll
19:40:54.0660 0x17f8 mpssvc - ok
19:40:54.0691 0x17f8 [ 27295840589657BE557D7F5801B5989A, 7073943E84D6221620D7B949AF9E15E35682542A9F344B30CDE5E5ABF603C1E6 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:40:54.0726 0x17f8 MRxDAV - ok
19:40:54.0773 0x17f8 [ FE59E44FA3566A541EEBEBB0F217A3F0, 2F0D7396C160854FE1C9714B654CD80F8984522C845701B5A6B7422A0B1EAB71 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:40:54.0824 0x17f8 mrxsmb - ok
19:40:54.0846 0x17f8 [ 11110DBE3D9E58BD188E9EFE64BFF62A, F195F57CA711D866CEC50CDE478361B6CCEDF9FC1B0F5F313DF157A97999E864 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:40:54.0872 0x17f8 mrxsmb20 - ok
19:40:54.0913 0x17f8 [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:40:54.0941 0x17f8 MsBridge - ok
19:40:54.0978 0x17f8 [ 7FB39974CB7C344E76F87EC53B9A3EF8, D25AC1E5DC5CB6B6051678ED37A76F587E6605D95198F9C6BE469706E294DA92 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:40:55.0024 0x17f8 MSDTC - ok
19:40:55.0051 0x17f8 [ 4D8C5C0B06D8F4B28AAD865ACA6C5494, 8AC1A5358691DA4FBEC7BAA3711321EAD20439029031696F12BB287771E82893 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:40:55.0066 0x17f8 Msfs - ok
19:40:55.0102 0x17f8 [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:40:55.0121 0x17f8 msgpiowin32 - ok
19:40:55.0130 0x17f8 [ 78689B7121F3DA06A879FBBD039B29AA, C656B13E0329B86663C2382943B1DD6F6E5080FAC71E3FEFA056D261F30E273E ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:40:55.0154 0x17f8 mshidkmdf - ok
19:40:55.0172 0x17f8 [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:40:55.0207 0x17f8 mshidumdf - ok
19:40:55.0223 0x17f8 [ 0C95F1C9D1ABF88CB82E5831E8CCE9AF, 46B2C56F21291D6375FBE33D8D48D0662BDD4770B8962D1D1AAA540893897A9A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:40:55.0239 0x17f8 msisadrv - ok
19:40:55.0276 0x17f8 [ AC7AA70A20F5BBFF31AAA06B56EF6843, 6367A71A6324A14139E031D675D97CA92A5C061E9F9D40B297DE54BB3FA4A9E3 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:40:55.0311 0x17f8 MSiSCSI - ok
19:40:55.0316 0x17f8 msiserver - ok
19:40:55.0356 0x17f8 [ F0B513D6ED7069B5FA37597476724B23, BBEA41AF0FEE32C7D08107375285289FD02056DA3543D518493D2484B1C955B6 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
19:40:55.0380 0x17f8 MsKeyboardFilter - ok
19:40:55.0417 0x17f8 [ 1A0FC98608099BF50ADB77C61DA7E7A5, A39738D9A943E8BB953DAFE5479CCBFD047573B5C21D71FB62D0871D1C378C61 ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
19:40:55.0450 0x17f8 MSKSSRV - ok
19:40:55.0481 0x17f8 [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:40:55.0533 0x17f8 MsLldp - ok
19:40:55.0548 0x17f8 [ 4B5CD00DEAB6BC5FE650D5E90BA5719A, 6E5DAA5D9826A3165514CE2AC4AEC23033D7BA993F06D2BDFFC68052CA71C4A0 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
19:40:55.0581 0x17f8 MSPCLOCK - ok
19:40:55.0603 0x17f8 [ 3FC09B334BB53D2EB289887CFBD79D0B, AD55F307A8146BC2ACB1B2437C19B405F7BC3F5E4A81DB685B0C046FEC4C30BC ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
19:40:55.0638 0x17f8 MSPQM - ok
19:40:55.0671 0x17f8 [ 1B9172B25182BE5F3560F76F4085A5B7, 65739D981DFD66C092F781FE1CB1BF07FCF4CD0DA969103E527D4982CA3A30AB ] MsQuic C:\WINDOWS\system32\drivers\msquic.sys
19:40:55.0701 0x17f8 MsQuic - ok
19:40:55.0745 0x17f8 [ 9C94D5C20D90EC7EDBABA2A190ADABD4, 89B79898E6BAEACE180E0C825DE84E50FD778986444032CFDD3ED47BB96FFE26 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:40:55.0787 0x17f8 MsRPC - ok
19:40:55.0825 0x17f8 [ 96A1528AC0558C0A28350318BA3B5405, AAA45C807A1ACFD8C21832D9E9AACB64A4AB3AE3E74FF240421E46CA422D1127 ] MsSecCore C:\WINDOWS\system32\drivers\msseccore.sys
19:40:55.0841 0x17f8 MsSecCore - ok
19:40:55.0875 0x17f8 [ 26072E076529C729D738230D21A8C907, 1B7D10E98E606FA1BEF645FDA0260FB5168456C1330052E26D3474D271AF2044 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
19:40:55.0922 0x17f8 MsSecFlt - ok
19:40:55.0944 0x17f8 [ E6661834D399597FB0C08DDACAB89083, C5145CFB87056EFE0F6F70641052D1217020E37615F8169F984E5465EF7C1ACE ] MsSecWfp C:\WINDOWS\system32\drivers\mssecwfp.sys
19:40:55.0963 0x17f8 MsSecWfp - ok
19:40:55.0988 0x17f8 [ DB89919F84809686BD4F8C24EB6CB3FA, 360A199A6D4690FE248C6EAA4E84673F299FA4CA6C21E940F4DF1B28216BA23C ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:40:56.0003 0x17f8 mssmbios - ok
19:40:56.0032 0x17f8 [ 244C73253E165582DDC43AF4467D23DF, 808FF81F0030CC7390B4790F91CE1763EAC02CCECA6014A2D9D990A40DBD0580 ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
19:40:56.0072 0x17f8 MSTEE - ok
19:40:56.0077 0x17f8 [ 8EE2EEE12398FEA5BC8E37AAAFE59852, E37965B9EFD9ADA6A81585DD792A20CD03BFC28512E92FC63CD2CBAE9A41AD1A ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:40:56.0117 0x17f8 MTConfig - ok
19:40:56.0126 0x17f8 [ 535B523E37A067DD781499B1245D0E3D, D364B4E94B9DB53F0E294CD22BD4E70792F737F8460405DDF737AABFBF0C4076 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:40:56.0150 0x17f8 Mup - ok
19:40:56.0167 0x17f8 [ 82B656712713424A707F1E127C68E02F, 69FBB0692C37DA498014CC6CDC609E612A3207A17B280EDE5C02248571F91F11 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:40:56.0184 0x17f8 mvumis - ok
19:40:56.0228 0x17f8 [ 8CA2DD9A18327EFBD5D7E8E099E36BD4, 9784443A7CF84479DA31BE0A53CAE1443B3A0474D27A4DEE2CF28A4DCB332D07 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:40:56.0311 0x17f8 NativeWifiP - ok
19:40:56.0386 0x17f8 [ 1E641165EADCE9085810CCD4E1AAF443, 9C7EC8118B3550829215665F2C7D537E691BA6035432CC36834039D8D64D8A60 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
19:40:56.0449 0x17f8 NaturalAuthentication - ok
19:40:56.0483 0x17f8 [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:40:56.0564 0x17f8 NcaSvc - ok
19:40:56.0598 0x17f8 [ 9CC607630F19847E887D4846D8AF9BEC, 3022760F2DB65A4ECBEDAF0E60BF2733391ADF2F323014693BC6735789578E06 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:40:56.0664 0x17f8 NcbService - ok
19:40:56.0686 0x17f8 [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:40:56.0747 0x17f8 NcdAutoSetup - ok
19:40:56.0762 0x17f8 [ D62777BD13AC73F8FB20039B701D5292, E3708D62DEA31BA03D7CE7EEF6A270DA2B3556559140B556F5AB4EA289F921E2 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:40:56.0783 0x17f8 ndfltr - ok
19:40:56.0861 0x17f8 [ BE9D5B1670123A10905DE3CF80563F1E, 9268405FEACC07B4C64E7D913F41884BB925F15F6B6F56A2D5EE1FA4E9ACE947 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:40:56.0947 0x17f8 NDIS - ok
19:40:56.0960 0x17f8 [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:40:56.0983 0x17f8 NdisCap - ok
19:40:57.0010 0x17f8 [ FF4D48CB9B1FA642E9DE8C4EAF05C980, A8C470C3429D693678F16CE47BD104B8F1E8870600C54F81058951D4A0C8A125 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:40:57.0040 0x17f8 NdisImPlatform - ok
19:40:57.0046 0x17f8 [ 8F6BC1F9E7331F564367456649CD3C84, 58FDA9DC5748D4F102F6B9BC6EEED687244ED74B32D584119750BF964ECD807E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:40:57.0085 0x17f8 NdisTapi - ok
19:40:57.0093 0x17f8 [ 09BD40437780ED584D06519373ACEDC7, 3D7685D3960382FB102E225634D54A2370DA53DEB89CAE4765AD00C9AFE030B7 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:40:57.0142 0x17f8 Ndisuio - ok
19:40:57.0148 0x17f8 [ 31AE9050FF9D6CBE1BC2A7EA5F98D6A3, 2960AF22637EDA95DF6ED154278B23AC157AF2DE6F342DA7D8083E4F7F70730F ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:40:57.0178 0x17f8 NdisVirtualBus - ok
19:40:57.0196 0x17f8 [ F2B9E39BA78EB0A8F8E7EB48835DDDDC, FF36DB36FE0A6206E4F8A8EF555971E97E89B99D8479F1978BCB79F63FB2067E ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:40:57.0236 0x17f8 NdisWan - ok
19:40:57.0247 0x17f8 [ F2B9E39BA78EB0A8F8E7EB48835DDDDC, FF36DB36FE0A6206E4F8A8EF555971E97E89B99D8479F1978BCB79F63FB2067E ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:40:57.0279 0x17f8 ndiswanlegacy - ok
19:40:57.0294 0x17f8 [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing C:\WINDOWS\system32\drivers\NDKPing.sys
19:40:57.0311 0x17f8 NDKPing - ok
19:40:57.0330 0x17f8 [ EBB9D06E3C9F01FE299E9508D5B19BEB, 502AE6F59243354366ABE8DDB1F26BA79C5A08E56F9369525678CC072CF65486 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:40:57.0358 0x17f8 ndproxy - ok
19:40:57.0369 0x17f8 [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:40:57.0409 0x17f8 Ndu - ok
19:40:57.0436 0x17f8 [ E60A2396F71BF2052429A5EF7DCC138E, 433C2957F7C314B377C5E042702D14AEE7DDFD88DCD0706F8111B827BAF35F5C ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:40:57.0473 0x17f8 NetAdapterCx - ok
19:40:57.0481 0x17f8 [ 4687FAC962855BDB1896C02334E95D54, E7F7F30D9513FDD2236FCFD5549DCD93101562BA1117213EA4DF32B70BB48A73 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:40:57.0497 0x17f8 NetBIOS - ok
19:40:57.0515 0x17f8 [ 49F7DE6F689C47B64A2C2D46CD98E327, 679A89E9078D5865C52FCAE3A86D5AD252BF22B819901303F186D55EC976E1CD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:40:57.0567 0x17f8 NetBT - ok
19:40:57.0584 0x17f8 [ 289D6A47B7692510E2FD3B51979A9FED, 0777FD312394AE1AFEED0AD48AE2D7B5ED6E577117A4F40305EAEB4129233650 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:40:57.0602 0x17f8 Netlogon - ok
19:40:57.0633 0x17f8 [ 62D46DA273CB543BB1671FE708A280CA, 4AB8B86B076320DE116F42DACC83DC95C635CB32392F3EBBE0FC64F22E7BF70A ] Netman C:\WINDOWS\System32\netman.dll
19:40:57.0683 0x17f8 Netman - ok
19:40:57.0764 0x17f8 [ 6B4A4CBA6C5178FDD7D4A76BF14CC96D, 966E479178CAA043C8B137FC2FA1D246DCFD3FA03986C4B9AA9D41DEA2376E02 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:40:57.0866 0x17f8 netprofm - ok
19:40:57.0915 0x17f8 [ 3E080956CC2A9060350FA4A0DD711ACF, 335857359BEB61536819C9BC489C666C3CC103CE048C0DD9B80D16112D39AC79 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:40:57.0971 0x17f8 NetSetupSvc - ok
19:40:58.0065 0x17f8 [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:40:58.0109 0x17f8 NetTcpPortSharing - ok
19:40:58.0136 0x17f8 [ A26CBC8D37237B5E0BC439507F008ADE, A4EE97A76EAC8D0966D262E55029250195ECC4F429F42086AA8E997AC18846F6 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
19:40:58.0168 0x17f8 netvsc - ok
19:40:58.0593 0x17f8 [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64 C:\WINDOWS\System32\drivers\Netwsw00.sys
19:40:59.0348 0x17f8 NETwNs64 - ok
19:40:59.0458 0x17f8 [ 49F1330264D403BAFC0767D14FD6FB70, DBB52A8E41C67B6D2D3F9522F426C47244B0A6E90C99522278DAC1F8E8E2491C ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:40:59.0567 0x17f8 NgcCtnrSvc - ok
19:40:59.0627 0x17f8 [ 9232FDD16C0B172C384A9E3528800BC4, 8B249860C8E10367012C1C554DD413895BA402C473997EAE3E9F1CBD2B02E15A ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:40:59.0755 0x17f8 NgcSvc - ok
19:40:59.0848 0x17f8 [ 1768195CB77B4F30595DD8881670953B, 34ED8DD2F7614663B2D198A6D76C000EFF8BC6975B4C39A5401F7B1016DE4195 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:40:59.0904 0x17f8 NlaSvc - ok
19:40:59.0968 0x17f8 [ 833D836C1589DCB023382FA1178EADB2, 9E3C3E5E7C33DACC77D347DAD2CD37043F47E0DD93DBB6EE7710BD68AEE0B30B ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:41:00.0046 0x17f8 Npfs - ok
19:41:00.0138 0x17f8 [ B2B57F620C085F2EA764BDF79AF7BE30, CA3657D9365D34FFECF6B5DE8E5905A2491756B1CC227D9AB8762B09111E9860 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:41:00.0230 0x17f8 npsvctrig - ok
19:41:00.0342 0x17f8 [ 0FA6DD9E38FF747C54FF5AE05F304327, 85449DBDBD24D72E0BAD82C81306F5AEC18F7CF23631BCFC09E8AEE4C7C646BE ] nsi C:\WINDOWS\system32\nsisvc.dll
19:41:00.0478 0x17f8 nsi - ok
19:41:00.0491 0x17f8 [ 099D027B23831D009DEB40031795A915, 4E6E391847B90C796BC7B208614F66F48BD0A6CE253295DC24DFA47E9D214151 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:41:00.0593 0x17f8 nsiproxy - ok
19:41:00.0771 0x17f8 [ 017662E5D15862538854DB8D182CCCAE, C2ADF48C0865BE3BFD0E8F8F9D1B853959D70B8BB69E417A5419E7EAD8F23575 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:41:00.0979 0x17f8 Ntfs - ok
19:41:01.0012 0x17f8 [ 2CB7C3B739D8D34B9249F7DC6C8B5C1A, 318DD3D989EBED3F29A4C3F6FA819F060BE9C14C549B7DAD8ECA2B73C7932722 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:41:01.0136 0x17f8 Null - ok
19:41:01.0157 0x17f8 [ BEB8637D4B098B286B8B4F46E88A57AD, C0515F0F429A3B60AEC5F9F2AEDCF387CF941D306A21C9BCB56571C83560C6C1 ] nvdimm C:\WINDOWS\system32\drivers\nvdimm.sys
19:41:01.0223 0x17f8 nvdimm - ok
19:41:01.0242 0x17f8 [ 5281A4F23E594AE6EDE1E38B1F8518E0, 628927EB91C6A323CA67B97EF743775B68D30599A0F0593BC3B5C0BA6C5AB82C ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:41:01.0264 0x17f8 nvraid - ok
19:41:01.0300 0x17f8 [ A11D15751217EEB734033BB5A929B1CD, F07CD88B7939C53DF83E93D40FB5AB115946393AFBE8DBA75FEE7247BF3063A9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:41:01.0345 0x17f8 nvstor - ok
19:41:01.0381 0x17f8 [ 8BBF06E5B2A4E5A1A74230003F6AAAA7, CE1B45DC50B6D82D85DAE5EEED4EA2A7D3E5AFAB24957437679CB366B6BE33C4 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:41:01.0453 0x17f8 OneSyncSvc - ok
19:41:01.0526 0x17f8 [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:41:01.0556 0x17f8 ose64 - ok
19:41:01.0587 0x17f8 [ F8CE0B4F1BC5E4FBDD66C1CAC4D58314, E7DC2FBA4CDBB0A35CC58E0FDF37D68891F18A80E449C0AA2C66C43A596EC4A9 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:41:01.0634 0x17f8 p2pimsvc - ok
19:41:01.0684 0x17f8 [ EAC5988AC331CA82F46BABE6363F9A81, 0F461FABCDD9C23E78F5100E090F3A3088F16EE01480F8F0FEEE04EA78AB0320 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:41:01.0734 0x17f8 p2psvc - ok
19:41:01.0751 0x17f8 [ 138FDB1EBCB61287A645BD3B06DBED5E, 1E59DE429B54E910688BF917F2AD97E66241EE3FB924C24E3627E9603E8A9C5D ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:41:01.0788 0x17f8 Parport - ok
19:41:01.0825 0x17f8 [ 52BF00E3958320FB1CEDB072B7F087EF, E062B6E9D3E4673A7D84EC0D5A2ED7F9D4118ADB9554B3C2D5A14972387A0029 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:41:01.0848 0x17f8 partmgr - ok
19:41:01.0908 0x17f8 [ 9237999CF37E245EB18D55A832FCD01D, 1236BCA0AAA6C198C0C9F9D77930F8DEBE5391579946C998C959FE6B767DA111 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:41:01.0979 0x17f8 PcaSvc - ok
19:41:02.0015 0x17f8 [ D269191D0E89BCF955E6982764ACF3C7, 033EC365A9060BEBD48FD95621038FA11B3BC5F1738F655908BB677CA1C1D4A2 ] pci C:\WINDOWS\system32\drivers\pci.sys
19:41:02.0058 0x17f8 pci - ok
19:41:02.0075 0x17f8 [ 5252320118508123B9902521CD70A8BA, 7207E0DAAFD9C7EC938CAD4107153DABDA111F67531860875D38F9DBBB998996 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:41:02.0093 0x17f8 pciide - ok
19:41:02.0135 0x17f8 [ 0543F01C97CE2D3ABB4F8CEA56B99721, CD84890DEB63C782A51A7F4D962B88CAC9AA226C3C7DDC2D2B0A56E81B00B07C ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:41:02.0155 0x17f8 pcmcia - ok
19:41:02.0175 0x17f8 [ 81D246AE6AA07A244F77883F6D4B84D7, DD8BBCFDB88A0E23E639141B76A8F00B9685E888FCDD3C48CFDFB5453AEA1661 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:41:02.0197 0x17f8 pcw - ok
19:41:02.0213 0x17f8 [ 7C5587B5911A96C10E670DFA54C9BB91, D9D4EC0EC8E7419263DC95F5CEBC24FD5F19E9FE902E902D45FAC46F4FA8E5E3 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:41:02.0234 0x17f8 pdc - ok
19:41:02.0277 0x17f8 [ 9125F14B51CDFC318BC80EEB963B897C, 53DA4241D4F022871AB901C9C9753612516E272C8F85D4723F8E37D13700C44C ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:41:02.0364 0x17f8 PEAUTH - ok
19:41:02.0474 0x17f8 [ B6C01FCE0A613DEF6502CF78D9D9F64C, 7A6A7F08C8066F68F60A006A095FA2E7B417C4CA65D40E2AA4D3859923DEE6C0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
19:41:02.0686 0x17f8 PeerDistSvc - ok
19:41:02.0776 0x17f8 [ 217DD189B66B68149ED4F7E8C9BA1DD9, F4A1550BFEFBDC09DA82F53CE94EF3261C75DB1CC7C1EDD1074D31F828A47316 ] perceptionsimulation C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe
19:41:02.0833 0x17f8 perceptionsimulation - ok
19:41:02.0872 0x17f8 [ 2E2E8BA514A93C297F124BAB53F4E921, D6B8116E5C920032A5926D5D047BFD72B05ACBB08E26F177A0B0E6B4EC735FA1 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:41:02.0906 0x17f8 percsas2i - ok
