18:43:09.0731 0x0d58 C:\Windows\apppatch\AcLayers.dll - ok
18:43:09.0731 0x0d58 [ 57754697EEA9C8072F5B56569297F14F, 281B79F21264F2ADF34A5403572BC0CBF2F693C245E93DC5B1A63A1923319982 ] C:\Windows\SysWOW64\mpr.dll
18:43:09.0731 0x0d58 C:\Windows\SysWOW64\mpr.dll - ok
18:43:09.0731 0x0d58 [ E5C0AC531CE6D06F97428B2E4BD28A5D, 41372707A2EC9B9C7CDFA8ADA02B8F9E5F552B5512A6FBE8B51709DAC976402D ] C:\Windows\SysWOW64\setupapi.dll
18:43:09.0731 0x0d58 C:\Windows\SysWOW64\setupapi.dll - ok
18:43:09.0747 0x0d58 [ 4DDF32E2711371B72C7246E7D05B9641, 88AE96FFB87956F0D00E59FBE53830A264D88A1437EDF5BE791801A938CFEF49 ] C:\Windows\System32\wdscore.dll
18:43:09.0747 0x0d58 C:\Windows\System32\wdscore.dll - ok
18:43:09.0747 0x0d58 [ 0B65BDE2AC08B248DED5B739DCF57E63, E99E7617ABAF6A17F72D4126079E5A2E349D75C677B9FD010CF56626F02AE3C0 ] C:\Windows\System32\DismApi.dll
18:43:09.0747 0x0d58 C:\Windows\System32\DismApi.dll - ok
18:43:09.0762 0x0d58 [ 3AA79A83EC7D1B16D296029035A9C399, 4674894D18CE9026CA54AFA9556987023C14A92EC24AFCB29030B80ABF7E0535 ] C:\Windows\SysWOW64\sfc.dll
18:43:09.0762 0x0d58 C:\Windows\SysWOW64\sfc.dll - ok
18:43:09.0762 0x0d58 [ 7FF0D8E4512C58D37E47B032132F7F25, 62C4164B4338A8E5BCDDFEC3A0B8633749E38DDCBBB0A861A7582832294CDD15 ] C:\Program Files\Common Files\microsoft shared\ClickToRun\msix.dll
18:43:09.0762 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\msix.dll - ok
18:43:09.0778 0x0d58 [ 5EAE5BC3046C408C07CE64C64D4A038D, 02FBDE0D81DC656300D7F21F69B7F4EF5ABB35376EBCE87F62E83E50E94CCBFA ] C:\Windows\SysWOW64\winspool.drv
18:43:09.0778 0x0d58 C:\Windows\SysWOW64\winspool.drv - ok
18:43:09.0778 0x0d58 [ F423198F11017AF95439061D38D8264E, F7F6EDE7CEE0C5A5BB4E4E44CA004661931FF91C7C41F08EA41E181A74B1E741 ] C:\Windows\SysWOW64\cfgmgr32.dll
18:43:09.0778 0x0d58 C:\Windows\SysWOW64\cfgmgr32.dll - ok
18:43:09.0793 0x0d58 [ 48994408B15CD74AE1A4E7CFA1A1762E, A4C5E8CC506843B61695E4A0DCD843EC1D8B6C824621528EE033ED2E67C44307 ] C:\Windows\SysWOW64\sfc_os.dll
18:43:09.0793 0x0d58 C:\Windows\SysWOW64\sfc_os.dll - ok
18:43:09.0809 0x0d58 [ FC0E1D121CDDED19E7B98CD995BDE281, 7CCC472997DC3D5080CAC6918BBD7BA172A4E674F59B5721E7487CD9B101D64D ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll
18:43:09.0809 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll - ok
18:43:09.0809 0x0d58 [ B4BE272187CB85E719DFB5BF48BB9B1B, CCAF41E616B9A872D35C8083CBF8FDC14371FA3EF159FE699514643C26A4EBF3 ] C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-private-l1-1-0.dll
18:43:09.0809 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-private-l1-1-0.dll - ok
18:43:09.0825 0x0d58 [ 1C03D1935B5892738A188BA40CD5A223, D656C21853E185FEB04C0DECC52DF277ED9D214E9FFA31B86ED34C682E1B5730 ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVPolicy.dll
18:43:09.0825 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVPolicy.dll - ok
18:43:09.0825 0x0d58 [ 8816F87759FE47FB26AF298166D575F4, F10BA0D80923ECE4CD7BC6250A55A768E3825620A57950C681B280C608BE4EF1 ] C:\Windows\SysWOW64\comdlg32.dll
18:43:09.0825 0x0d58 C:\Windows\SysWOW64\comdlg32.dll - ok
18:43:09.0840 0x0d58 [ C3D8AE69A5EA63246D00144C12829E4B, AAE36B6F674484BE8605F719B0AD743C73B3DCE1FFCC26B8AE239D043340641C ] C:\Windows\SysWOW64\msimg32.dll
18:43:09.0840 0x0d58 C:\Windows\SysWOW64\msimg32.dll - ok