19:41:02.0917 0x17f8 [ 1C6720616FF300235509D5EFBB2CAE20, 92017ECB36EAA35AC454E890734915A658EB898C95970531D43C19461BE6562B ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:41:02.0936 0x17f8 percsas3i - ok
19:41:03.0030 0x17f8 [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:41:03.0085 0x17f8 PerfHost - ok
19:41:03.0160 0x17f8 [ 245BDF96181A884929F23AE1E991923C, 0605A8D48809CF7CA315975012C5353584ECBF1F127F52C99EC5AADEEF77556C ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:41:03.0247 0x17f8 PhoneSvc - ok
19:41:03.0287 0x17f8 [ BF22C802EE5AF15C9136877146CBBA4B, 1F7C4D5AD502D3BCFD3DFB56BD0373465FDAD297549F23543CE48A0E7B4EEC6A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:41:03.0338 0x17f8 PimIndexMaintenanceSvc - ok
19:41:03.0386 0x17f8 [ E9BF51EAB349D1B2248181410243709D, 22E4BD919BCF9C1CFAFF1DC5E59D22BA275B053C601460BB0657E9D4E30B7943 ] PktMon C:\WINDOWS\system32\drivers\PktMon.sys
19:41:03.0407 0x17f8 PktMon - ok
19:41:03.0474 0x17f8 [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla C:\WINDOWS\system32\pla.dll
19:41:03.0601 0x17f8 pla - ok
19:41:03.0624 0x17f8 [ 47997A891009AD881DFA69E018D3DF41, 954BBFB9E4C7FF79A811123D31954840590837ECDC9108161717EE29C8EFB676 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:41:03.0655 0x17f8 PlugPlay - ok
19:41:03.0682 0x17f8 [ D3FA131E692F1FC4C4D6BE5293ED74A2, 6B57D69CF3BF0B266EB3139E11216B5E86C6329A1B2B7E7B11E313BA10F8E6F6 ] pmem C:\WINDOWS\system32\drivers\pmem.sys
19:41:03.0709 0x17f8 pmem - ok
19:41:03.0718 0x17f8 [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
19:41:03.0749 0x17f8 PNPMEM - ok
19:41:03.0794 0x17f8 [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:41:03.0859 0x17f8 PNRPAutoReg - ok
19:41:03.0887 0x17f8 [ F8CE0B4F1BC5E4FBDD66C1CAC4D58314, E7DC2FBA4CDBB0A35CC58E0FDF37D68891F18A80E449C0AA2C66C43A596EC4A9 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:41:03.0921 0x17f8 PNRPsvc - ok
19:41:03.0959 0x17f8 [ 4372FC65DAF6A5912DBA10118A20A386, 4A1A9EB440A417012234826034F3057745B2FE0D6C3E6CE6145AEF23EE49C06C ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:41:04.0033 0x17f8 PolicyAgent - ok
19:41:04.0070 0x17f8 [ 562B9409AA8777204E78C629647344EC, 65C33D25E0C00731D7DEF3F127523AA5178133481915287F3267A52C74577572 ] portcfg C:\WINDOWS\System32\drivers\portcfg.sys
19:41:04.0093 0x17f8 portcfg - ok
19:41:04.0148 0x17f8 [ FFDECF73BCDC6E124ACCEA0A3DC6DB3D, EE47BBDB755155592EC9D0C203E14D9E48CD3DC8FC9F9A136548046BF34FBEA7 ] Power C:\WINDOWS\system32\umpo.dll
19:41:04.0200 0x17f8 Power - ok
19:41:04.0229 0x17f8 [ 02CFD204AA8CCE204942D19E9BB7EDF7, C3AF95B6D465F4A922D6E704D8B89E2F0E459EF67B4D09189E4404A7BD45F412 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:41:04.0275 0x17f8 PptpMiniport - ok
19:41:04.0501 0x17f8 [ 1FB1FB23A60C75086DF6A30CA664FD60, 92A5B954F2761A3FC5B6060DC31C17BC17484A6897AB86AA4DFA3D3392101D42 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:41:04.0684 0x17f8 PrintNotify - ok
19:41:04.0743 0x17f8 [ FBC9EB5BFEDBB95826C22CE797ABDD89, 05928EB8BD51FB0DF6B35035131AC9197A9043BD7F4FC8D4091880CE07550A4D ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
19:41:04.0808 0x17f8 PrintWorkflowUserSvc - ok
19:41:04.0850 0x17f8 [ 162D1E949720A17056AFF7ADB0F8694A, C07CB1E27E9A9F9ED95DCBBED8216BCDBB8BA1B25A766FFF1B96BE8888E3BA2F ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:41:04.0874 0x17f8 Processor - ok
19:41:04.0921 0x17f8 [ 8E00AA846FCBC34D659A1F2FD23B660E, 5F9B34C072B2D8126DA903401054BFA364214A114142261FC82D3BADB3176619 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:41:05.0029 0x17f8 ProfSvc - ok
19:41:05.0060 0x17f8 [ 4E750557E2310F3875CC8CEAB4CCA2CB, 7906E70262F7D47A22CC18361749106E5B377660EF17A0F2AEB44B019F825A95 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:41:05.0081 0x17f8 Psched - ok
19:41:05.0131 0x17f8 [ 8E16710DA176241E317E6F472AFBFB92, B01B1A59923E51E0193B02DAAE53C1D39CAEDB8B34446596E251BD237A44AE98 ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
19:41:05.0212 0x17f8 PushToInstall - ok
19:41:05.0256 0x17f8 [ F7918495DF1CA8168C76AC44B44DBCEE, 85C2D9E06512318E85FFBD4F3DBF7EC389773D2BC9A2E9A26498828997E480D8 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:41:05.0316 0x17f8 QWAVE - ok
19:41:05.0360 0x17f8 [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:41:05.0395 0x17f8 QWAVEdrv - ok
19:41:05.0405 0x17f8 [ 9D377A5872A0A7A33E258FFCBDB3F25F, D461798C6348C5D96EA002E4A1AC588B87A1A9B01AD84AB1FA6D9C6393616892 ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
19:41:05.0422 0x17f8 Ramdisk - ok
19:41:05.0452 0x17f8 [ 9500BA0F8F8E48449810BA0E802DF2CA, 3A79A1C48768C72B49913647336BF75CAFC10DCB8C6C54E4D05FBDC88FDADBCA ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:41:05.0504 0x17f8 RasAcd - ok
19:41:05.0537 0x17f8 [ 277B40C934092AC866E2E15B2AB3AF46, 90C8A112E8EB2242B1FB34858268CC1BD55F1F7F30AEB25DBC2435D91FCA93BC ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:41:05.0565 0x17f8 RasAgileVpn - ok
19:41:05.0608 0x17f8 [ AC0179CC701DEBE60FF3ABACF1EFE18E, B9970819DB91FDF78D655A9A8A03ED9EE020B1F722DC4AB9D003CA0B3287FCCD ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:41:05.0665 0x17f8 RasAuto - ok
19:41:05.0706 0x17f8 [ BCBEA88C494AA482EC80B0155637B7AD, 71BDBB6C9FE10F994DF274AC44278FEB1007976B186CEFFF1ABF5E3901253ABD ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:41:05.0741 0x17f8 Rasl2tp - ok
19:41:05.0791 0x17f8 [ 8AE5FDCF0D54EECE23C397D2AC803943, 456C24FD948DFBD55141032F81450A6057AFEF384130E2187143BD44ADB158E3 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:41:05.0896 0x17f8 RasMan - ok
19:41:05.0911 0x17f8 [ 9F64F241BD48201528B5273127F0FC48, 6046D09AEABE0F20101892A7AA19B6767EC2547AC056DD0FDA297630B3112C78 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:41:05.0952 0x17f8 RasPppoe - ok
19:41:05.0978 0x17f8 [ 5E2B54DBD736CB2EF29684CCE9767966, 0ADC5160A6D5B4F8A4B7E04295640EF426FDCC433C715C8568D9AF6292421B95 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:41:06.0025 0x17f8 RasSstp - ok
19:41:06.0067 0x17f8 [ 9F9326A4CF8F4E4F1BCBA494F308CF4B, F4646F2D958CB73FB408BDA1E6DE74CA85E2E6245ED84D3AC1AE8E4A8D812613 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:41:06.0131 0x17f8 rdbss - ok
19:41:06.0157 0x17f8 [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:41:06.0197 0x17f8 rdpbus - ok
19:41:06.0224 0x17f8 [ 64991B36F0BD38026F7589572C98E3D6, 9580C67C2891C34A23970B705BC64AC19CCA16AE5A6F141F59FA6AFD89F7EC44 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:41:06.0259 0x17f8 RDPDR - ok
19:41:06.0292 0x17f8 [ 43507CD5DAD793373B48973E9D94BFEA, 23A0CE3241F5FA4CEB2ACD80E264FFFD1D59B76D6B0738D56638181167A168D6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:41:06.0309 0x17f8 RdpVideoMiniport - ok
19:41:06.0343 0x17f8 [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:41:06.0371 0x17f8 rdyboost - ok
19:41:06.0459 0x17f8 [ 9F03C237C149B215424084E217F50F4D, 747596AE1D14167E5912F5718B92CF7AE3F3A1D2F6EB58A8AD09770EA61940F4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
19:41:06.0571 0x17f8 ReFS - ok
19:41:06.0628 0x17f8 [ 986822649671559AC722746CE9A37E3D, 0BC5FA256455EFB2A5C965A4B5456F810DD0169487E7F3A095D7F8BC25667250 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:41:06.0699 0x17f8 ReFSv1 - ok
19:41:06.0769 0x17f8 [ C92B65ADCC0A5ECB2E74378A280DCC4E, E9174C8BE4F980CFFE825C919A2197589D950F5B1D720FF27A21DD8DDECBCBC4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:41:06.0908 0x17f8 RemoteAccess - ok
19:41:06.0956 0x17f8 [ 844CD16309A20424F3FFAB15FBC804AD, 5FA4008B965632F8CAE398E68E9FE5797B25BD1CDD70DF5E3714A3EAB5A57E40 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:41:06.0988 0x17f8 RemoteRegistry - ok
19:41:07.0035 0x17f8 [ 3432CBF3D68E3DC486BAA84B3DA715B2, 12C6773C1ADBB53F55900F751D5717D754D57E51A2FBFE5D53436910A677DE51 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:41:07.0113 0x17f8 RetailDemo - ok
19:41:07.0141 0x17f8 [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
19:41:07.0175 0x17f8 RFCOMM - ok
19:41:07.0204 0x17f8 [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
19:41:07.0230 0x17f8 rhproxy - ok
19:41:07.0257 0x17f8 [ 2A10F8D56DB7BA8FD83FD7BAD2F9E94F, 0257C0CFBE9001DFC51D382977C77BB1B52984D01BE38E47C6B8A0018AF1CAB0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:41:07.0304 0x17f8 RmSvc - ok
19:41:07.0314 0x17f8 [ E54BB972A5D80219D640F4C8FEB5D05A, 3B39E86C0434EE91765BF818B8D1001AC0B44B86665EDE87E770302D4102574E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:41:07.0365 0x17f8 RpcEptMapper - ok
19:41:07.0394 0x17f8 [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:41:07.0418 0x17f8 RpcLocator - ok
19:41:07.0498 0x17f8 [ 47E9BCAEF5978A15A48A9ABC50E3CBC9, 027B35CF51A686F2D5871615050DB0B071CAB01AC146055350A584F37A724643 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:41:07.0584 0x17f8 RpcSs - ok
19:41:07.0606 0x17f8 [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:41:07.0649 0x17f8 rspndr - ok
19:41:07.0676 0x17f8 [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:41:07.0692 0x17f8 s3cap - ok
19:41:07.0720 0x17f8 [ 289D6A47B7692510E2FD3B51979A9FED, 0777FD312394AE1AFEED0AD48AE2D7B5ED6E577117A4F40305EAEB4129233650 ] SamSs C:\WINDOWS\system32\lsass.exe
19:41:07.0739 0x17f8 SamSs - ok
19:41:07.0773 0x17f8 [ 4CA372523A260F7DF3D9B3A931FB0ADC, 7C80A1D636C94918A14A3A58A818DFE94C0FCFA8BD152AE2B0A31D3F081E8914 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:41:07.0793 0x17f8 sbp2port - ok
19:41:07.0827 0x17f8 [ 71C746610DFF18874693AFDD5B25BABA, 6A2938EE2A1963296295612DE173D6881DE1910ACB74EDC5D1A9466240B3CE3F ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:41:07.0882 0x17f8 SCardSvr - ok
19:41:07.0924 0x17f8 [ 76F6081421F87CE9511E30A4C71436EC, D36661B6EF8DCA14DABD1AFD757B321B2857CCBB5A61C823E616FF977DEBB36D ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:41:07.0965 0x17f8 ScDeviceEnum - ok
19:41:07.0995 0x17f8 [ 4DD308224405678E6001B5EF1B0504AD, 7A18A11E01D5FB362CDC55F0272F4EB80373E3C91A96444D3A7727ECE3A99DF1 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:41:08.0025 0x17f8 scfilter - ok
19:41:08.0086 0x17f8 [ 3B92A61CBFB21A4502A663F09B362925, 9FA2CB4E283623F56ADBC1E779EA16CD3A7A89DDD6AFCA932968C3F77C8365F7 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:41:08.0171 0x17f8 Schedule - ok
19:41:08.0236 0x17f8 [ 7CA616D43C32CA2608D826EB8AB0D5C5, 0424A4B8F03F8EAD874C6A78190BA94781FB8E0BB7966109610CE4C653102A56 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:41:08.0257 0x17f8 scmbus - ok
19:41:08.0294 0x17f8 [ 51E79AABA84EB677AB3F0AEDBA5523B3, B6AF6AE092AE71AEFAE666D07938FF104B5821A6428393BD66DEF3EFBB9ACCED ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:41:08.0327 0x17f8 SCPolicySvc - ok
19:41:08.0354 0x17f8 [ 08ADF484ADFE02168209781258624D15, C5D8EDC0A45FBB42EA5F64E4F901C1D1D8A96FD10FB3887944AC58C04DD731F8 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:41:08.0389 0x17f8 sdbus - ok
19:41:08.0420 0x17f8 [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
19:41:08.0448 0x17f8 SDFRd - ok
19:41:08.0495 0x17f8 [ 057F87F314C9A4C5564EA8125E174441, 964D770DC74D9EE87E865A3278577D7C1FE4ABF88C1B88BD029090E6D5985FC8 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:41:08.0593 0x17f8 SDRSVC - ok
19:41:08.0622 0x17f8 [ 7688976856AB4B99BAA49C6D9FD54CFF, 32D055054EDB9D10C76AF7459DC39C6A119FF87022096F8CB4DFBCFE07EFB58A ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:41:08.0650 0x17f8 sdstor - ok
19:41:08.0687 0x17f8 [ B4DB6AB77D5476F0096D44052C7DB1B9, EE7A17583220A7A3B74A28D432CE8C9B6BEFE6F19C1062F8F286E640F5BBAE9E ] seclogon C:\WINDOWS\system32\seclogon.dll
19:41:08.0719 0x17f8 seclogon - ok
19:41:08.0772 0x17f8 [ ECEB454074BD9BB9216C24F147EC7164, 9B962CBDFAF32D0499614107B24888D1D5B838CE9B518042FC35AF200D8C5A1F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
19:41:08.0831 0x17f8 SecurityHealthService - ok
19:41:08.0887 0x17f8 [ 9A0F874FF0FE0099A83706E6015DA522, 8D02A3274D684C7736F5C088C56C19A628EA225319CF56EE5FF366F4194A77C4 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
19:41:09.0002 0x17f8 SEMgrSvc - ok
19:41:09.0021 0x17f8 [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS C:\WINDOWS\System32\sens.dll
19:41:09.0063 0x17f8 SENS - ok
19:41:09.0101 0x17f8 Sense - ok
19:41:09.0179 0x17f8 [ 5A3B2A346DD3822803FAE613842839BE, C3DE970DAA10864AD81F1D9B264C2043F7C7C77288E4F7CC38A56E0C724CCFFC ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:41:09.0347 0x17f8 SensorDataService - ok
19:41:09.0383 0x17f8 [ 207FA2E4C1C74D930C61F01E3DD8EAD6, FD98FF3DF2A33E4893D0E8E8E48F88DEC42443B9CDA289EA755D53471988488A ] SensorService C:\WINDOWS\system32\SensorService.dll
19:41:09.0454 0x17f8 SensorService - ok
19:41:09.0480 0x17f8 [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:41:09.0613 0x17f8 SensrSvc - ok
19:41:09.0652 0x17f8 [ 22068CA363EAF69A8EF6EBBBD580A8E8, 45F87C7D04B8F20290BBA8517BACE138D1E2112A268CCFFC2DFC407A81C0A197 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:41:09.0671 0x17f8 SerCx - ok
19:41:09.0695 0x17f8 [ A5E6D99D319610030C3CA982DCAA3624, 8F1BCEDC5FEA5AF0260B573EE171E1D895EBAB5A51BEA1F84D3043F6612050A9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:41:09.0718 0x17f8 SerCx2 - ok
19:41:09.0738 0x17f8 [ 7A289A4FFAA43D81F091A302512059A6, 9A4EC5EAF65ECB6518C462E837EB76286F1BA7A8C9E26DC46586DC4F189BD1B7 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:41:09.0779 0x17f8 Serenum - ok
19:41:09.0799 0x17f8 [ DCE5D050F3B06D30985EE126257DEEB6, 024C1F9FBEFDCBC174733A5C97B121A6D7AD30E836C1820054BCB45F99FB4373 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:41:09.0825 0x17f8 Serial - ok
19:41:09.0841 0x17f8 [ B13F5A8574F0B71B2E4C84B171C28724, C812F61726BDFEFFE468DFA3491E5F465D22835C54E3559E04B452940C0EEEEE ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:41:09.0864 0x17f8 sermouse - ok
19:41:09.0914 0x17f8 [ 34061FAE78F8588EA20161E368825006, 501EA5AA9CD153112B5E137605353F74C9B0E9C46DD0F2A38B484781152512E2 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:41:09.0991 0x17f8 SessionEnv - ok
19:41:09.0998 0x17f8 [ AD1B790A42984A825068B849A88AD322, 63881202D6D900656F50A0E40CB743D0769C2AD9810FE96387E9DAF2BC89E4C5 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:41:10.0031 0x17f8 sfloppy - ok
19:41:10.0051 0x17f8 [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
19:41:10.0070 0x17f8 SgrmAgent - ok
19:41:10.0104 0x17f8 [ 3BA1A18A0DC30A0545E7765CB97D8E63, F9CBF1FF87D6F11920C4B7367EA2178BF13AA276C65D918950683983F268BC1F ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
19:41:10.0132 0x17f8 SgrmBroker - ok
19:41:10.0213 0x17f8 [ 4C4344F6BB5D7B2C8E0BCFF10C164E47, 68FE0D9A5594A5DC6F3BC9EC7F7CBB024DB9CB00E2A6F1D07E1FD32A731642C8 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:41:10.0293 0x17f8 SharedAccess - ok
19:41:10.0327 0x17f8 [ 73355EA986F9B1D3C31460ED854B77A1, 080577CA05BE061DA02FBC5E87ACAB60DB7BB97BE761952774E521FD0B94F43F ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
19:41:10.0373 0x17f8 SharedRealitySvc - ok
19:41:10.0403 0x17f8 [ 66BC5712F8BCED56437B312F36076417, 4A3BAB6481B7B2E26021929E89C13DAAB415ED1ACB15CB2A4B934327AD2A4449 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:41:10.0461 0x17f8 ShellHWDetection - ok
19:41:10.0514 0x17f8 [ 41CF7E76FBE1B3B44F90D51E258E6281, B71AFB776924F3023F81ECC5CF0F26246BA9D64A30E2D6B580964A31AA3115A6 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:41:10.0584 0x17f8 shpamsvc - ok
19:41:10.0600 0x17f8 [ 9AB1BADC5A324DA39186B81BC6CE6E2E, 567710C90BD71600A31A3408DB065B43C844DCFD12045FDE04CD59D932DC8353 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:41:10.0617 0x17f8 SiSRaid2 - ok
19:41:10.0637 0x17f8 [ 60213AF297023C005453E1CBF7CB6FE7, 718C833E5EDFE642F3B254515E29641BF2D8E56E22F6B795024BF64721AB874E ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:41:10.0656 0x17f8 SiSRaid4 - ok
19:41:10.0696 0x17f8 [ 196A46BA842A219EC6DE7B7B7D9AAB7E, 4EF7BE37F92557C8B0D30999541F284CC4A3E8FD98E0D78146F9F00D54E11BB9 ] SmartSAMD C:\WINDOWS\system32\drivers\SmartSAMD.sys
19:41:10.0720 0x17f8 SmartSAMD - ok
19:41:10.0766 0x17f8 [ FF75E3F42E77904238AED44E4E03BAEF, 535013A9E3324198E1016963EBF306F3D34583F7031EE753EC6095B15E2D492C ] smbdirect C:\WINDOWS\system32\DRIVERS\smbdirect.sys
19:41:10.0856 0x17f8 smbdirect - ok
19:41:10.0929 0x17f8 [ C67697A38E6D646F97EFF462DED68CF3, C6A8B2BAAC830D59E05949485F77E6803ED0138FEEAB6C2DA58A3D0BF5361A3E ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:41:10.0954 0x17f8 SmbDrvI - ok
19:41:10.0983 0x17f8 [ 3003CE5DDF52E89BDC63D1A642DA4392, 7403EB5F01E48D14B5F239BED603D12B539435DE4F8FF952C7733A7D187546B8 ] smphost C:\WINDOWS\System32\smphost.dll
19:41:11.0004 0x17f8 smphost - ok
19:41:11.0040 0x17f8 [ AA35F8D0001485C5F56439A806F57F52, 798A317F7FC355673FA12FA0915CA96FEB7F92BC0BA3BEE593F793D98C82CF58 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:41:11.0120 0x17f8 SmsRouter - ok
19:41:11.0140 0x17f8 [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:41:11.0168 0x17f8 SNMPTRAP - ok
19:41:11.0197 0x17f8 [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser C:\WINDOWS\system32\drivers\spaceparser.sys
19:41:11.0219 0x17f8 spaceparser - ok
19:41:11.0304 0x17f8 [ 80DE13A4BBC5607EFDACDCD72E8649D7, 9399560953FCC7D6E0474C7BE6F248066426AB783572D5796D6187D48D240470 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:41:11.0358 0x17f8 spaceport - ok
19:41:11.0379 0x17f8 [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
19:41:11.0398 0x17f8 SpatialGraphFilter - ok
19:41:11.0441 0x17f8 [ 0DC5FEFB7DC0A5CACDCC2C0CE172C731, 552011160EE319DCD54767A0E7F4AD709EB4C021C63DCE147298F5743E74220B ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:41:11.0460 0x17f8 SpbCx - ok
19:41:11.0543 0x17f8 [ 877D0CF65C2966F3602F7CCD0E6B5C39, 57ADE4D8A649A99CBFE0E438C76C0A12DDD1600148B4653DE7DD5A9AC7D47F43 ] spectrum C:\WINDOWS\system32\spectrum.exe
19:41:11.0619 0x17f8 spectrum - ok
19:41:11.0704 0x17f8 [ 95DA3567F1C303808C47F4D92817CE73, D0C4AC02BEFF8177A6F51C41C4CE3F59210456CB6C69BCE5E5CBDDF7A253F4D3 ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:41:11.0766 0x17f8 Spooler - ok
19:41:11.0958 0x17f8 [ B5AD2F0A33FC64998157CA14AB399182, 9CF99A57AF982BD13BC0F8EFC7CFA9855BED130ADECD262A04CAA1D0A424467F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:41:12.0127 0x17f8 sppsvc - ok
19:41:12.0198 0x17f8 [ 44FE6FAD6C8AB01D3AF70BCED54CF57D, CA367DE829AEAB638113AC4C9195173F9B81653C33FAE99B2B551DCF1D5EC4BC ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:41:12.0294 0x17f8 srv2 - ok
19:41:12.0336 0x17f8 [ 3252DC8326BD1EAB79BDB56E1ED10F39, 79032E30C16D58A894CD3336CE214FCDFF6C90516C4AAA3B758B917B68C4F587 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:41:12.0396 0x17f8 srvnet - ok
19:41:12.0449 0x17f8 [ FE9B7B52679C9D79EE8B48A851CAB3BE, DB77A17320D1F851E875AA626CBFACEFC23A0A2786F8291CE370B788B93E560A ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:41:12.0514 0x17f8 SSDPSRV - ok
19:41:12.0584 0x17f8 [ 66969AA56E77953E596470C73A9004E0, 71F4CC7595C6D5E93AAA14259DF817C6C1D4BBCF285545FD980F6DBC86A30379 ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
19:41:12.0665 0x17f8 ssh-agent - ok
19:41:12.0696 0x17f8 [ D3B790EB60E3C21407DC23F724AC93DA, 47C09C9ED7C2414F48D51A68B66678BA2CD63F52C55F30697CB6059DAEA85206 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:41:12.0751 0x17f8 SstpSvc - ok
REPORTE TDSS KILLER - PARTE 3 (FINAL)
19:41:13.0012 0x17f8 [ 52DE4DBAEB0651561CF1D4B3D446D399, D9CE79C8560EB17392AB7A9307DD29806FA7F0A90EF8DB1B51B672B8B87AF330 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:41:13.0321 0x17f8 StateRepository - ok
19:41:13.0355 0x17f8 [ 09DC471B4573F3D01D7E448B526AE70A, 766FD1E1D2F73DE202FB337F6A6A5BA0317772AAAA644E9103BB5DF438162F51 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:41:13.0372 0x17f8 stexstor - ok
19:41:13.0458 0x17f8 [ DE9AC6943C692B8C6D56C21913E1AD97, CF00C5AEEB98F845D23448204C5EC95862D2FBEB8C8D7CC6C219C9C7E5CB9EB5 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:41:13.0533 0x17f8 stisvc - ok
19:41:13.0560 0x17f8 [ 25BB6274EC9795A04AC3C08C8156D084, 44888AE5F7C4047BCF4246958D50941C331710162C64160FDF1C6A5BFCD190A2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:41:13.0583 0x17f8 storahci - ok
19:41:13.0600 0x17f8 [ 5A129E186A7A4E3CCBF090682D48F8EB, EEF4D748F421A65B0CEECC3F499574FD1B4B2E654428C0693D76074A2BC257B7 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:41:13.0618 0x17f8 storflt - ok
19:41:13.0658 0x17f8 [ 2D97B523AA06AC44FBD2B69017E330BC, 02E61046EDEEFED369D2B9F3331118DF41911F5128123D137C03A0A446F1A7B2 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:41:13.0681 0x17f8 stornvme - ok
19:41:13.0691 0x17f8 [ 995F082126674C6D1423E29FBCEA9F39, E86386156F982B59C00991D40A6E1862CA322F151BF965B14572D13AA207D614 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:41:13.0708 0x17f8 storqosflt - ok
19:41:13.0781 0x17f8 [ 901AF13BB4B27578A03330DE389867AC, 83144E5E7B3DB737AED36E466E6F1D5D5160DD8C3A2F7A9BD9BA11D6E5062A4B ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:41:13.0865 0x17f8 StorSvc - ok
19:41:13.0885 0x17f8 [ 0D46C43967BBED3146CBCD2BBE7A2365, D59DC3964114A0FD33EC8B0BE78CE2CD3980793A0F99DC9B92C54EA887B1F3D5 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:41:13.0905 0x17f8 storufs - ok
19:41:13.0929 0x17f8 [ 0A13C67C267BFA1A0D1FE72A9D65BD5F, B44327F3134FA0166ED9E31BC724120B642AE5E96CEFF599867F03463ABB1406 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:41:13.0945 0x17f8 storvsc - ok
19:41:13.0979 0x17f8 [ D73F83E795F3BC100C21EDA2BD6DE307, 0DC828C46E057ADA9934424BF00067B17EEB8E0108CE1E309C8DEA4CC42448BA ] svsvc C:\WINDOWS\system32\svsvc.dll
19:41:14.0016 0x17f8 svsvc - ok
19:41:14.0112 0x17f8 [ 0547BB19EFA07BEF0F679A054EB5CFEC, D618F57B78B3FFEC29E8C4472E0AA72EF1CA0C83DE968373B818ABA4D9747E2D ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
19:41:14.0137 0x17f8 swenum - ok
19:41:14.0176 0x17f8 [ 983E28818E8754A18812EF9AAB681AAA, E0DA9FC35E54D6782ABC18EEE7CC7E62A217DD10683F9BBEABEF27B0258853B6 ] swprv C:\WINDOWS\System32\swprv.dll
19:41:14.0255 0x17f8 swprv - ok
19:41:14.0273 0x17f8 [ B39DC667DF14C7F1B9A58DE17BD45BE3, 52A4DBA20C16B2E34FBDDDE966700A3E8E183011A44ABECADCD4D3F93D29637B ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:41:14.0306 0x17f8 Synth3dVsc - ok
19:41:14.0367 0x17f8 [ 46062E452891A8D6D3B96DCAADDCC084, 0A4D4B16B7F8C751D3887FFD9977BAA8B76B321CCA06F024D93E2867D22B4F8D ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:41:14.0415 0x17f8 SynTP - ok
19:41:14.0562 0x17f8 [ B811CD167596F904F68026058C293BD5, 2DE8492DAA8E1B43C251EA3498DE891B1B38A32B6902D91225CF918398E434EE ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
19:41:14.0605 0x17f8 SynTPEnhService - ok
19:41:14.0717 0x17f8 [ 6C608C28F3469A3FBB1FC762945AED44, 07F5694D440B9807DB933E7091BC002C395B99F01A4423316118F1A860B60C1E ] SysMain C:\WINDOWS\system32\sysmain.dll
19:41:14.0804 0x17f8 SysMain - ok
19:41:14.0832 0x17f8 [ 423D06D055EF34814B8670C69452A6BD, 8FA9EFF2DDACF339499977D3602998150FC8CE0C62BE30CD390F98F95998ED76 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:41:14.0886 0x17f8 SystemEventsBroker - ok
19:41:14.0910 0x17f8 [ 055070E3AC1F342125E3296641BDC4D3, 6385EE02D392FCFFB41CE5C5D4CD03C245828D98DCB01F0B4358B431257F9F5B ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:41:14.0962 0x17f8 TabletInputService - ok
19:41:14.0991 0x17f8 [ 20CEAECE4ECDEBC89C82F1998696D596, 439559DE34BE096824CB70A97524E843CE2802092A9C882167F4CB08FE9664A7 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:41:15.0055 0x17f8 TapiSrv - ok
19:41:15.0208 0x17f8 [ 4776F0E22FACFA29E7B8C50F2AF368ED, 036BA2D9A494BB7BC0A5DB85D0CC025CF39B1F27E17CB909FDD2CE880C859FA0 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:41:15.0387 0x17f8 Tcpip - ok
19:41:15.0498 0x17f8 [ 4776F0E22FACFA29E7B8C50F2AF368ED, 036BA2D9A494BB7BC0A5DB85D0CC025CF39B1F27E17CB909FDD2CE880C859FA0 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:41:15.0610 0x17f8 Tcpip6 - ok
19:41:15.0647 0x17f8 [ E9C5CFA5C37AC7CA5632D41B5C87B642, 406E5542B688C5BDBE5F9967E22B386BF6BD96E56234A8D41AD0548E1631F7F5 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:41:15.0682 0x17f8 tcpipreg - ok
19:41:15.0718 0x17f8 [ 2A8B28579A4964AA7EA8CEB1AC121243, BB34DC5199DE15F7D57AE52DF427C39D2FD34FAFA8136F783F2F089CDEBA0130 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:41:15.0738 0x17f8 tdx - ok
19:41:15.0763 0x17f8 [ 2213610676B404B157ADFFE312567458, B2E02C5049357A2DFF1CF4F6F64AC6E1DCCEDC245E96D5BC0585E88E7622D1B9 ] Telemetry C:\WINDOWS\system32\drivers\IntelTA.sys
19:41:15.0778 0x17f8 Telemetry - ok
19:41:15.0802 0x17f8 [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:41:15.0818 0x17f8 terminpt - ok
19:41:15.0895 0x17f8 [ 1AE6F9A31B141E33F8D537F50BC19B5C, 957D8DC8FFE1980EF9A69F4BF92EBB2EF1A79C4CF763C79F46C7C26CC2DD00A2 ] TermService C:\WINDOWS\System32\termsrv.dll
19:41:15.0996 0x17f8 TermService - ok
19:41:16.0026 0x17f8 [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes C:\WINDOWS\system32\themeservice.dll
19:41:16.0071 0x17f8 Themes - ok
19:41:16.0107 0x17f8 [ 761EBB96C8217CF5795ACF429BDF9E88, 4CCDB591EE16507879D8F12C0BDD40FACBEEF03BFC553A84270284D4930B433F ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:41:16.0172 0x17f8 TieringEngineService - ok
19:41:16.0202 0x17f8 [ 6B761253F07F46BE2B16C768B1F22551, C4E63135EB9BAAB1B7DE928C914CACEAB1E4862D6C5913B23EFC5B8986B1D91E ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:41:16.0249 0x17f8 TimeBrokerSvc - ok
19:41:16.0318 0x17f8 [ 667698B4CA27F560125F74090602F16F, 6C72728D02DABFF7F95415C828372A343B4C7F12B3B32DDBED10644A040BCC4C ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
19:41:16.0475 0x17f8 TokenBroker - ok
19:41:16.0535 0x17f8 [ D8947BEC3FBC2039F4DCBF4CC0E6CE3D, 3FDE70996927C91011D97D73CECC9DE7236DC8B11885074915DF19E4300ED906 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:41:16.0563 0x17f8 TPM - ok
19:41:16.0588 0x17f8 [ 6B7A6ABB160045852805449227F4F93D, 135192B2D889D498A1F2F27BDE332FDA75C36CF9267E69A4953718EFFDEAA374 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:41:16.0617 0x17f8 TrkWks - ok
19:41:16.0662 0x17f8 [ 3DA6626A382D065029AFD0D4812D68F8, 5AE12E9EA89065333605487F09E8B5FE3C617C020F824964557133E579D5D5A3 ] TroubleshootingSvc C:\WINDOWS\system32\MitigationClient.dll
19:41:16.0737 0x17f8 TroubleshootingSvc - ok
19:41:16.0809 0x17f8 [ D098F2FC042FBF6879D47E3A86FBB4A1, 7F0E3E2682A24A6B27484226CC0C7B30F837EA08B01F82C7B7AC094BF0A88CE5 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:41:16.0853 0x17f8 TrustedInstaller - ok
19:41:16.0889 0x17f8 [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
19:41:16.0925 0x17f8 TsUsbFlt - ok
19:41:16.0947 0x17f8 [ 7845DD22FA7B91FDF0522344B1BDA012, 161A01BAC7E84B72BC6C2E83A63CC9E1DC7E2E9104C1645CD098D14094D2AC79 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:41:16.0970 0x17f8 TsUsbGD - ok
19:41:17.0010 0x17f8 [ CC6D4A26254EB72C93AC848ECFCFB4AF, F7293644E8A4548907E6D34C41BA3AC60C0A623A0215D3191E6745ADEF811DA4 ] tsusbhub C:\WINDOWS\System32\drivers\tsusbhub.sys
19:41:17.0069 0x17f8 tsusbhub - ok
19:41:17.0084 0x17f8 [ 46FE692F3C135CAEA0A47A8054E28F71, 6765964479C10501B21E0A17BC7B77CFBB5666181ED5F8AC939FC87CBCD288E7 ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
19:41:17.0125 0x17f8 tunnel - ok
19:41:17.0172 0x17f8 [ 43AB3885EBB5AEEDE4D400C6C21CB7ED, 4B43B5FFAFB38160FE880D43A24072BB48FD3E2AC9AA34FCECCE461ED9ABB47C ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:41:17.0228 0x17f8 tzautoupdate - ok
19:41:17.0243 0x17f8 [ B252C02C6606212D70B6D2AEED653E20, EA651602246A6E9EC5786CFC7B92E15F5529908CA1646CF0D8648841D986979C ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:41:17.0263 0x17f8 UASPStor - ok
19:41:17.0279 0x17f8 [ 1020E0CEB0EC9FB54F0A2C8E8D4CDA62, 6D952B704BF08DDF4740796230751027143F9434D651962E8CDDB8F6FE5F5A8A ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:41:17.0315 0x17f8 UcmCx0101 - ok
19:41:17.0357 0x17f8 [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:41:17.0398 0x17f8 UcmTcpciCx0101 - ok
19:41:17.0420 0x17f8 [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
19:41:17.0454 0x17f8 UcmUcsiAcpiClient - ok
19:41:17.0481 0x17f8 [ 1ADE4D1F65B4A1E52F701C69FB455769, 3E5CDCC098149853A7EFA05EA1B714182C82E4153F2DA3C50BA30DF2B3E05EB6 ] UcmUcsiCx0101 C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
19:41:17.0520 0x17f8 UcmUcsiCx0101 - ok
19:41:17.0552 0x17f8 [ D6BEDCCB2E48589944EDC675D335677E, 2F5A5BA7AEC40C1A440C8DFF81DCE5AB0BDF9CC70ADDE48F8B652665B61F9915 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:41:17.0577 0x17f8 Ucx01000 - ok
19:41:17.0585 0x17f8 [ 6861422B7FFADDEAAA64A0539C910178, 4F8193C0A3525B78CA3CAF4731AE997A214F3DF180F0A3ADCEB2D31D3217850C ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:41:17.0609 0x17f8 UdeCx - ok
19:41:17.0662 0x17f8 [ 84E7E56F890476F137ED6C5E30755681, 66201EF04517CA68BAED903F83890E8E1937AD22391CB2F2A92D309AF981E628 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:41:17.0711 0x17f8 udfs - ok
19:41:17.0921 0x17f8 [ A1EB8F010B6A6917775CDE781F5DBF83, 696FAF63084BA638B136B0C98FD2A64F02E5DB378AF6288F979FFD5741DDBA5F ] UdkUserSvc C:\WINDOWS\System32\windowsudk.shellcommon.dll
19:41:18.0125 0x17f8 UdkUserSvc - ok
19:41:18.0182 0x17f8 [ 264C183C222EF95D4C64DFA8BA5F0479, 3EF244E91851E03BE77DE49FA7E36769DE287B0CB732CD0140C39FE5118D80B9 ] UEFI C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys
19:41:18.0200 0x17f8 UEFI - ok
19:41:18.0238 0x17f8 [ 2EA13303C6C6071DB50A009248E6C53D, 144E970717517193390885971380828825F7955C215867D39DC5BF3D695312A0 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:41:18.0258 0x17f8 UevAgentDriver - ok
19:41:18.0370 0x17f8 [ 13773AB7F2D31751C6F31C2A2B140C29, 2CA4599932145F20A506F69E5ADB7DFDAFDE25249CDD99B0CE8F251F616B042B ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:41:18.0509 0x17f8 UevAgentService - ok
19:41:18.0548 0x17f8 [ 01951AA29AC2A4E4EB957BA167044C27, 5F97E9D1343FE739E35B65CFA659037421A2E0A4081CF10AD4CE94B915C02BC2 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:41:18.0575 0x17f8 Ufx01000 - ok
19:41:18.0617 0x17f8 [ EEEECAFD642DB20A8470090C2ACAA6AC, 70FEAD3371792160701D47A808FC78786766E4C7CA7C5ED8DA356BFC991A275A ] UfxChipidea C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys
19:41:18.0635 0x17f8 UfxChipidea - ok
19:41:18.0680 0x17f8 [ 331794BFDC5329F9B8461E12C7CEDE5A, 1F6A0EFA94227DBA7B2B5EB0D574843372D1E77E7E1DEB2D52D7B32DDFBAA442 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:41:18.0703 0x17f8 ufxsynopsys - ok
19:41:18.0763 0x17f8 [ 49AD5158048F8C9650D488BFD6FA8478, 2522C3F082428610A62311FA5A2FEB147BEB08B20BF74DC3574EDBBCD6352C07 ] uhssvc C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
19:41:18.0804 0x17f8 uhssvc - ok
19:41:18.0835 0x17f8 [ E0E764F688DCACBA011BAEB2017B903F, 7802DCDA6F49494245EC9304AECED7BB2E90908BED25A4D47F1FF4615B03DED0 ] umbus C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
19:41:18.0872 0x17f8 umbus - ok
19:41:18.0891 0x17f8 [ 493AF687E60E144F59E3F5B7E27AA39B, 3062B25A7747BC417E1D498DB1B11C9631D80F57E4A048101EF5AA26206AE838 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:41:18.0928 0x17f8 UmPass - ok
19:41:19.0010 0x17f8 [ F15F32CEED183A2A2CE80132EF6B547B, 65BF62BAE95AF9CC0FB5D33D4B696410C22D77B779FA61A797890BCECD93E190 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:41:19.0067 0x17f8 UmRdpService - ok
19:41:19.0124 0x17f8 [ 151F499802C7B8968CB518996C4CB6D2, 47432A0E6EACE87AB414A31F2EF6D7D42B3F9A6D3DEE9D00A1D5AF82BA841C7E ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:41:19.0244 0x17f8 UnistoreSvc - ok
19:41:19.0350 0x17f8 [ 9F1CFEC650A2075EE0E321875983647B, A67F79497D8278BAC9EF928942C644007928FBDC87D625B7DD8DEB2CE69DC037 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:41:19.0417 0x17f8 upnphost - ok
19:41:19.0452 0x17f8 [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
19:41:19.0468 0x17f8 UrsChipidea - ok
19:41:19.0502 0x17f8 [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:41:19.0545 0x17f8 UrsCx01000 - ok
19:41:19.0578 0x17f8 [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
19:41:19.0594 0x17f8 UrsSynopsys - ok
19:41:19.0635 0x17f8 [ 3F4E3E9D00BDFC16907BB29639160F33, 5C234996C4138031CC07F27CB66F13A775923B644D3ECA334FF30BA91E927B96 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:41:19.0666 0x17f8 usbaudio - ok
19:41:19.0699 0x17f8 [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2 C:\WINDOWS\System32\drivers\usbaudio2.sys
19:41:19.0747 0x17f8 usbaudio2 - ok
19:41:19.0771 0x17f8 [ 4C3A34A2A1AF5C9621883A98D772DF5A, A9F804CABFBC2CB82B4DDCEAE9695933273519CAABE56C24ED8E1225824CC263 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:41:19.0796 0x17f8 usbccgp - ok
19:41:19.0813 0x17f8 [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:41:19.0852 0x17f8 usbcir - ok
19:41:19.0881 0x17f8 [ 31D1F64C8BFED84F25D8D1AA61954937, 41C6B63270E12EE572430BCF90C242C2D6CF3FEF6A8A08246E6F12C1D004E715 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:41:19.0902 0x17f8 usbehci - ok
19:41:19.0944 0x17f8 [ 560505AB70C0F33B4E832E4ED93CC77E, B93EC69C2A03B7E5BA3F0CC5A5744C9A51DFDBD5448FD9CB2FEEBBEB786B2E1A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:41:19.0992 0x17f8 usbhub - ok
19:41:20.0031 0x17f8 [ 320937358C196532C79DBC5B1D1DB04A, BE676C1AE60DB19B9B5352F9D4E462755456745305FF40E64D1C7DBAE1E0A6B6 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:41:20.0086 0x17f8 USBHUB3 - ok
19:41:20.0109 0x17f8 [ EF2DE6FC99AEA4BC7BA4C3949BB43BE4, F99527741C60A838D5C8ADA8EF1AD58C71CA56E4EF0C41B2E6D254E7A881D327 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:41:20.0132 0x17f8 usbohci - ok
19:41:20.0157 0x17f8 [ 94839E1A9575C5B6ACA9638DDC39D6F1, B353208414B30843AE2A7E4B8E184078A2058215A9C953CC1F39D03080C51C70 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:41:20.0193 0x17f8 usbprint - ok
19:41:20.0217 0x17f8 [ D4027A591DA934DF3E0085D80F3ED704, C9CAB808CA3D39AFC2A4C6F088B00E8711B0418EF74BF576626EE3ABB315CC2D ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:41:20.0258 0x17f8 usbser - ok
19:41:20.0279 0x17f8 [ 35F1074B2EE770E6EE1B962AFAA9955E, E068E0B161F5A44968C2E5AF7CD39CD5FD2EAF33294015DB06ACDE3BD4810A63 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:41:20.0304 0x17f8 USBSTOR - ok
19:41:20.0320 0x17f8 [ 7C4F169570186EAE3609DA7CCB7360D9, 133FDC1F1C0B403AFAC71215F6767B01D26F661A61C3EAC303B6348C25EF1D72 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:41:20.0343 0x17f8 usbuhci - ok
19:41:20.0381 0x17f8 [ 0D41A1D7DDE2FE5126AB633050ACDDB2, A5AF25E9A7BBEC2A2B9D4B085B0B1DA11D98876E1762DB593D276708517C2C36 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
19:41:20.0413 0x17f8 usbvideo - ok
19:41:20.0461 0x17f8 [ 9A8FC3F17E1DB7455F4400467BC38AC3, 7D87670E29D4E0587909E947C0E12DEF763D69495D2C9A1722F8E33890862084 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:41:20.0516 0x17f8 USBXHCI - ok
19:41:20.0597 0x17f8 [ 66ECE7F6EFB169609D1819B2CBEDF11B, A815AC2154C822C48BEA8BBFDE56BF1BC2E72D2FFC952B34CD8976D50824ED77 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:41:20.0731 0x17f8 UserDataSvc - ok
19:41:20.0811 0x17f8 [ 0D4BB7A23B080F0D14D9FD91967945F9, 80309650418FE0CC7D18795533A99AD83F7232691F9647A7C03FA183DBB4F32C ] UserManager C:\WINDOWS\System32\usermgr.dll
19:41:20.0925 0x17f8 UserManager - ok
19:41:20.0992 0x17f8 [ 08FC2C68E075AD6EE2B2E6C8510537E5, E4ABA1398E6FCDF9849719974ADDDC575A76B2F09A60BFC040179EE125D96D53 ] UsoSvc C:\WINDOWS\system32\usosvc.dll
19:41:21.0074 0x17f8 UsoSvc - ok
19:41:21.0115 0x17f8 [ 5C5DC8E40CFC3979E793348A009434B7, 97AA8A487DAF0699E569B3E657EAC605302C74B75DAF2058856D799D32EA8026 ] VacSvc C:\WINDOWS\System32\vac.dll
19:41:21.0155 0x17f8 VacSvc - ok
19:41:21.0180 0x17f8 [ 289D6A47B7692510E2FD3B51979A9FED, 0777FD312394AE1AFEED0AD48AE2D7B5ED6E577117A4F40305EAEB4129233650 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:41:21.0199 0x17f8 VaultSvc - ok
19:41:21.0212 0x17f8 [ 661233B58190B487682839F1559A7962, 2BE132106C26A9073B6E9CB646E6A2C003558B8924ED0BDC3A0533FC98E03BF4 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:41:21.0230 0x17f8 vdrvroot - ok
19:41:21.0278 0x17f8 [ 0781CE7ECCD9F6318BA72CD96B5B8992, 2ACEAC6D51E610F85F35175C3A511F59D5B080D95453662E58C9D578DED42A89 ] vds C:\WINDOWS\System32\vds.exe
19:41:21.0369 0x17f8 vds - ok
19:41:21.0416 0x17f8 [ 46684A95E908F0A6A2355AA46A3B2A77, A25DFDA0572EF014905619DF21427518EA5C01CFB13B9927ADA305B29DBBFEFE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:41:21.0444 0x17f8 VerifierExt - ok
19:41:21.0482 0x17f8 [ C689A01449C32DDFD4607CC84054FFCC, 1FB7A3177EFE35EAA54F4D92798B70BD4C1EDBA08FF1952BEF227A80C02401F7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:41:21.0540 0x17f8 vhdmp - ok
19:41:21.0561 0x17f8 [ 7F2F04A354582D3D34F5B2B4EFF07189, 98188182D328414832D06E957601A997AD2B2B0F088B089181EDE8FAB0AF733C ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:41:21.0584 0x17f8 vhf - ok
19:41:21.0622 0x17f8 [ 53641E9B5A382A6D5A84DEFC26E128C2, 44C1BDB8F60FEC993CB62725F802AB8A309FD3B66C44FC6293D07D102318C2E2 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
19:41:21.0677 0x17f8 Vid - ok
19:41:21.0724 0x17f8 [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
19:41:21.0780 0x17f8 VirtualRender - ok
19:41:21.0805 0x17f8 [ C137D9B23F2E231DDAE9B998DF7027BD, 7A8C71123A368395011CFE3BD75840016BB28E9EF6B23A88BDB384D0846CDBFE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:41:21.0828 0x17f8 vmbus - ok
19:41:21.0862 0x17f8 [ C29F63BB3B99B3F2030113160A741684, 43DF7A6DD305D1696D28A54E12B75AE041B075E789DB5D0C8DDF250E75585AA1 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:41:21.0879 0x17f8 VMBusHID - ok
19:41:21.0887 0x17f8 [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:41:21.0902 0x17f8 vmgid - ok
19:41:21.0951 0x17f8 [ 8486D6F63D5CF87CA08E3B3604DCB631, BD96CD0EF7B84C55DB525D655F19DE7B63756B7F3554AEBDF8F4A7A0BF2507FC ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:41:21.0991 0x17f8 vmicguestinterface - ok
19:41:22.0017 0x17f8 [ 8486D6F63D5CF87CA08E3B3604DCB631, BD96CD0EF7B84C55DB525D655F19DE7B63756B7F3554AEBDF8F4A7A0BF2507FC ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:41:22.0042 0x17f8 vmicheartbeat - ok
19:41:22.0076 0x17f8 [ 8486D6F63D5CF87CA08E3B3604DCB631, BD96CD0EF7B84C55DB525D655F19DE7B63756B7F3554AEBDF8F4A7A0BF2507FC ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:41:22.0101 0x17f8 vmickvpexchange - ok
19:41:22.0129 0x17f8 [ 86183A9A93B3D3293357B626015A99FD, 01FFB4245D5D1C54BE2879B3941D7402738956406A32DC3E9BB9FF435A04FD8E ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:41:22.0175 0x17f8 vmicrdv - ok
19:41:22.0205 0x17f8 [ 8486D6F63D5CF87CA08E3B3604DCB631, BD96CD0EF7B84C55DB525D655F19DE7B63756B7F3554AEBDF8F4A7A0BF2507FC ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:41:22.0234 0x17f8 vmicshutdown - ok
19:41:22.0260 0x17f8 [ 8486D6F63D5CF87CA08E3B3604DCB631, BD96CD0EF7B84C55DB525D655F19DE7B63756B7F3554AEBDF8F4A7A0BF2507FC ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:41:22.0284 0x17f8 vmictimesync - ok
19:41:22.0314 0x17f8 [ 8486D6F63D5CF87CA08E3B3604DCB631, BD96CD0EF7B84C55DB525D655F19DE7B63756B7F3554AEBDF8F4A7A0BF2507FC ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:41:22.0339 0x17f8 vmicvmsession - ok
19:41:22.0382 0x17f8 [ 86183A9A93B3D3293357B626015A99FD, 01FFB4245D5D1C54BE2879B3941D7402738956406A32DC3E9BB9FF435A04FD8E ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:41:22.0414 0x17f8 vmicvss - ok
19:41:22.0439 0x17f8 [ E152E9D68BC2EFB5C15107DE96EEDEE6, 3319913DA60D6A8A3E1EF1774AA209E7CFB70CFFF363656D627EEB8C0A62180A ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:41:22.0462 0x17f8 volmgr - ok
19:41:22.0502 0x17f8 [ 796F1C83861C02A97571D0EDAB490B70, 71CE8D930AE82C2B2628CBF3BB3AE1A8CF039BD702BDE912D499FCF45332F5A6 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:41:22.0541 0x17f8 volmgrx - ok
19:41:22.0580 0x17f8 [ 37988A4065ACBC7A6A7E03E25AFFAE4A, 33CE9111C4C2A6BEF664FB175D3B0506322B88CA658EB13076F3EB53946727C2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:41:22.0622 0x17f8 volsnap - ok
19:41:22.0632 0x17f8 [ 770E710BEA3CCC595EE3703297B40D76, C03E3367B92307993BC169583CB298265FC1C35CF5973EC352C1E08FFCFD1928 ] volume C:\WINDOWS\system32\drivers\volume.sys
19:41:22.0646 0x17f8 volume - ok
19:41:22.0667 0x17f8 [ 61B3DC7A670B8CFA7137C14BBE062FB7, 048BBE615941D1BF34A946A207F6B6378561465698C334D773349888411EDBFB ] vpci C:\WINDOWS\system32\drivers\vpci.sys
19:41:22.0688 0x17f8 vpci - ok
19:41:22.0706 0x17f8 [ 1A4D9FAED669BC42E5A1CD8442729AB2, E70778AF6B0C9709CB8CEF655C6DD8B5A61CC70BFD35A43304C1308EA478C550 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:41:22.0728 0x17f8 vsmraid - ok
19:41:22.0810 0x17f8 [ 875046AD4755396636A68F4A9EDB22A4, 82459B7D6CEEFF22E6E81CA445F9134C3EE917BDC3DF185700813F23AC7DB77E ] VSS C:\WINDOWS\system32\vssvc.exe
19:41:22.0931 0x17f8 VSS - ok
19:41:22.0954 0x17f8 [ 6E0092973E35BE6A1F5ED5CBDD202036, 33DAF53C81D5BAF9337192A84DF50C108BAE9B8A858081E2208939CCFF2622F8 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:41:22.0982 0x17f8 VSTXRAID - ok
19:41:22.0999 0x17f8 [ 7BC30ADCCC9BCF2B0A29A320A395EC3B, 373C85F659F07366649697823B4A8B14313F0042A7A04E932429D049D18C7646 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:41:23.0022 0x17f8 vwifibus - ok
19:41:23.0032 0x17f8 [ C111EE25F5130811A398B1F1496AD1C1, 13C3B69A5D0179ED3CC2C999FF97EDBAEDD63DA55DDB74427251C360706A3820 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:41:23.0057 0x17f8 vwififlt - ok
19:41:23.0095 0x17f8 [ EB00241B230BA9DB117300F7D387472C, 92A7C73E59789C5337CA4799924C8F84E5EDB2E76B15ABF927201553E4D9A19A ] W32Time C:\WINDOWS\system32\w32time.dll
19:41:23.0160 0x17f8 W32Time - ok
19:41:23.0216 0x17f8 [ 89BD06A03C8BA1BF50892702FC092714, EA36B38B7F84C8A20827C956823C1C76B5C510F2A33861D861EB8FA55A3493D7 ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
19:41:23.0295 0x17f8 WaaSMedicSvc - ok
19:41:23.0310 0x17f8 [ 1F16C8283230EF1F1C4E135D1C2C859B, E4F672C7E58490F82F859CAEEDD57D8ABCC31DE62A42A956BEE47113D365BE35 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:41:23.0333 0x17f8 WacomPen - ok
19:41:23.0375 0x17f8 [ D765B98325D89C076FEEAB1282CD08EA, AC2F0A68A2BCAAF2DECB0AAF1B50D652ED8B631B08D06B910B407FEF9069412E ] WalletService C:\WINDOWS\system32\WalletService.dll
19:41:23.0437 0x17f8 WalletService - ok
19:41:23.0466 0x17f8 [ 438B3E55D9D700C1C0424642872C2E28, 161F9F1F666717D95AF7EC984DDDC4D7E13844617108346FFC49A4EE99AE812F ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:41:23.0492 0x17f8 wanarp - ok
19:41:23.0500 0x17f8 [ 438B3E55D9D700C1C0424642872C2E28, 161F9F1F666717D95AF7EC984DDDC4D7E13844617108346FFC49A4EE99AE812F ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:41:23.0525 0x17f8 wanarpv6 - ok
19:41:23.0563 0x17f8 [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
19:41:23.0602 0x17f8 WarpJITSvc - ok
19:41:23.0675 0x17f8 [ 17270A354A66590953C4AAC1CF54E507, 9954394B43783061F9290706320CC65597C29176D5B8E7A26FA1D6B3536832B4 ] wbengine C:\WINDOWS\system32\wbengine.exe
19:41:23.0797 0x17f8 wbengine - ok
19:41:23.0855 0x17f8 [ C2D949A427BDD0AB72598DFC439D1E83, F2B35E77AA32CB228F1F7010863C27F50A1DFF0D6A8ACE2440C12BBF84A9B256 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:41:23.0948 0x17f8 WbioSrvc - ok
19:41:23.0978 0x17f8 [ 4F05446662B900925EB74C93244387B7, 1F234AB2049864F96917D2FF827633BC25129BB60048BFD4B28DA3E29F2B38B6 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:41:24.0002 0x17f8 wcifs - ok
19:41:24.0055 0x17f8 [ 27482345F4B6AAB4313EFF2E46D86C72, 0E8993217E724A5238B06A364F56792477D2868457C3D15A25CA410DC0C5972A ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:41:24.0150 0x17f8 Wcmsvc - ok
19:41:24.0209 0x17f8 [ 6CDE91D497A3EC19796DE53DEBD74FB0, ACBBCBFE7A953F3CFF10A035A52984D7DB0C0B4C6B735F53006036F4CCC15059 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:41:24.0287 0x17f8 wcncsvc - ok
19:41:24.0313 0x17f8 [ 33436DD2AA122E09A06FCD2A73B4E719, 3EB21704EC8B19B82DBABB1FA9FFCD69CB58119C36D5E9169AC1447B4CC1B358 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:41:24.0384 0x17f8 wcnfs - ok
19:41:24.0427 0x17f8 [ 77FE7FEF7A568B3C09BCA716C8631C4E, 4E702EE7FBA38CA5142C01BB6D202882372EFBEA0052C9A54DBA582ADA52D37F ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
19:41:24.0446 0x17f8 WdBoot - ok
19:41:24.0506 0x17f8 [ C0FDE0B1493A8929A4118A92CBA3599A, 4EE421AE4ACBB46B861B28DAD9C12A28936E66BF16C40D2EB015F16516836E46 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:41:24.0566 0x17f8 Wdf01000 - ok
19:41:24.0641 0x17f8 [ EA0AE93E428F613BDA83BD39EDFA9721, E551DAACAC93E559214A5AD24201DC8B4DFE3D9D0EFA4B3136C4B26C63C2B1FF ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
19:41:24.0688 0x17f8 WdFilter - ok
19:41:24.0717 0x17f8 [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:41:24.0758 0x17f8 WdiServiceHost - ok
19:41:24.0766 0x17f8 [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:41:24.0797 0x17f8 WdiSystemHost - ok
19:41:24.0867 0x17f8 [ 2F008DE68840C06B2A539BCACAFAB51C, 0D7DA2E80972C137B88B6B13E07C83B2F6A058A1D93F6411C4D807ABD68E03C0 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:41:24.0969 0x17f8 wdiwifi - ok
19:41:24.0994 0x17f8 [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
19:41:25.0009 0x17f8 WdmCompanionFilter - ok
19:41:25.0031 0x17f8 [ 0996B6119B081EF8AD8CE40E29F325C6, C0022DAE9F51E2C9BE17E7A8624B8A5C6B9D9A9DA4B74F3F363753F9924BF124 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
19:41:25.0052 0x17f8 WdNisDrv - ok
19:41:25.0307 0x17f8 [ B84A7B02B04F673A086F9BD89FB1F0DF, 75A65033E851FCF2EB0D042EBBB3AEAAE700F3B12264DA4B28158782886D20C7 ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23070.1004-0\NisSrv.exe
19:41:25.0485 0x17f8 WdNisSvc - ok
19:41:25.0516 0x17f8 [ 125E37627FA664B417DCD1EC8CA381FA, A4862F245A5D5C3E3B70F3ADB522B0017908352CE04E57802FE64DABD0BDF7E0 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:41:25.0563 0x17f8 WebClient - ok
19:41:25.0601 0x17f8 [ 6F1C37F7CD09BEBC32236D8B5A4CF354, E81BBB8D950F81DCF39F6CE0F41E387722073DF16FCD081035972A6BBCF187F7 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:41:25.0648 0x17f8 Wecsvc - ok
19:41:25.0656 0x17f8 [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:41:25.0702 0x17f8 WEPHOSTSVC - ok
19:41:25.0758 0x17f8 [ 79A6064ADEBAD429D8DE8C8738792D2D, 8C0E7FD52793C30811D7C8DEDCD1F6ECFC5B3A2B57B6EF65E6304A8385A382CC ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:41:25.0790 0x17f8 wercplsupport - ok
19:41:25.0825 0x17f8 [ F1AB6FA3BC432F1D815F338899F152D9, 44AB1002302000606BED229CA17961126E1264B0CCD72F2E53E0AD33FEF7846A ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:41:25.0866 0x17f8 WerSvc - ok
19:41:25.0914 0x17f8 [ 0B82A5E82CB96CDCFAE97C0F5DCB1B13, 1A6EB6464662F8EA5BA9AA9FA6B9E5A085F3931B1813F2E7C784F9AD4AB036B2 ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
19:41:25.0992 0x17f8 WFDSConMgrSvc - ok
19:41:26.0025 0x17f8 [ 2BAB321A6D006BC138692901C3E073E9, 315150DA4492BFB4E20F88306B089E584B4B1030194AE79E176B767238052B48 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:41:26.0049 0x17f8 WFPLWFS - ok
19:41:26.0095 0x17f8 [ C2C9584646AEB101C6C03F786C08AAF5, 9FFEF58D6E45B18CDFAF836E97D58AC00C6AD6CA63078F85B09093CA64ED198A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:41:26.0123 0x17f8 WiaRpc - ok
19:41:26.0163 0x17f8 [ 416B0938189ED0D4A8B5BBBE3F045269, 74B32619BE246D7DD6D520309692C32EE922852405DAB432CAF6012E72B495FF ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:41:26.0193 0x17f8 WIMMount - ok
19:41:26.0229 0x17f8 [ F33F5976AD56E903D8151CC63E392C71, 812F5F6A77EE21E88B3C8E0B324A9C51EF00E40D737D851335E0D8A41CB090AA ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23070.1004-0\MsMpEng.exe
19:41:26.0250 0x17f8 WinDefend - ok
19:41:26.0272 0x17f8 [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:41:26.0290 0x17f8 WindowsTrustedRT - ok
19:41:26.0327 0x17f8 [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:41:26.0342 0x17f8 WindowsTrustedRTProxy - ok
19:41:26.0408 0x17f8 [ 64D9638A15586DB3387DFC0BCA0795D4, 3A12B3765E2FD2E71E4D41A64812DBC5507B28093BAFBA06E47A5EAA271AD67F ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:41:26.0462 0x17f8 WinHttpAutoProxySvc - ok
19:41:26.0482 0x17f8 [ 0816C30E3395E667EFFFB92B4EA66A05, F6A9E7026AA60A6627680F232AE785EA9CF55FE970708E6E49151F601CC42FEE ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:41:26.0499 0x17f8 WinMad - ok
19:41:26.0577 0x17f8 [ E2376F73AAA2A4BBEF5F94DE095C788A, 65E8FAF81245C08B6668EFB5B7264B2EEBCC90F30F714E1B60C2F7B60AE070C5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:41:26.0651 0x17f8 Winmgmt - ok
19:41:26.0692 0x17f8 [ E959DDD0BD1DE2D67591DA89B4D5C65F, 9C426AD484490BDE5D471DB638C197E36BC793D4A5F29976FDC4FDC15283575C ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
19:41:26.0747 0x17f8 WinNat - ok
19:41:26.0902 0x17f8 [ 604255E164ABA32A0C726D2DD1FAAD55, 52A1B0EA807C5ACAD32AA3D0AF439A0777A8C714378278ED4E12DFC304D30CEC ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:41:27.0131 0x17f8 WinRM - ok
19:41:27.0185 0x17f8 [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:41:27.0212 0x17f8 WINUSB - ok
19:41:27.0235 0x17f8 [ F4C4FD42F8DD657157823DB617CC3A3D, D2A5ED039ED83010E0BB4BB1A69F9D142D42BE2C75E56CFCF3F157A735CB688E ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:41:27.0253 0x17f8 WinVerbs - ok
19:41:27.0349 0x17f8 [ A51D810BCC2B866B8144AC222B4D0392, D0955EC8A1796AB00E2C3AFF701BED2DEC39784E569481ED4D47E7367F356BA9 ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:41:27.0435 0x17f8 wisvc - ok
19:41:27.0564 0x17f8 [ 90DC8CA79E7DBA217780B88DDA4C5D35, 5A8A658BB5775ECAB0C7C094F5E9A69DC3439382D8792409C93F72A0A52F8356 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:41:27.0772 0x17f8 WlanSvc - ok
19:41:27.0872 0x17f8 [ 7B1DB8123E8C6644FBBAB2031CA33E15, CC6E2F323A5A2E5A702A94323439FE3F6E6D578B8DAD3309E752A1EF72122302 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:41:28.0040 0x17f8 wlidsvc - ok
19:41:28.0123 0x17f8 [ AD09B28B6B2635227A13DED72699E396, 1B76B795A02258F99E672BBD661B6C96C2CDB4160F11A7ECEBB4DDCC8C2201B3 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
19:41:28.0229 0x17f8 wlpasvc - ok
19:41:28.0313 0x17f8 [ 7590F521E7A396C93AA228A3DFB2EF3E, 2D9FCAA40079AEAFB77C4ACE3A2D4D790919741FC365947D34266C124301F1B5 ] WManSvc C:\WINDOWS\system32\Windows.Management.Service.dll
19:41:28.0406 0x17f8 WManSvc - ok
19:41:28.0428 0x17f8 [ E4F25E6E790747073A09F9F8C997889C, 98455DD24AE076A2413EA599F83E0894F608C335F3FF2F3624A17E8EAF3B3C42 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:41:28.0461 0x17f8 WmiAcpi - ok
19:41:28.0501 0x17f8 [ 79D9311A36DE8E7CDBAD039F8B96F093, A2F03AD0C1565F7E8F2B391150B1BD63BAAEA012393A92F74C664E5650C4268C ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:41:28.0547 0x17f8 wmiApSrv - ok
19:41:28.0599 0x17f8 WMPNetworkSvc - ok
19:41:28.0648 0x17f8 [ 240EAE40793E996FC5B33DD00D242884, 95D5487DE361BC060C7B400D111BDD199B7158E2568C8AAA5786AAA30E1A6282 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:41:28.0678 0x17f8 Wof - ok
19:41:28.0799 0x17f8 [ C996632C873B749EF0ECA1A3F5318BD8, 4F411C75F7AB705BCF495B0E0BDAD1DF4B2AD7447E21CB14D2DFA1E82D1D881F ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:41:28.0926 0x17f8 workfolderssvc - ok
19:41:29.0004 0x17f8 [ DD1069783F5D35A14720894C7D596C04, 6C14DC41212C9BA888EF0633E8EF9AF328895BFAD74D44E24463470A7E2E4F41 ] WpcMonSvc C:\WINDOWS\System32\WpcDesktopMonSvc.dll
19:41:29.0156 0x17f8 WpcMonSvc - ok
19:41:29.0194 0x17f8 [ 77F69046600D63C8A585E7E40E212164, F0F6E5BF2F85E1F8E00BAEB5408665DFBA8157CD7C0578863EA0765438711B90 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:41:29.0254 0x17f8 WPDBusEnum - ok
19:41:29.0276 0x17f8 [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:41:29.0291 0x17f8 WpdUpFltr - ok
19:41:29.0335 0x17f8 [ E4A4571FEF0E40EA0A416B05A9763F04, 45E2E4F3C6C867209AF86D8BD5311ACF54ADD21F8825D6C5B999076BE86F2344 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:41:29.0399 0x17f8 WpnService - ok
19:41:29.0432 0x17f8 [ AB43AD7FD5435A215B725523CE6BE96B, F73552B799F85FB2C744D16C79652C4F664A44D32308EBF3473593B5EC28FEFA ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:41:29.0463 0x17f8 WpnUserService - ok
19:41:29.0490 0x17f8 [ 2B98DFC181823C8D8AA39C4CC577DE3E, DAFF7CE8868299AF5EFA844C2E1F84B7EE7E498B1AFF16965CE41C2E75B2F4E4 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:41:29.0531 0x17f8 ws2ifsl - ok
19:41:29.0577 0x17f8 [ B82ED9CAC7E56662CFEAA81184CCFB3B, B13994190DAE1853E8F395ED3BD50B826B9F74E09BF51B4E1F2F52158B90E6BC ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:41:29.0618 0x17f8 wscsvc - ok
19:41:29.0626 0x17f8 WSearch - ok
19:41:29.0791 0x17f8 [ D9D1E573B40DFC4A85CB5A7CE420BE15, 269F99A8109424B1BB6074B811C829C0B0B514C98A2598A4517C5F616E2FF7F3 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:41:30.0025 0x17f8 wuauserv - ok
19:41:30.0059 0x17f8 [ 9AF0594883C18C05EE7B9A0026BA9DC8, BD9A86155C034F9DA9C7A37D58B46B56C19C7426B273A11E029B87B05107FB06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:41:30.0098 0x17f8 WudfPf - ok
19:41:30.0136 0x17f8 [ 6A2EEF5AE03EC52AF12E853F447C30BE, 8EDAA70AB9842FABDB3CC93500D3C160D23215C1623D58F043EFE1369CFFCCEF ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:41:30.0220 0x17f8 WUDFRd - ok
19:41:30.0246 0x17f8 [ 6A2EEF5AE03EC52AF12E853F447C30BE, 8EDAA70AB9842FABDB3CC93500D3C160D23215C1623D58F043EFE1369CFFCCEF ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:41:30.0280 0x17f8 WUDFWpdFs - ok
19:41:30.0358 0x17f8 [ F6D45FC88B092053033C5689C6FB08ED, 397042FFC5636951DD12012AF007D21B7448F38CEA5D19CC256A0D7ED67A58F8 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:41:30.0497 0x17f8 WwanSvc - ok
19:41:30.0555 0x17f8 [ B62C41E672194A919028786E4A480541, 1A5DCE5775CD0A511F0EDCB23669525590F0F94455C567DDB76DD15C8F25D347 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:41:30.0655 0x17f8 XblAuthManager - ok
19:41:30.0723 0x17f8 [ 411923E5B7992764DDB6BEADF7E7DEA6, B053C5956CCA3246D0450C01C8BD702EEDDA2B3AD865B6CA024227C67C5139B4 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:41:30.0846 0x17f8 XblGameSave - ok
19:41:30.0893 0x17f8 [ 6E6E28D046627693CF1D2E905DC69BD1, 31D39CF82E1E98D367F631CFE5B6C6A42E13C1C01BBAABFE2CA35721627D4E43 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:41:30.0947 0x17f8 xboxgip - ok
19:41:30.0980 0x17f8 [ 04BE9428D1E276DF3F6A7A5552AAB546, ACC3A8180601054BFD8FBE743A7F9CB5F2398FD463FD7EA5EF2EF78953BADBBD ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
19:41:31.0008 0x17f8 XboxGipSvc - ok
19:41:31.0065 0x17f8 [ 5A4F5B800B1AE1B196D3D09D1E973C9F, 8BB5D0ABF6DF5E48F17480AE72D568EBBF59E2D69E359AD951970A5BF35BFDD8 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:41:31.0167 0x17f8 XboxNetApiSvc - ok
19:41:31.0215 0x17f8 [ 0298A79A4029D755E734B2E7657F9ED3, 40F7541006B9A8F1CE0D57710C3206E9672CBB23627DBC373C035B4158026BEC ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:41:31.0256 0x17f8 xinputhid - ok
19:41:31.0263 0x17f8 ================ Scan global ===============================
19:41:31.0342 0x17f8 [ E9CB0EEEFE636B14816307B7778A890F, C9AC94B94B4BD6AAEB4ED19BA993BBA201477005B750D01A404529CE546087C0 ] C:\WINDOWS\system32\basesrv.dll
19:41:31.0383 0x17f8 [ 19979E1729CFA0E56EB4CCCB198DFD05, 7F2A683F28877562409D810946DDCA2F069715CDFB249602251DFA50065FFF7A ] C:\WINDOWS\system32\winsrv.dll
19:41:31.0418 0x17f8 [ 4106AAB5ADBB6A0CC07A2244B9F3C4C0, 3D9D254DB183BACF9352889B6B1A001C694FEE502141379FBF720F180C5C9A7C ] C:\WINDOWS\system32\sxssrv.dll
19:41:31.0462 0x17f8 [ 14B88FF4833012512278A5F3A5712BD2, E6FE9A94E8686E957DBCEC2B89C1C1DDCF8E75D76E9200D0CBEF74D510C71317 ] C:\WINDOWS\system32\services.exe
19:41:31.0480 0x17f8 [ Global ] - ok
19:41:31.0481 0x17f8 ================ Scan MBR ==================================
19:41:31.0495 0x17f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:41:31.0975 0x17f8 \Device\Harddisk0\DR0 - ok
19:41:31.0988 0x17f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:41:32.0718 0x17f8 \Device\Harddisk1\DR1 - ok
19:41:32.0720 0x17f8 ================ Scan VBR ==================================
19:41:32.0730 0x17f8 [ 1C305E99C71612BD495C2C0BB2A56D95 ] \Device\Harddisk0\DR0\Partition1
19:41:32.0734 0x17f8 \Device\Harddisk0\DR0\Partition1 - ok
19:41:32.0750 0x17f8 [ 30D2AAC26428A7B9BF8AF6537BB19F5E ] \Device\Harddisk0\DR0\Partition2
19:41:32.0754 0x17f8 \Device\Harddisk0\DR0\Partition2 - ok
19:41:32.0836 0x17f8 [ 55DD4A041CD40B4C7983565088D26EF1 ] \Device\Harddisk0\DR0\Partition3
19:41:32.0840 0x17f8 \Device\Harddisk0\DR0\Partition3 - ok
19:41:32.0894 0x17f8 [ 621615338D22A04FF61F20255F28D013 ] \Device\Harddisk1\DR1\Partition1
19:41:32.0898 0x17f8 \Device\Harddisk1\DR1\Partition1 - ok
19:41:32.0899 0x17f8 ================ Scan active images ========================
19:41:32.0900 0x17f8 ================ Scan generic autorun ======================
19:41:32.0935 0x17f8 [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\WINDOWS\system32\SecurityHealthSystray.exe
19:41:32.0988 0x17f8 SecurityHealth - ok
19:41:33.0026 0x17f8 [ 3402BBBC16E909985C4F184EB247E9BD, 715806A02C33060C3A20AA1387AC656D92A217115123A2BA16DBE4B37C31880F ] C:\WINDOWS\system32\igfxtray.exe
19:41:33.0044 0x17f8 IgfxTray - ok
19:41:33.0076 0x17f8 [ 22BF0CCB64AAE89004355E924E0AD463, BA8FA7DCFAD8396C7A2DB583FF6118361F959040837215FD5198D8D0A4D7E9B6 ] C:\WINDOWS\system32\hkcmd.exe
19:41:33.0101 0x17f8 HotKeysCmds - ok
19:41:33.0133 0x17f8 [ FDA7C3D4227097EC5B45BF9E769B5427, C8A41A3EA957A64CECD17B6E5AFAE2775541C0838CE27FD759031B84180FBFA0 ] C:\WINDOWS\system32\igfxpers.exe
19:41:33.0159 0x17f8 Persistence - ok
19:41:33.0166 0x17f8 SynTPEnh - ok
19:41:33.0248 0x17f8 OneDriveSetup - ok
19:41:33.0263 0x17f8 OneDriveSetup - ok
19:41:33.0455 0x17f8 [ C2938EB5FF932C2540A1514CC82C197C, 5D8273BF98397E4C5053F8F154E5F838C7E8A798B125FCAD33CAB16E2515B665 ] C:\Users\yorbr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:41:33.0546 0x17f8 OneDrive - ok
19:41:33.0587 0x17f8 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.225 ), 0x61000 ( enabled : updated )
19:41:33.0588 0x17f8 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated )
19:41:33.0641 0x17f8 Win FW state via NFP2: disabled ( trusted )
19:41:33.0642 0x17f8 ============================================================
19:41:33.0642 0x17f8 Scan finished
19:41:33.0642 0x17f8 ============================================================
19:41:33.0657 0x1ea8 Detected object count: 2
19:41:33.0657 0x1ea8 Actual detected object count: 2
19:44:45.0830 0x1ea8 C:\WINDOWS\System32\drivers\BthA2dp.sys - copied to quarantine
19:44:45.0903 0x1ea8 HKLM\SYSTEM\ControlSet001\services\BthA2dp - will be deleted on reboot
19:44:46.0036 0x1ea8 C:\WINDOWS\System32\drivers\BthA2dp.sys - will be deleted on reboot
19:44:46.0036 0x1ea8 BthA2dp ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:44:46.0089 0x1ea8 C:\WINDOWS\System32\drivers\bthhfenum.sys - copied to quarantine
19:44:46.0090 0x1ea8 HKLM\SYSTEM\ControlSet001\services\BthHFEnum - will be deleted on reboot
19:44:46.0136 0x1ea8 C:\WINDOWS\System32\drivers\bthhfenum.sys - will be deleted on reboot
19:44:46.0136 0x1ea8 BthHFEnum ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:44:46.0327 0x1ea8 KLMD registered as C:\WINDOWS\system32\drivers\50235213.sys
REPORTE DE LA EJECUCIÓN DEL PROGRAMA Malwarebytes Anti-Rootkit
Mbar-log.txt
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2023.08.12.03
rootkit: v2023.08.12.03
Windows 10 x64 NTFS
Internet Explorer 11.789.19041.0
yorbr :: DESKTOP-P0LBTME [administrator]
12/08/2023 20:24:33
mbar-log-2023-08-12 (20-24-33).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 122608
Time elapsed: 27 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
REPORTE DE LA EJECUCIÓN DEL PROGRAMA Malwarebytes Anti-Rootkit
System-log.txt
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 10.0.9200 Windows 10 x64
Account is Administrative
Internet Explorer version: 11.789.19041.0
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8535257088, free: 5843152896
Downloaded database version: v2023.08.12.03
Downloaded database version: v2023.08.12.03
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
08/12/2023 20:24:25
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\msseccore.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\system32\drivers\50235213.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_ed345fdc37d65139\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\System32\drivers\ndiscap.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\System32\drivers\Vid.sys
\SystemRoot\System32\drivers\winhvr.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\Netwsw00.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\L1C63x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\BTHUSB.sys
\SystemRoot\System32\drivers\BTHport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\System32\drivers\bthpan.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\Drivers\MbamChameleon.sys
\SystemRoot\system32\drivers\bindflt.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\msquic.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\system32\DRIVERS\mwac.sys
\SystemRoot\system32\DRIVERS\farflt.sys
\??\C:\WINDOWS\system32\DRIVERS\mbam.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\2337276E.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2023.08.12.03
rootkit: v2023.08.12.03
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffa30899d9d0a0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffa30899d69940, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffa30899d9d0a0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffa30899c12050, DeviceName: \Device\00000030\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: AB30A3B6
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 716800
Partition is bootable
Partition file system is NTFS
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 718848 Numsec = 305367712
Partition is not bootable
Partition file system is NTFS
Partition 2 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 306087936 Numsec = 1112064
Partition is not bootable
Partition file system is NTFS
Partition 3 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 307200000 Numsec = 669571072
Partition is not bootable
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffa3089dc47060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffa3089dc48040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffa3089dc47060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffa3089dc466b0, DeviceName: \Device\00000048\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2BD2C32A
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 976766976
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 500107859968 bytes
Sector size: 512 bytes
Done!
File "C:\Users\yorbr\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-718848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-306087936-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-3-307200000-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 10.0.9200 Windows 10 x64
Account is Administrative
Internet Explorer version: 11.789.19041.0
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8535257088, free: 5830090752
=======================================
Te comento que despues de realizar la ejecución de los programas antes mencionados… el problema continua…
[img]
[/img]
Con estos reportes se que tu equipo es de escritorio. Sin embargo ahora me surge una duda mas grande ¿Tu Sistema es Original? Hago esta pregunta porque Malwarebytes ha eliminado restos de un activador para Windows y Office.
No importa cuantas veces formatees el equipo o reinstales el sistema. Mientras sigas usando este tipo de activadores tu sistema sera infectado de nuevo y tarde o temprano podrias terminar siendo infectado por uno de ellos Eso es algo que debes tomar en cuenta
Vamos a ver hasta donde podemos llegar aunque tu caso puede terminar necesitando la intervención de un experto en “instrumentos/herramientas de presición”
Seguimos con Kaspersky Virus Removal Tool (KVRT) Sigue las instrucciones del siguiente manual
Realiza un análisis completo a tu equipo con KVRT y me traes su reporte
Reinicia el equipo y haremos un análisis completo con DrWeb CureIt
Lo descargas, actualmente el enlace de descarga nos directamente a su pagina:
- Haces clic en el Botón Descargar gratis > en el cuadro que Dice Para Su ordenador personal
- Marcas las casillas y haces clic en el botón Descargar
- Aparecera un formulario como este
- Los 3 datos son obligatorios, no es necesario que tu nombre y apellidos sean los reales, lo que realmente importa es que la dirección de correo sea valida ya que ahí van a enviar el enlace para que puedas descargarlo.
- Marcas las dos casillas y haces clic en el botón Enviar y esperas a que te notifique que el enlace fue enviado a la dirección de correo que pusiste
- Ahora te toca comprobar tu email y ver si has recibido el mensaje de DrWeb, asegurate de revisar la carpeta de spam de tu correo para ver si el mensaje ha llegado, lo abres y sigues las instrucciones.
Sigue el manual que te puesto para realizar un análisis completo con DrWeb CureIt a tu equipo Debes seleccionar todas las casillas Configurar su reporte en mínimo A continuación pulsamos en “Haga clic para seleccionar archivos y carpetas”
Veremos la siguiente imagen:
Seleccionamos todas las unidades que tengamos, incluidas las extraibles y pulsamos en OK
Volveremos a la imagen anterior y pulsamos en Comenzar Escaneo
Una vez finalizado, si encuentra Amenazas, veremos una imagen similar a esta:
Pulsamos en Neutralizar
Una vez finalizada la desinfección, reiniciamos el pc.
Recuerda que es un análisis completo, por ende es muy exhaustivo y puede tomar bastante tiempo, así que ármate de paciencia y evita que el equipo se suspenda durante el análisis
Nos traes el reporte de DrWeb CureIt:
Buscaremos el Informe para pegarlo en el Foro:
De forma predeterminada, una vez que Dr. Web CureIt! finaliza de escanear el sistema operativo, crea un reporte que puede encontrar en la siguiente ruta:
Disco C\Nombre de Usuario\Dr Web\ Curelt.log
Nos comentas como va todo o cualquier problema que hayas tenido ya sea para descargar o al ejecutar DrWeb.
Traes los reportes de KVRT y DrWeb, tomas capturas de la detecciones de ambos programas y las pegas con tus respuestas . Ya sabes que tienes que comentarnos como van saliendo las cosas despúes de los procedimientos
Saludos
1 me gusta
Buenas tardes Estimado JCTecn1cal, en efecto cuando compre mi laptop, venia con sistema operativo windows 7… con el transcurrir del tiempo tomé un curso de formateo de PC, y desde entonces he formateado mi pc con un disco que me dieron y para activarlo lo activo con un crackque vendria hacer ese activador de windows… durante los formateos en anteriores oportunidades no he tenido problemas… e inclusive el windows 7 que he tenido lo he usado unos 3 años… sin embargo al querer descargar un archivo de power point de una pagina web… resulto el problema que tengo … opte por formatear a windows 8, luego windows 8.1… y posterior al windows 10… pero sucede que este bendito virus a pesar del formateo continua como las evidencias que te he enviado… TENGO MUCHA FE EN QUE ME VAS AYUDAR POR ESO ESTOY SIGUIENDO PASO A PASO LO QUE ME INDICAS… e inclusive tengo la esperanza de eliminar ese virus ya que en este blog un usuario ha tenido el mismo problema y lo logro solucionar con ayudad de un colaborador…
Dando cumplimieno a tus indicaciones… he procedio a ejecutar RKILL antes de ejecutar los programas KVRT y Dr. Web Curelt…
EL PROGRAMA KVRT se ejecutó desde laa 11am hasta la madrugrada de hoy 16/08… aqui el reporte.
[img]
[/img]
El programa no scaneo mi disco extreible al parecer se desconecto… logrando escanear las demas casillas marcadas tal y como indicaste… es decir escaneo disco C, disco D, la memoria entre otros.
me levante en la madrugada para escanear el disco extraible y este es el resultado:
[img]
[/img]
Posteriormente he procedido a ejecutar DR. WEB CURELT, cuyo reporte estoy adjuntando…
-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------
F:\JUEGOS PC\Tarzan\TARZAN.exe - quarantined
F:\JUEGOS PC\ZJUEGOS VARIOS\Billy Bob\JUGAR.exe - quarantined
F:\JUEGOS PC\ZJUEGOS VARIOS\COMBATE\bh2.ews - quarantined
F:\JUEGOS PC\ZJUEGOS VARIOS\Pelea de Bestias\JUGAR.exe - quarantined
F:\JUEGOS PC\ZJUEGOS VARIOS\Pepsiman\JUGAR.exe - quarantined
F:\PROGRAMAS\DG_Setup.exe - quarantined
Total 239739014625 bytes in 398453 files scanned (645769 objects)
Total 398175 files (645353 objects) are clean
Total 6 files (7 objects) are infected
Total 6 files (7 objects) are neutralized
Total 405 files are raised error condition
Scan time is 05:38:10.138
- EN LOS DISCOS C Y D NO APARECE OBJETO MALICIOSO, PERO SI EN MI DISCO EXTREIBLE ENCONTRÓ 7 VIRUS.
PARA MAS DETALLE ADJUNTO UNA CAPTURA …
[img]
[/img]
Te comento que no he tenido problemas para la descarga y ejecución de los programas… reinicie la laptop y al volverla a prender veo que continua el problema…
[img]
[/img]
Hola @Yorbra Ya te había avisado sobre esto
y tú me respondiste esto
Necesitamos saber a que tema te refieres:
- Tenemos que revisarlo para ver si la solución propuesta esta a nuestro alcance o mejor dicho entre mis posibilidades
- Si en dicho tema se uso una herramienta de presición (eliminación manual por medio de scrips) entonces se requiere la intervención de un experto en esta clase de herramientas.
Voy a pedirle al compañero @Marr0n que nos de su opinión respecto a tu caso y ya veremos como deberiamos seguir
Saludos
1 me gusta
Hola estimado en efecto el usuario siguiente Perfil - Titus_Canus - ForoSpyware , tuvo el mismo problema y solo lo logró solucionar con un programa llamado FARBAR, de verdad ya no puedo más con el virus.
Este es el foro del usuario que tuvo el mismo problema que yo y lo logró solucionar con farbar
Buenas día estimado Perfil - Marr0n - ForoSpyware porfavor sería tan amable de ayudarme con el virus, ya no tengo vida…
Porfavor @Marr0n dale una revisadita a mi caso, te voy agradecer un monto si me ayudas, porfavor.
1 me gusta
Hola buenas a ambos @Yorbra
He estado inactivo durante un tiempo en el foro y he desconectado bastante de pantallas. He visto la notificación ahora del compañero @JCTecn1cal
Dame un rato, reviso el caso y traigo novedades.
Salu2 y disculpas, chicos.
1 me gusta
Hola buenas nuevamente revisado todo tu caso @Yorbra
Con permiso de @JCTecn1cal
Pues el malware que tienes en tu máquina es difícil de eliminar o tiene digamos que cierta persistencia en el sistema y por eso es más difícil de eliminarlo.
Así que de forma temporal pasaré yo a ayudarte en este tema. Pues debemos ahora de utilizar una herramienta “un poco especial” para eliminar esos malwares que persisten.
Una vez finalicemos con FRST, yo me retiraré del caso y sigues con @JCTecn1cal con lo que se tenga que acabar de hacer en la máquina o lo que él considere oportuno en el momento en que él retome el caso.
[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]
Desactivas tu antivirus 
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).
Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?
Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.
Farbar Recovery Scan Tool
-
Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]
-
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
-
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
-
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.
[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]
[color=#2271b3] PRÓXIMA RESPUESTA[/color]
Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).
NOTA IMPORTANTE
[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
FRST.txt
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-08-2023
Ejecutado por yorbr (administrador) sobre DESKTOP-P0LBTME (Hewlett-Packard HP Pavilion dv4 Notebook PC) (06-09-2023 15:13:55)
Ejecutado desde C:\Users\yorbr\Desktop\FRST64.exe
Perfiles cargados: yorbr
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.3324 (X64) Idioma: Español (México)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIN2E.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\Run: [MicrosoftEdgeAutoLaunch_58992619F6E4F819D3BB769FBE5D02CB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII3E.EXE [283232 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\EPSON L110 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMI3E.DLL [187392 2018-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON L220 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBN2E.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.141\Installer\chrmstp.exe [2023-09-01] (Google LLC -> Google LLC)
==================== Tareas programadas (Lista blanca) =================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {D005C6AB-95EC-49D3-98DB-C8686B521C0B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {0C4278B5-4112-4CC3-ABCC-3757DAF544C4} - System32\Tasks\EPSON L220 Series Update {E1FDA633-89F3-4530-B4E1-AE1B9AA153E9} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {799E3971-40E1-45FB-8A8B-4AA868259156} - System32\Tasks\GoogleUpdateTaskMachineCore{5F4B9239-435F-4E92-B268-EBE85F462BCA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-11] (Google LLC -> Google LLC)
Task: {68C317F4-DFBA-407B-A3E7-AD059E1B9C69} - System32\Tasks\GoogleUpdateTaskMachineUA{0F71E222-6C62-4E17-9A64-E97D36FE4449} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-11] (Google LLC -> Google LLC)
Task: {33724D90-3D8D-4977-937F-C686B6B9CC7D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {36E962BB-15C9-4971-B021-7771237B1CEC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DB08785-AC26-4441-A5AA-44423FE185DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4504B1E9-58C1-49F1-AE01-8B0A8D05D740} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FF83BE68-34A8-4987-8BF2-F90E485F9511} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {102C58EE-D6B7-4D35-A490-3264AA96E28A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8448C781-8AFD-4C04-8662-75BEAE198E13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\EPSON L220 Series Update {E1FDA633-89F3-4530-B4E1-AE1B9AA153E9}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE:/EXE:{E1FDA633-89F3-4530-B4E1-AE1B9AA153E9} /F:UpdateWORKGROUP\DESKTOP-P0LBTME$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.6
Tcpip\..\Interfaces\{c6fd770c-e627-4e98-ab9d-2c807d53e86d}: [DhcpNameServer] 192.168.1.6
Edge:
=======
Edge Profile: C:\Users\yorbr\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-05]
Edge Extension: (Avira Safe Shopping) - C:\Users\yorbr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-08-21]
Edge Extension: (Avira Password Manager) - C:\Users\yorbr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-08-21]
Edge Extension: (Edge relevant text changes) - C:\Users\yorbr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-14]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default [2023-09-06]
CHR StartupUrls: Default -> "hxxps://www.google.com.pe/"
CHR Extension: (Avira Password Manager) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-08-21]
CHR Extension: (Avira Safe Shopping) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-09-05]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-24]
CHR Extension: (Mendeley Web Importer) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2023-08-29]
CHR Extension: (Avira Navegación segura) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-08-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\yorbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-11]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 MpKsl0947241d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E8EA9BAD-AF31-431E-B129-C19D60D73B39}\MpKslDrv.sys [222464 2023-09-06] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-09-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2023-09-06 15:13 - 2023-09-06 15:15 - 000014016 _____ C:\Users\yorbr\Desktop\FRST.txt
2023-09-06 15:12 - 2023-09-06 15:12 - 002382336 _____ (Farbar) C:\Users\yorbr\Desktop\FRST64.exe
2023-09-05 15:27 - 2023-09-05 15:27 - 000144358 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-03 at 13.13.18.jpeg
2023-09-05 14:48 - 2023-09-05 14:48 - 000079926 _____ C:\Users\yorbr\Downloads\res_2022002420145056000731692.pdf
2023-09-05 14:42 - 2023-09-05 14:42 - 000157412 _____ C:\Users\yorbr\Downloads\res_2011000860144450000015993.pdf
2023-09-04 20:56 - 2023-09-04 20:56 - 000218339 _____ C:\Users\yorbr\Downloads\12971-2023.pdf
2023-09-04 20:28 - 2023-09-04 20:28 - 000174353 _____ C:\Users\yorbr\Downloads\res_2017006630203136000270687.pdf
2023-09-04 20:02 - 2023-09-04 20:05 - 000000000 ____D C:\Users\yorbr\Desktop\PJ 13 SET AUXILIAR LEGAL
2023-09-04 19:55 - 2023-09-04 19:57 - 000000000 ____D C:\Users\yorbr\Desktop\PJ 18 SET
2023-09-04 19:31 - 2023-09-04 20:08 - 000000000 ____D C:\Users\yorbr\Desktop\AURORA 13 SET POSTULAR
2023-09-04 19:10 - 2023-09-04 19:13 - 000000000 ____D C:\Users\yorbr\Desktop\CONV MP 13-09
2023-09-04 17:13 - 2023-09-04 17:13 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\QuickStyles
2023-09-04 16:54 - 2023-09-04 16:54 - 000174353 _____ C:\Users\yorbr\Downloads\res_2017006630165730000254272.pdf
2023-09-04 09:57 - 2023-09-04 09:57 - 005356313 _____ C:\Users\yorbr\Downloads\Exp. 00421-2023-29-2601-JR-PE-01 - Consolidado - 41470-2023.pdf
2023-09-04 09:57 - 2023-09-04 09:57 - 000191964 _____ C:\Users\yorbr\Downloads\CONCILIACION EXTRAJUDICIAL.pdf
2023-09-04 09:57 - 2023-09-04 09:57 - 000125925 _____ C:\Users\yorbr\Downloads\Exp. 00421-2023-29-2601-JR-PE-01 - Consolidado - 62448-2023.pdf
2023-09-04 09:36 - 2023-09-04 09:36 - 000381513 _____ C:\Users\yorbr\Downloads\CONSTANCIA DE PAGO_REPARACION CIVIL.pdf
2023-09-03 20:39 - 2023-09-03 20:39 - 000121538 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-03 at 19.44.26.jpeg
2023-09-03 12:10 - 2023-09-03 12:10 - 000000000 ____D C:\Users\yorbr\Documents\Adobe
2023-09-02 08:25 - 2023-09-02 08:25 - 000098574 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.26.jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000094601 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.27.jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000091867 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.27 (2).jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000071566 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.26 (1).jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000071535 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.26 (3).jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000063853 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.27 (1).jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000051290 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.26 (4).jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000049888 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.25.jpeg
2023-09-02 08:25 - 2023-09-02 08:25 - 000040960 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 23.07.26 (2).jpeg
2023-09-02 08:23 - 2023-09-02 08:23 - 000194721 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-02 at 08.23.53.jpeg
2023-09-02 08:22 - 2023-09-02 08:22 - 000063098 _____ C:\Users\yorbr\Downloads\CUL-null (2).pdf
2023-09-02 08:20 - 2023-09-02 08:20 - 000157157 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-02 at 08.19.53.jpeg
2023-09-01 19:32 - 2023-09-01 19:33 - 001302703 _____ C:\Users\yorbr\Downloads\Exp. 00641-2017-0-2601-JP-FC-03 - Consolidado - 24469-2023.pdf
2023-09-01 19:12 - 2023-09-01 19:12 - 000169650 _____ C:\Users\yorbr\Downloads\res_2015000230191446000842163.pdf
2023-09-01 19:12 - 2023-09-01 19:12 - 000121940 _____ C:\Users\yorbr\Downloads\res_2015000230191453000905283.pdf
2023-09-01 18:34 - 2023-09-01 18:34 - 000123151 _____ C:\Users\yorbr\Downloads\res_2017006410183649000618174.pdf
2023-09-01 18:24 - 2023-09-01 18:24 - 000117257 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 18.18.16.jpeg
2023-09-01 18:24 - 2023-09-01 18:24 - 000103585 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 18.18.16 (2).jpeg
2023-09-01 18:24 - 2023-09-01 18:24 - 000073353 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 18.18.16 (1).jpeg
2023-09-01 18:24 - 2023-09-01 18:24 - 000026350 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-09-01 at 18.18.15.jpeg
2023-09-01 12:38 - 2023-09-01 12:38 - 000158576 _____ C:\Users\yorbr\Downloads\act 4 de sexto-1.pdf
2023-09-01 12:37 - 2023-09-01 12:38 - 000218772 _____ C:\Users\yorbr\Downloads\acividad4 de septimo-1.pdf
2023-09-01 07:07 - 2023-09-01 07:07 - 000000000 ____D C:\Users\yorbr\Documents\Plantillas personalizadas de Office
2023-09-01 06:40 - 2023-09-01 06:40 - 000748272 _____ C:\Users\yorbr\Downloads\12935486.pdf
2023-09-01 06:35 - 2023-09-01 06:35 - 000002238 _____ C:\Users\yorbr\Downloads\10402482741-R01-E001-61.pdf
2023-08-29 12:22 - 2023-08-29 12:22 - 000032256 _____ C:\Users\yorbr\Downloads\Liquitacion de Trabajador - Jaime (1).xls
2023-08-29 12:21 - 2023-08-29 12:21 - 000032256 _____ C:\Users\yorbr\Downloads\Liquitacion de Trabajador - Jaime.xls
2023-08-29 12:20 - 2023-08-29 12:20 - 000066458 _____ C:\Users\yorbr\Downloads\huaman nps.pdf
2023-08-29 12:20 - 2023-08-29 12:20 - 000064068 _____ C:\Users\yorbr\Downloads\huaman nps 06.pdf
2023-08-28 21:15 - 2023-08-28 21:15 - 000846031 _____ C:\Users\yorbr\Downloads\WhatsApp Video 2023-08-28 at 21.09.59 (1).mp4
2023-08-28 21:15 - 2023-08-28 21:15 - 000075662 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 21.09.58 (1).jpeg
2023-08-28 21:12 - 2023-08-28 21:12 - 000846031 _____ C:\Users\yorbr\Downloads\WhatsApp Video 2023-08-28 at 21.09.59.mp4
2023-08-28 21:11 - 2023-08-28 21:11 - 000075662 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 21.09.58.jpeg
2023-08-28 21:01 - 2023-08-28 21:01 - 000000735 _____ C:\Users\yorbr\Downloads\fixlist.txt
2023-08-28 20:38 - 2023-08-28 20:38 - 000096144 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.10.jpeg
2023-08-28 20:38 - 2023-08-28 20:38 - 000083881 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.12 (1).jpeg
2023-08-28 20:38 - 2023-08-28 20:38 - 000079657 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.11.jpeg
2023-08-28 20:38 - 2023-08-28 20:38 - 000065615 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.10 (1).jpeg
2023-08-28 20:38 - 2023-08-28 20:38 - 000051094 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.12.jpeg
2023-08-28 20:38 - 2023-08-28 20:38 - 000017387 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.12 (2).jpeg
2023-08-28 20:37 - 2023-08-28 20:38 - 000035061 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-28 at 20.33.09.jpeg
2023-08-28 17:54 - 2023-08-28 17:54 - 000001352 _____ C:\Users\yorbr\Downloads\DIARIO.txt
2023-08-28 17:53 - 2023-08-28 17:53 - 000001064 _____ C:\Users\yorbr\Desktop\Adobe Photoshop 2020.lnk
2023-08-28 17:53 - 2023-08-28 17:53 - 000001046 _____ C:\Users\yorbr\Desktop\CLIENTES 2023 - Acceso directo.lnk
2023-08-28 17:52 - 2023-08-28 17:52 - 000002698 _____ C:\Users\yorbr\Desktop\Word 2023.lnk
2023-08-28 17:52 - 2023-08-28 17:52 - 000002660 _____ C:\Users\yorbr\Desktop\Excel 2023.lnk
2023-08-28 17:52 - 2023-08-28 17:52 - 000002640 _____ C:\Users\yorbr\Desktop\PowerPoint 2023.lnk
2023-08-28 17:49 - 2023-08-28 17:49 - 000001769 _____ C:\Users\yorbr\Documents\Acceso directo a Documentos (OneDrive - Personal).lnk
2023-08-28 17:49 - 2023-08-28 17:49 - 000001551 _____ C:\Users\yorbr\Desktop\Acceso directo a Escritorio (OneDrive - Personal).lnk
2023-08-28 09:12 - 2023-09-06 15:14 - 000000000 ____D C:\FRST
2023-08-27 19:03 - 2023-08-27 19:03 - 007368700 _____ C:\Users\yorbr\Downloads\PDT 621[1] (1).pptx
2023-08-27 18:41 - 2023-08-27 18:41 - 007368700 _____ C:\Users\yorbr\Downloads\PDT 621[1].pptx
2023-08-27 18:02 - 2023-08-27 18:02 - 000201259 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-27 at 17.53.40.jpeg
2023-08-25 21:16 - 2023-08-25 21:16 - 000000897 _____ C:\Users\yorbr\Downloads\formatfactory-2.20.zip
2023-08-25 20:40 - 2023-08-25 20:40 - 000000000 ____D C:\Users\yorbr\AppData\Local\UXP
2023-08-25 20:39 - 2023-08-25 20:39 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2023-08-25 20:28 - 2023-08-25 20:28 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-08-25 20:24 - 2023-08-25 20:27 - 000000000 ____D C:\ProgramData\Package Cache
2023-08-25 16:25 - 2023-08-25 16:25 - 000079926 _____ C:\Users\yorbr\Downloads\res_2022002420162745000966599.pdf
2023-08-25 15:49 - 2023-08-25 15:49 - 000123151 _____ C:\Users\yorbr\Downloads\res_2017006410155133000951274.pdf
2023-08-25 09:57 - 2023-08-25 09:57 - 000157412 _____ C:\Users\yorbr\Downloads\RESOLUCION VEINTISEIS.pdf
2023-08-25 09:42 - 2023-08-25 09:42 - 000157412 _____ C:\Users\yorbr\Downloads\res_2011000860094437000560804.pdf
2023-08-25 09:31 - 2023-08-25 09:31 - 000172786 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-25 at 09.28.38.jpeg
2023-08-25 09:30 - 2023-08-25 09:31 - 000177557 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-25 at 09.28.12.jpeg
2023-08-24 18:02 - 2023-08-24 18:02 - 000165195 _____ C:\Users\yorbr\Downloads\7c7d402c0aec3948ba2e47d5a406df3e.pptx
2023-08-24 12:36 - 2023-08-24 12:36 - 000316609 _____ C:\Users\yorbr\Downloads\Exp. 00663-2017-0-2601-JP-FC-01 - Consolidado - 23109-2023.pdf
2023-08-24 12:29 - 2023-08-24 12:29 - 000327068 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-24 at 11.53.48.jpeg
2023-08-24 12:26 - 2023-08-24 12:26 - 000359665 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-24 at 11.53.47.jpeg
2023-08-23 21:09 - 2023-08-23 21:09 - 000263251 _____ C:\Users\yorbr\Downloads\CambioCaracteristicasRPV.pdf
2023-08-23 17:24 - 2023-08-23 17:24 - 000283116 _____ C:\Users\yorbr\Downloads\res_2022002420172657000385898.pdf
2023-08-23 17:20 - 2023-08-23 17:20 - 000079926 _____ C:\Users\yorbr\Downloads\res_2022002420172321000761479.pdf
2023-08-23 16:58 - 2023-08-23 16:58 - 000103698 _____ C:\Users\yorbr\Downloads\res_2023006210170059000141895.pdf
2023-08-23 16:56 - 2023-08-23 16:56 - 000059260 _____ C:\Users\yorbr\Downloads\res_2014007350165848000639973.pdf
2023-08-23 15:42 - 2023-08-23 15:42 - 000141851 _____ C:\Users\yorbr\Downloads\res_2023002480154455000358752.pdf
2023-08-23 15:29 - 2023-08-25 20:28 - 000000000 ____D C:\Users\yorbr\AppData\Local\D3DSCache
2023-08-23 14:18 - 2023-08-23 14:18 - 000713566 _____ C:\Users\yorbr\Downloads\1C Jeferson Romero y D´Alesandro Cruz (1).pptx
2023-08-23 13:34 - 2023-08-23 13:34 - 000477182 _____ C:\Users\yorbr\Downloads\1C Yexon Huaman - Genesis Flores y Siomara Chunga.pptx
2023-08-23 13:31 - 2023-08-23 13:31 - 001072443 _____ C:\Users\yorbr\Downloads\1C Sarita Lama y Luana Damian.pptx
2023-08-23 13:30 - 2023-08-23 13:30 - 000052323 _____ C:\Users\yorbr\Downloads\1C Luz Castillo y Mackesin Nole.pptx
2023-08-23 13:26 - 2023-08-23 13:26 - 000632693 _____ C:\Users\yorbr\Downloads\1C LUIS CAJUSOL Y EDUARDO FLORES.pptx
2023-08-23 13:22 - 2023-08-23 13:22 - 000713566 _____ C:\Users\yorbr\Downloads\1C Jeferson Romero y D´Alesandro Cruz.pptx
2023-08-23 13:19 - 2023-08-23 13:19 - 001063908 _____ C:\Users\yorbr\Downloads\1C Digna Ramos y Amareliz Fasabi.pptm
2023-08-23 13:18 - 2023-08-23 13:18 - 000714747 _____ C:\Users\yorbr\Downloads\1C Celinda Flores y Maribel Cabrera.pptx
2023-08-23 13:15 - 2023-08-23 13:15 - 000052697 _____ C:\Users\yorbr\Downloads\1C Angel Chapoñan y Jhonatan Martinez.pptx
2023-08-23 11:34 - 2023-08-23 11:34 - 000044126 _____ C:\Users\yorbr\Downloads\res_2023002480113634000933962.pdf
2023-08-23 11:33 - 2023-08-23 11:33 - 000141851 _____ C:\Users\yorbr\Downloads\res_2023002480124305000237704.pdf
2023-08-22 17:25 - 2023-08-22 17:25 - 030449136 _____ C:\Users\yorbr\Downloads\L110_X64_15403_LA.exe
2023-08-21 16:59 - 2023-08-21 16:59 - 000218319 _____ C:\Users\yorbr\Downloads\12234-2023.pdf
2023-08-21 16:47 - 2023-08-21 16:47 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\EPSON
2023-08-21 15:47 - 2023-08-21 15:48 - 000171734 _____ C:\Users\yorbr\Downloads\res_2017006410155021000422906.pdf
2023-08-21 13:52 - 2023-08-21 13:52 - 000000000 ____D C:\Program Files\Common Files\AV
2023-08-21 13:51 - 2023-08-22 17:19 - 000000000 ____D C:\Program Files\Common Files\McAfee
2023-08-21 13:27 - 2023-08-23 16:47 - 000000000 ____D C:\ProgramData\McAfee
2023-08-21 13:27 - 2023-08-21 14:04 - 000000044 _____ C:\Users\yorbr\AppData\Roaming\MCVi2UserDetail.ini
2023-08-21 13:27 - 2023-08-21 13:27 - 005891472 _____ (McAfee, LLC) C:\Users\yorbr\Downloads\mcafee_trial_setup_433.0207.3919_key.exe
2023-08-21 13:26 - 2023-08-21 13:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-08-21 13:23 - 2023-08-21 13:23 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-08-21 13:23 - 2023-08-21 13:23 - 000000000 ____D C:\Users\yorbr\AppData\Local\AviraWebView2Cache
2023-08-21 13:23 - 2023-08-21 13:23 - 000000000 ____D C:\Users\Public\Security Sessions
2023-08-21 13:22 - 2023-08-21 13:22 - 000000000 ____D C:\Users\yorbr\AppData\Local\Avira
2023-08-21 13:16 - 2023-08-21 13:19 - 006573192 _____ (Avira Operations GmbH) C:\Users\yorbr\Downloads\avira_es_asu70_1939998603-1692641772__ws.exe
2023-08-21 10:29 - 2023-08-22 17:18 - 000000000 ____D C:\Program Files (x86)\Panda Security
2023-08-21 10:25 - 2023-08-21 13:18 - 000000000 ____D C:\ProgramData\Panda Security
2023-08-21 10:25 - 2023-08-21 10:25 - 003126896 _____ (Panda Security, S.L.) C:\Users\yorbr\Downloads\PANDAFREEAV.exe
2023-08-20 15:01 - 2023-08-21 10:25 - 000000000 ____D C:\Users\yorbr\AppData\Local\AVG
2023-08-20 15:00 - 2023-08-21 10:25 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\AVG
2023-08-20 14:59 - 2023-08-20 14:53 - 000313272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2023-08-20 14:52 - 2023-08-20 14:52 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-08-20 14:51 - 2023-08-22 17:18 - 000000000 ____D C:\ProgramData\AVG
2023-08-20 14:51 - 2023-08-20 14:51 - 000234944 _____ (AVG Technologies CZ, s.r.o.) C:\Users\yorbr\Downloads\avg_antivirus_free_setup.exe
2023-08-20 14:26 - 2023-08-20 14:26 - 000053015 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-20 at 14.20.02.jpeg
2023-08-18 10:55 - 2023-08-18 10:55 - 000086080 _____ C:\Users\yorbr\Downloads\D.J. DECLARACION DE CONFLICTOS (19) (1).pdf
2023-08-18 10:34 - 2023-08-18 10:34 - 000000000 _____ C:\Users\yorbr\Downloads\CUL-null (1).pdf
2023-08-18 10:03 - 2023-08-18 10:03 - 000217465 _____ C:\Users\yorbr\Downloads\27841399.pdf
2023-08-18 09:43 - 2023-08-18 09:43 - 000086080 _____ C:\Users\yorbr\Downloads\D.J. DECLARACION DE CONFLICTOS (19).pdf
2023-08-18 09:42 - 2023-08-18 09:42 - 000459636 _____ C:\Users\yorbr\Downloads\2. FICHA DE DATOS PERSONAL (2) (6).pdf
2023-08-18 09:42 - 2023-08-18 09:42 - 000020248 _____ C:\Users\yorbr\Downloads\DECLARACION JURADA DE BENEFICIARIOS VIDA LEY (10).pdf
2023-08-18 09:41 - 2023-08-18 09:41 - 000000000 _____ C:\Users\yorbr\Downloads\CUL-null.pdf
2023-08-17 18:39 - 2023-08-17 18:39 - 000107383 _____ C:\Users\yorbr\Downloads\res_2017006410184207000421680.pdf
2023-08-16 17:26 - 2023-08-16 17:26 - 000287300 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-16 at 17.26.27.jpeg
2023-08-16 11:08 - 2023-08-16 16:51 - 000000000 ____D C:\Users\yorbr\Doctor Web
2023-08-15 20:05 - 2023-08-15 20:05 - 000114187 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 20.00.03.jpeg
2023-08-15 20:04 - 2023-08-15 20:04 - 000162709 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 20.00.02 (3).jpeg
2023-08-15 20:03 - 2023-08-15 20:03 - 000075030 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 20.00.02 (2).jpeg
2023-08-15 20:02 - 2023-08-15 20:02 - 000162709 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 20.00.02 (1).jpeg
2023-08-15 20:00 - 2023-08-15 20:00 - 000123194 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 20.00.02.jpeg
2023-08-15 16:02 - 2023-08-20 14:33 - 000000000 ____D C:\Users\yorbr\AppData\Local\CrashDumps
2023-08-15 15:49 - 2023-09-01 06:42 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Excel
2023-08-15 12:06 - 2023-08-15 12:06 - 000040333 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 11.18.35.jpeg
2023-08-15 12:06 - 2023-08-15 12:06 - 000028981 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-15 at 11.18.19.jpeg
2023-08-15 11:07 - 2023-08-16 16:58 - 000000000 ____D C:\KVRT2020_Data
2023-08-15 10:59 - 2023-08-15 11:05 - 295571384 _____ C:\Users\yorbr\Downloads\fahvu4cn.exe
2023-08-15 10:54 - 2023-08-15 11:06 - 105615536 _____ (AO Kaspersky Lab) C:\Users\yorbr\Downloads\KVRT.exe
2023-08-14 09:56 - 2023-08-14 09:56 - 000059260 _____ C:\Users\yorbr\Downloads\RAMOS.pdf
2023-08-14 09:52 - 2023-08-14 09:52 - 000107383 _____ C:\Users\yorbr\Downloads\res_201700641009545900016678.pdf
2023-08-14 09:49 - 2023-08-22 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2023-08-14 09:49 - 2023-08-14 09:49 - 000001007 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2023-08-14 09:49 - 2023-08-14 09:49 - 000000000 ____D C:\Program Files (x86)\epson
2023-08-14 09:49 - 2012-05-17 00:00 - 000144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2023-08-14 09:48 - 2023-08-15 10:36 - 000000951 _____ C:\WINDOWS\Tasks\EPSON L220 Series Update {E1FDA633-89F3-4530-B4E1-AE1B9AA153E9}.job
2023-08-14 09:48 - 2023-08-14 09:48 - 000004144 _____ C:\WINDOWS\system32\Tasks\EPSON L220 Series Update {E1FDA633-89F3-4530-B4E1-AE1B9AA153E9}
2023-08-14 09:48 - 2023-08-14 09:48 - 000000000 ____D C:\Program Files\Common Files\EPSON
2023-08-14 09:47 - 2023-08-22 17:32 - 000000000 ____D C:\ProgramData\EPSON
2023-08-12 20:24 - 2023-08-12 20:24 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2337276E.sys
2023-08-12 20:22 - 2023-08-12 20:54 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2023-08-12 20:17 - 2023-08-12 20:19 - 000296172 _____ C:\TDSSKiller.3.1.0.28_12.08.2023_20.17.12_log.txt
2023-08-12 19:44 - 2023-08-12 19:44 - 000000000 ____D C:\TDSSKiller_Quarantine
2023-08-12 19:39 - 2023-08-12 19:48 - 000299448 _____ C:\TDSSKiller.3.1.0.28_12.08.2023_19.39.32_log.txt
2023-08-12 17:56 - 2023-08-12 19:37 - 000005854 _____ C:\TDSSKiller.3.1.0.28_12.08.2023_17.56.03_log.txt
2023-08-12 17:42 - 2023-08-12 17:43 - 000005900 _____ C:\TDSSKiller.3.1.0.28_12.08.2023_17.42.35_log.txt
2023-08-12 17:37 - 2023-08-12 17:37 - 000000000 ____D C:\Users\yorbr\Downloads\tdsskiller
2023-08-12 17:36 - 2023-08-12 17:37 - 004962800 _____ C:\Users\yorbr\Downloads\tdsskiller.zip
2023-08-12 17:30 - 2023-08-12 17:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\yorbr\Downloads\mbar-1.10.3.1001.exe
2023-08-12 17:24 - 2023-08-12 17:24 - 000193616 _____ C:\Users\yorbr\Downloads\WhatsApp Image 2023-08-12 at 17.24.13.jpeg
2023-08-12 15:39 - 2023-08-12 15:39 - 000000000 ___HD C:\$WinREAgent
2023-08-12 15:02 - 2023-09-01 12:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-12 13:32 - 2023-08-12 13:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-12 11:30 - 2023-08-12 11:30 - 000001382 _____ C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-08-12 11:29 - 2023-08-12 11:29 - 000000000 ____D C:\Users\yorbr\AppData\Local\ESET
2023-08-12 11:27 - 2023-08-12 11:29 - 015274968 _____ (ESET) C:\Users\yorbr\Downloads\esetonlinescanner.exe
2023-08-12 11:12 - 2023-08-12 11:12 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2023-08-12 10:05 - 2023-08-12 10:05 - 000000000 ____D C:\Users\yorbr\AppData\Local\mbam
2023-08-12 10:00 - 2023-08-23 16:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-12 10:00 - 2023-08-12 10:00 - 002606880 _____ (Malwarebytes) C:\Users\yorbr\Downloads\MBSetup.exe
2023-08-12 09:53 - 2023-08-12 09:53 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\yorbr\Downloads\iExplore.exe.exe
2023-08-12 09:18 - 2023-08-12 09:18 - 000000000 ____D C:\Users\yorbr\AppData\Local\CEF
2023-08-12 09:01 - 2023-08-12 09:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-08-11 23:17 - 2023-08-24 19:15 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Publisher Building Blocks
2023-08-11 23:16 - 2023-08-24 19:15 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Publisher
2023-08-11 23:06 - 2023-09-01 06:42 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\PowerPoint
2023-08-11 22:19 - 2023-08-11 22:19 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\MMC
2023-08-11 22:10 - 2023-08-25 20:31 - 000000000 ____D C:\ProgramData\Adobe
2023-08-11 22:09 - 2023-08-11 22:10 - 000000000 ____D C:\Users\yorbr\AppData\LocalLow\Adobe
2023-08-11 22:09 - 2023-08-11 22:09 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\com.adobe.dunamis
2023-08-11 22:09 - 2023-08-11 22:09 - 000000000 ____D C:\Users\yorbr\AppData\Local\SolidDocuments
2023-08-11 22:09 - 2023-08-11 22:09 - 000000000 ____D C:\Users\yorbr\.ms-ad
2023-08-11 21:55 - 2023-08-24 12:13 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-11 21:54 - 2023-08-24 12:12 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-11 21:54 - 2023-08-24 12:12 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-11 21:53 - 2023-08-12 09:24 - 000000000 ____D C:\Users\yorbr\AppData\Local\PlaceholderTileLogoFolder
2023-08-11 21:52 - 2023-08-25 20:28 - 000000000 ____D C:\Program Files\Adobe
2023-08-11 21:50 - 2023-08-25 20:34 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-08-11 21:41 - 2023-09-04 16:05 - 000000000 ____D C:\Users\yorbr\AppData\Local\Adobe
2023-08-11 21:38 - 2023-08-11 21:38 - 000000000 ____D C:\Users\yorbr\AppData\Local\PeerDistRepub
2023-08-11 21:37 - 2023-08-11 21:39 - 000000000 ____D C:\Users\yorbr\AppData\Local\MSfree Inc
2023-08-11 21:37 - 2023-08-11 21:37 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\WinRAR
2023-08-11 21:34 - 2023-08-23 19:25 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\UProof
2023-08-11 21:34 - 2023-08-11 21:34 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Prueba
2023-08-11 21:33 - 2023-09-05 15:42 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Word
2023-08-11 21:33 - 2023-09-01 06:37 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Plantillas
2023-08-11 21:33 - 2023-08-25 08:03 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Office
2023-08-11 21:33 - 2023-08-11 21:33 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Document Building Blocks
2023-08-11 21:33 - 2023-08-11 21:33 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Complementos
2023-08-11 21:33 - 2023-08-11 21:33 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Bibliography
2023-08-11 21:31 - 2023-08-16 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-08-11 21:31 - 2023-08-11 21:31 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-08-11 21:31 - 2023-08-11 21:31 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2023-08-11 21:30 - 2023-08-11 21:31 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2023-08-11 21:30 - 2023-08-11 21:30 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-08-11 21:28 - 2023-08-11 21:31 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-08-11 21:28 - 2023-08-11 21:28 - 000000000 ____D C:\Users\yorbr\AppData\Local\Microsoft Help
2023-08-11 21:28 - 2023-08-11 21:28 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2023-08-11 21:28 - 2023-08-11 21:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-11 21:28 - 2023-08-11 21:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2023-08-11 21:27 - 2023-08-11 21:30 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-11 21:27 - 2023-08-11 21:27 - 000000000 __RHD C:\MSOCache
2023-08-11 21:26 - 2023-08-11 21:26 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-11 21:26 - 2023-08-11 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-11 21:26 - 2023-08-11 21:26 - 000000000 ____D C:\Program Files\WinRAR
2023-08-11 21:21 - 2023-08-11 21:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-08-11 21:17 - 2023-08-11 22:16 - 000000000 ____D C:\Users\yorbr\AppData\Local\Comms
2023-08-11 21:12 - 2023-08-11 21:12 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Synaptics
2023-08-11 21:12 - 2023-08-11 21:12 - 000000000 ____D C:\ProgramData\Synaptics
2023-08-11 21:09 - 2023-08-11 21:09 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2023-08-11 21:09 - 2023-08-11 21:09 - 000000000 ____D C:\Users\yorbr\AppData\Local\OneDrive
2023-08-11 21:08 - 2023-08-12 09:53 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Spelling
2023-08-11 21:07 - 2023-08-11 21:07 - 000000000 ___HD C:\OneDriveTemp
2023-08-11 21:06 - 2023-09-01 19:03 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3476101482-3956301388-3476855506-1001
2023-08-11 21:06 - 2023-09-01 06:22 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-11 21:06 - 2023-09-01 06:22 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-11 21:06 - 2023-08-11 21:06 - 000000000 ____D C:\Users\yorbr\AppData\Local\Google
2023-08-11 21:05 - 2023-08-11 21:05 - 000000000 ____D C:\Program Files\Google
2023-08-11 21:04 - 2023-09-01 19:03 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3476101482-3956301388-3476855506-1001
2023-08-11 21:04 - 2023-08-28 17:38 - 000000000 ___RD C:\Users\yorbr\OneDrive
2023-08-11 21:02 - 2023-08-11 21:02 - 000003992 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{0F71E222-6C62-4E17-9A64-E97D36FE4449}
2023-08-11 21:02 - 2023-08-11 21:02 - 000003868 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F4B9239-435F-4E92-B268-EBE85F462BCA}
2023-08-11 21:01 - 2023-09-06 14:40 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-11 20:59 - 2023-08-11 20:59 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-08-11 20:58 - 2023-08-11 20:58 - 000000000 ____D C:\Users\yorbr\AppData\Local\Publishers
2023-08-11 20:56 - 2023-09-05 15:42 - 000000000 ____D C:\Users\yorbr\AppData\Local\Packages
2023-08-11 20:56 - 2023-08-27 17:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-08-11 20:56 - 2023-08-25 20:41 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Adobe
2023-08-11 20:56 - 2023-08-15 21:39 - 000000000 ____D C:\ProgramData\Packages
2023-08-11 20:56 - 2023-08-11 21:12 - 000000000 ____D C:\Users\yorbr\AppData\Local\ConnectedDevicesPlatform
2023-08-11 20:56 - 2023-08-11 20:56 - 000000000 ___SD C:\Users\yorbr\AppData\Roaming\Microsoft\Crypto
2023-08-11 20:56 - 2023-08-11 20:56 - 000000000 ___RD C:\Users\yorbr\3D Objects
2023-08-11 20:56 - 2023-08-11 20:56 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Vault
2023-08-11 20:56 - 2023-08-11 20:56 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Network
2023-08-11 20:56 - 2023-08-11 20:56 - 000000000 ____D C:\Users\yorbr\AppData\Local\VirtualStore
2023-08-11 20:54 - 2023-09-04 20:13 - 000000000 ____D C:\Users\yorbr
2023-08-11 20:54 - 2023-09-01 19:03 - 000002383 _____ C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-11 20:54 - 2023-08-11 20:57 - 000000000 ____D C:\Users\yorbr\AppData\Roaming\Microsoft\Windows
2023-08-11 20:54 - 2023-08-11 20:54 - 000000020 ___SH C:\Users\yorbr\ntuser.ini
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Reciente
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Plantillas
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Mis documentos
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Menú Inicio
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Impresoras
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Entorno de red
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Documents\Mis vídeos
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Documents\Mis imágenes
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Documents\Mi música
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Datos de programa
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\Configuración local
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\AppData\Local\Historial
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\AppData\Local\Datos de programa
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 _SHDL C:\Users\yorbr\AppData\Local\Archivos temporales de Internet
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 ___SD C:\Users\yorbr\AppData\Roaming\Microsoft\SystemCertificates
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 ___SD C:\Users\yorbr\AppData\Roaming\Microsoft\Protect
2023-08-11 20:54 - 2023-08-11 20:54 - 000000000 ___SD C:\Users\yorbr\AppData\Roaming\Microsoft\Credentials
2023-08-11 20:54 - 2023-08-11 20:13 - 000000000 ____D C:\Windows.old
2023-08-11 20:53 - 2023-08-11 20:53 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-08-11 20:28 - 2023-08-11 20:28 - 000000000 ____D C:\Program Files (x86)\Intel
2023-08-11 20:27 - 2017-03-09 02:17 - 013182528 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 012935296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 011460448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 011330576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 001086408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 000975184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 000558728 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 000553424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 000242800 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 000206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2023-08-11 20:27 - 2017-03-09 02:17 - 000051184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2023-08-11 20:27 - 2017-03-09 02:16 - 005925984 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000536664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000463960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000420960 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000300128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000276064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000206944 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2023-08-11 20:27 - 2017-03-09 02:16 - 000193112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2023-08-11 20:27 - 2016-05-19 11:58 - 000017086 _____ C:\WINDOWS\system32\iglhxs64.vp
2023-08-11 20:27 - 2016-05-19 11:44 - 000223664 _____ C:\WINDOWS\system32\Gfxres.th-TH.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000210106 _____ C:\WINDOWS\system32\Gfxres.el-GR.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000194245 _____ C:\WINDOWS\system32\Gfxres.ru-RU.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000166170 _____ C:\WINDOWS\system32\Gfxres.ar-SA.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000163421 _____ C:\WINDOWS\system32\Gfxres.ja-JP.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000159008 _____ C:\WINDOWS\system32\Gfxres.he-IL.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000149682 _____ C:\WINDOWS\system32\Gfxres.it-IT.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000148042 _____ C:\WINDOWS\system32\Gfxres.ko-KR.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000147393 _____ C:\WINDOWS\system32\Gfxres.de-DE.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000147288 _____ C:\WINDOWS\system32\Gfxres.es-ES.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000146004 _____ C:\WINDOWS\system32\Gfxres.ro-RO.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000145491 _____ C:\WINDOWS\system32\Gfxres.fr-FR.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000144645 _____ C:\WINDOWS\system32\Gfxres.tr-TR.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000144260 _____ C:\WINDOWS\system32\Gfxres.pt-BR.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000144020 _____ C:\WINDOWS\system32\Gfxres.nl-NL.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000143932 _____ C:\WINDOWS\system32\Gfxres.hu-HU.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000142882 _____ C:\WINDOWS\system32\Gfxres.sv-SE.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000142877 _____ C:\WINDOWS\system32\Gfxres.pt-PT.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000142717 _____ C:\WINDOWS\system32\Gfxres.pl-PL.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000142289 _____ C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000142008 _____ C:\WINDOWS\system32\Gfxres.fi-FI.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000141838 _____ C:\WINDOWS\system32\Gfxres.sk-SK.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000141049 _____ C:\WINDOWS\system32\Gfxres.hr-HR.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000137889 _____ C:\WINDOWS\system32\Gfxres.sl-SI.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000137784 _____ C:\WINDOWS\system32\Gfxres.nb-NO.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000137141 _____ C:\WINDOWS\system32\Gfxres.da-DK.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000132623 _____ C:\WINDOWS\system32\Gfxres.en-US.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000126300 _____ C:\WINDOWS\system32\Gfxres.zh-TW.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000124650 _____ C:\WINDOWS\system32\Gfxres.zh-CN.resources
2023-08-11 20:27 - 2016-05-19 11:44 - 000000268 _____ C:\WINDOWS\system32\GfxUI.exe.config
2023-08-11 20:27 - 2016-05-19 11:41 - 000059425 _____ C:\WINDOWS\system32\iglhxo64.vp
2023-08-11 20:27 - 2016-05-19 11:41 - 000059398 _____ C:\WINDOWS\system32\iglhxg64.vp
2023-08-11 20:27 - 2016-05-19 11:41 - 000059230 _____ C:\WINDOWS\system32\iglhxc64.vp
2023-08-11 20:27 - 2016-05-19 11:41 - 000059104 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2023-08-11 20:27 - 2016-05-19 11:41 - 000058796 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2023-08-11 20:27 - 2016-05-19 11:41 - 000058109 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2023-08-11 20:27 - 2016-05-19 11:41 - 000001074 _____ C:\WINDOWS\system32\iglhxa64.vp
2023-08-11 20:25 - 2023-08-11 20:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2023-08-11 20:24 - 2023-08-11 20:24 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2023-08-11 20:24 - 2023-08-11 20:24 - 000000000 ____D C:\Program Files\Synaptics
2023-08-11 20:24 - 2016-04-28 01:53 - 000772104 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2023-08-11 20:24 - 2016-04-28 01:53 - 000622784 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2023-08-11 20:24 - 2016-04-28 01:53 - 000430248 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2023-08-11 20:24 - 2016-04-28 01:53 - 000274968 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2023-08-11 20:24 - 2016-04-28 01:53 - 000267440 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31-1.dll
2023-08-11 20:24 - 2016-04-28 01:53 - 000052904 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2023-08-11 20:24 - 2016-04-28 01:53 - 000052904 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2023-08-11 20:24 - 2016-04-28 01:53 - 000052392 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2023-08-11 20:16 - 2023-08-22 17:25 - 001683676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Reciente
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Plantillas
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Mis documentos
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Impresoras
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Entorno de red
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Datos de programa
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\Configuración local
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\ProgramData\Plantillas
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\ProgramData\Escritorio
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\ProgramData\Documentos
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\ProgramData\Datos de programa
2023-08-11 20:09 - 2023-08-11 20:09 - 000000000 _SHDL C:\Program Files\Archivos comunes
2023-08-11 20:07 - 2023-08-11 20:07 - 000000000 ____D C:\WINDOWS\CSC
2023-08-11 20:01 - 2023-09-01 18:22 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-11 20:01 - 2023-09-01 18:22 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-11 20:00 - 2023-09-01 06:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-11 20:00 - 2023-08-12 09:02 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-08-11 20:00 - 2023-08-12 09:02 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-08-11 19:59 - 2023-09-04 15:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-11 19:56 - 2023-09-06 14:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-11 19:56 - 2023-09-04 15:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-11 19:56 - 2023-08-22 17:19 - 000445752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-11 19:56 - 2023-08-11 19:56 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-08-11 19:32 - 2023-08-11 20:13 - 000000000 ___DC C:\WINDOWS\Panther
2023-08-11 18:26 - 2023-08-11 18:26 - 000000000 ____D C:\Intel
2023-08-11 17:45 - 2023-08-11 17:45 - 000000000 _SHDL C:\Archivos de programa
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2023-09-06 14:40 - 2023-05-05 07:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-06 13:56 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-04 12:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-04 12:17 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-28 21:06 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-23 16:46 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-22 17:31 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-22 17:25 - 2019-12-07 10:02 - 000751292 _____ C:\WINDOWS\system32\perfh00A.dat
2023-08-22 17:25 - 2019-12-07 10:02 - 000147478 _____ C:\WINDOWS\system32\perfc00A.dat
2023-08-21 19:31 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-08-21 14:02 - 2019-12-07 04:14 - 000000124 _____ C:\WINDOWS\win.ini
2023-08-21 10:28 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-08-21 10:28 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2023-08-20 15:34 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-16 07:58 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-08-15 11:04 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-12 17:46 - 2019-12-07 10:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-12 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-12 16:41 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2023-08-12 09:35 - 2019-12-07 10:02 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-08-12 09:35 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-08-12 09:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-08-12 09:34 - 2019-12-07 10:05 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-08-12 09:34 - 2019-12-07 10:05 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-08-12 09:34 - 2019-12-07 10:02 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-08-12 09:34 - 2019-12-07 10:02 - 000000000 ____D C:\WINDOWS\system32\es
2023-08-12 09:34 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-08-12 09:34 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-08-12 09:34 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\IME
2023-08-12 09:34 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-08-12 09:34 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-08-12 09:23 - 2019-12-07 10:04 - 000000000 ____D C:\WINDOWS\OCR
2023-08-12 09:19 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-08-11 21:15 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-11 20:56 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-08-11 20:55 - 2019-12-07 04:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-08-11 20:54 - 2019-12-07 04:18 - 000000000 ____D C:\WINDOWS\Setup
2023-08-11 20:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-08-11 20:17 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-08-11 20:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-08-11 20:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\spool
2023-08-11 20:09 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows NT
==================== Archivos en la raíz de algunos directorios ========
2023-08-21 13:27 - 2023-08-21 14:04 - 000000044 _____ () C:\Users\yorbr\AppData\Roaming\MCVi2UserDetail.ini
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Addition.txt
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-08-2023
Ejecutado por yorbr (06-09-2023 15:17:38)
Ejecutado desde C:\Users\yorbr\Desktop
Microsoft Windows 10 Pro Versión 22H2 19045.3324 (X64) (2023-08-12 01:13:30)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-3476101482-3956301388-3476855506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3476101482-3956301388-3476855506-503 - Limited - Disabled)
Invitado (S-1-5-21-3476101482-3956301388-3476855506-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3476101482-3956301388-3476855506-504 - Limited - Disabled)
yorbr (S-1-5-21-3476101482-3956301388-3476855506-1001 - Administrator - Enabled) => C:\Users\yorbr
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 23.003.20284 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Documentos (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\7795ebc0990cced071d014d4a2f6e0de) (Version: 1.0 - Google\Chrome)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
EPSON L110 Series Printer Uninstall (HKLM\...\EPSON L110 Series) (Version: - SEIKO EPSON Corporation)
EPSON L220 Series Printer Uninstall (HKLM\...\EPSON L220 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Gmail (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\56583d37803a6194943d244253c8a038) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.141 - Google LLC)
Google Drive (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\f405e58d0684847c0934fe6032c9feee) (Version: 1.0 - Google\Chrome)
Hojas de cálculo (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\21f89a256c1a9271591a463846d9dbc6) (Version: 1.0 - Google\Chrome)
Microsoft Access MUI (Spanish) 2013 (HKLM\...\{90150000-0015-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft Excel MUI (Spanish) 2013 (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (HKLM\...\{90150000-0044-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (HKLM\...\{90150000-00E1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (HKLM\...\{90150000-00E2-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Spanish) 2013 (HKLM\...\{90150000-002C-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\OneDriveSetup.exe) (Version: 23.169.0813.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Spanish) 2013 (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (HKLM-x32\...\{2757496A-3E74-320A-B007-36120A9F126D}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (HKLM-x32\...\{39E15475-23F2-345D-8977-B5DC47A94E26}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Presentaciones (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\11b040a6513028cfd0ce854f4e8dc85f) (Version: 1.0 - Google\Chrome)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{7D51497F-786F-4695-A0FB-45A5C2CCD74F}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{72C9E028-F9E7-4172-AC45-0C8029B591D5}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{4D556DC4-C08F-4F31-BE84-FE705AABA288}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{6426C68E-311A-43CE-86C1-98A8A397F315}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{B39009D8-2648-44FF-B603-2A8234E219B1}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6670E5F0-8543-49D7-BFAD-124F7AB659D2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{FC62B217-264F-43AA-8389-97AC35035184}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version: - Microsoft) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.69 - Microsoft Corporation)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\19a18a84825920e36515f868f493d76e) (Version: 1.0 - Google\Chrome)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-15] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-09-01] (Spotify AB) [Startup Task]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-3476101482-3956301388-3476855506-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3476101482-3956301388-3476855506-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3476101482-3956301388-3476855506-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 0
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Ningún archivo
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Documentos.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hojas de cálculo.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presentaciones.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\yorbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\yorbr\Downloads\avg_antivirus_free_setup.exe:MBAM.Zone.Identifier [211]
AlternateDataStreams: C:\Users\yorbr\Downloads\avira_es_asu70_1939998603-1692641772__ws.exe:MBAM.Zone.Identifier [182]
AlternateDataStreams: C:\Users\yorbr\Downloads\esetonlinescanner.exe:MBAM.Zone.Identifier [179]
AlternateDataStreams: C:\Users\yorbr\Downloads\L110_X64_15403_LA.exe:MBAM.Zone.Identifier [135]
AlternateDataStreams: C:\Users\yorbr\Downloads\mcafee_trial_setup_433.0207.3919_key.exe:MBAM.Zone.Identifier [198]
AlternateDataStreams: C:\Users\yorbr\Downloads\PANDAFREEAV.exe:MBAM.Zone.Identifier [157]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\33923370.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\97715096.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\33923370.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\97715096.sys => ""="Driver"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2021-08-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-12-07 04:14 - 2019-12-07 04:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está deshabilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_58992619F6E4F819D3BB769FBE5D02CB"
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3476101482-3956301388-3476855506-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{847DAC98-C465-42EE-8CF1-F5F00F4A7D90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF8AB41B-643C-479A-B3D3-2F7037AB126F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9E5FF88-E5FB-4588-82E5-80A0DC310047}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4BE80AAC-26E6-40EC-A8E0-28A250406101}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC736E1B-9E35-41C5-8316-8145DE98FA1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{794EF537-A8B7-4709-94C9-CE7AC3029738}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43812F93-55B7-473F-9E0A-E40D4A568054}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B10E092-BA86-49D5-B5B9-1C70AF7FC9BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA645D35-1DD7-480D-9CCD-BF1AD13E2264}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6098D1AB-29CE-4A79-9496-BC50E3B0F650}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{24ACEF1E-26B7-4B26-8B1B-712716FC70BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A1911FD9-CC77-46CE-BD8D-1B8D9D6B4C0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E0C4D726-F6FE-493E-8DEC-B404135C2498}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0F8D43A8-B1E6-4D83-BF82-F9FEDCE3E66A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20095D92-EEFA-4AFD-98CE-72BF5B1888B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{41F87DA4-F430-46F4-B9E7-58F69159F7D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Puntos de Restauración =========================
01-09-2023 12:49:49 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo base del sistema
Description: Dispositivo base del sistema
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (09/04/2023 12:27:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en (C:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 12:12:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Yordy (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 12:12:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en \\?\Volume{ab30a3b6-0000-0000-0000-100000000000}\ debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 12:00:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Yordy (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 12:00:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en \\?\Volume{ab30a3b6-0000-0000-0000-100000000000}\ debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 11:32:40 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Yordy (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 11:32:39 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en \\?\Volume{ab30a3b6-0000-0000-0000-100000000000}\ debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Error: (09/04/2023 11:28:04 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Yordy (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Errores del sistema:
=============
Error: (09/04/2023 03:50:02 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Se activó el temporizador de vigilancia del sistema.
Error: (09/04/2023 03:50:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 12:52:09 p. m. del 04/09/2023 resultó inesperado.
Error: (09/03/2023 08:41:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P0LBTME)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (09/03/2023 08:41:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P0LBTME)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (09/03/2023 08:41:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P0LBTME)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (09/03/2023 08:41:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P0LBTME)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (09/03/2023 08:41:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P0LBTME)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (09/03/2023 08:41:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P0LBTME)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
================
Date: 2023-09-06 13:58:50
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {26F53AA4-A3F0-49F3-850F-0528DB364B39}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2023-09-04 09:55:16
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {81480500-94D1-4D89-8F1B-319376FE3C61}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2023-09-03 13:18:28
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {3A34A3DB-218F-43BC-9917-53F785023792}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2023-09-01 06:54:53
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {E315D4AB-D202-4AA2-A2A8-6F90A9D911D8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2023-08-29 17:10:43
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {78B28CF9-371F-4793-8C05-0B13123CE6D4}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-08-20 15:24:13
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico.
Versión de inteligencia de seguridad: 1.395.613.0;1.395.613.0
Versión del motor: 1.1.23070.1005
Date: 2023-08-20 15:11:39
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico.
Versión de inteligencia de seguridad: 1.395.613.0;1.395.613.0
Versión del motor: 1.1.23070.1005
Date: 2023-08-12 21:23:57
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico.
Versión de inteligencia de seguridad: 1.395.227.0;1.395.227.0
Versión del motor: 1.1.23070.1005
Date: 2023-08-12 20:55:02
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Copia de seguridad
Código de error: 0x80070008
Descripción del error: No hay suficientes recursos de memoria disponibles para procesar este comando.
Versión de inteligencia de seguridad: 1.303.25.0;1.303.25.0
Versión del motor: 1.1.16400.2
Date: 2023-08-12 20:55:00
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80004004
Descripción del error: Operación anulada
Versión de inteligencia de seguridad: 1.395.227.0;1.395.227.0
Versión del motor: 1.1.23070.1005
CodeIntegrity:
===============
Date: 2023-09-06 13:56:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-29 15:15:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-21 19:03:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-21 13:56:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Información de la memoria ===========================
BIOS: Hewlett-Packard F.28 01/23/2013
Placa base: Hewlett-Packard 3585
Procesador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Porcentaje de memoria en uso: 44%
RAM física total: 8139.86 MB
RAM física disponible: 4507.2 MB
Virtual total: 9419.86 MB
Virtual disponible: 5673.5 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:145.61 GB) (Free:86.03 GB) (Model: ST9500325AS) NTFS
Drive d: (Yordy) (Fixed) (Total:319.28 GB) (Free:299.25 GB) (Model: ST9500325AS) NTFS
\\?\Volume{ab30a3b6-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
\\?\Volume{ab30a3b6-0000-0000-0000-107d24000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AB30A3B6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=543 MB) - (Type=27)
Partition 4: (Not Active) - (Size=319.3 GB) - (Type=0F Extended)
==================== Final de Addition.txt =======================