18:43:09.0840 0x0d58 [ F71DF906B8B16C3AF4CFAA1569ADB399, FD960D37E28ADC505E9B9EAF2ADD49AC2D8198B741198E16A2E10CB857CB40B6 ] C:\Windows\System32\aepic.dll
18:43:09.0840 0x0d58 C:\Windows\System32\aepic.dll - ok
18:43:09.0856 0x0d58 [ 0884821E75B789D14FAA4757A7F31880, 1EBB321CBFECEB8EB13045118F09D43B94BC0172CDD185FBB3DFFE58D7DA10AB ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVOrchestration.dll
18:43:09.0856 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVOrchestration.dll - ok
18:43:09.0856 0x0d58 [ A68878CD59D96AAEEB04E735CE232B4B, 47E21CD0E28E07299E00B890A0DA080C60ECD0C20A3E41B38C0FF320D6D99564 ] C:\Windows\System32\srumapi.dll
18:43:09.0856 0x0d58 C:\Windows\System32\srumapi.dll - ok
18:43:09.0872 0x0d58 [ 357F46C3DFF7D28A3A6C684E101CFDE0, C987F778C3505209936D7EFFC6A55995AE12DB92479550D055E537F950FA6DFD ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19394_none_a9f59c4f01325ed5\comctl32.dll
18:43:09.0872 0x0d58 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.19394_none_a9f59c4f01325ed5\comctl32.dll - ok
18:43:09.0872 0x0d58 [ 4D3D26E3DEE4398C1127903171CEB1C3, 3F54DC6589030EA96E0022E2A36624D9F8ABA31A0940DB4F2DA3773739F5FD3C ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvStreamingManager.dll
18:43:09.0872 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvStreamingManager.dll - ok
18:43:09.0887 0x0d58 [ B0EDCA1168C874812A180EBCD1A43EB5, 0690E2A9D5B3D9481069D4B9B290C107FDC555422F2AE4B135816F95DB57932F ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_7c5b6194aa0716f1\comctl32.dll
18:43:09.0887 0x0d58 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_7c5b6194aa0716f1\comctl32.dll - ok
18:43:09.0887 0x0d58 [ D023F5A978068127DAB7AA62CF29EBBB, A4C75C9F3926F4C5709BCA21638480192F70C5631B80AB9E603C97BF33F5C53C ] C:\Windows\SysWOW64\crypt32.dll
18:43:09.0887 0x0d58 C:\Windows\SysWOW64\crypt32.dll - ok
18:43:09.0903 0x0d58 [ 18EBC0DA472B1EFC4E8F6B6627CFFC93, 624AB9C6838A88550AD5D906E86829778B5A9FCE09A55A67EADCBB5806058C98 ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVManifest.dll
18:43:09.0903 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVManifest.dll - ok
18:43:09.0903 0x0d58 [ E4F84B855CF1D9AC90AC7BD5CD8FCA44, 99B09A9FC6F6C3862C355840236698C53144334E55782EB914DE4A411CE87B0F ] C:\Windows\SysWOW64\oleacc.dll
18:43:09.0903 0x0d58 C:\Windows\SysWOW64\oleacc.dll - ok
18:43:09.0918 0x0d58 [ 0993A392DF7DAFCF2387FEAF86B6E06C, 9D6EC5BC9D05D3FDEB9BFE182F87917CEB80694698B82EC087AC12DC0F6EEEAA ] C:\Windows\SysWOW64\uxtheme.dll
18:43:09.0918 0x0d58 C:\Windows\SysWOW64\uxtheme.dll - ok
18:43:09.0918 0x0d58 [ CF282DDD8D2CD281B2AFB341BBBC7F8A, 91CC31C10BAC6B042855D8A48C854BA57B8E2085CA427786416F418F3597860B ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVCatalog.dll
18:43:09.0918 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVCatalog.dll - ok
18:43:09.0934 0x0d58 [ 758CEA3769009FCCE8D42213CE683887, C1F884D34F0BFFEDAE40EDD1DC2C4ACB271180B03E2CC616CCD784817418E388 ] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.20239_none_c40c6f66757228ad\GdiPlus.dll
18:43:09.0934 0x0d58 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.20239_none_c40c6f66757228ad\GdiPlus.dll - ok
18:43:09.0934 0x0d58 [ B5DA8C6339AC4FE30DAB6BE4CA4FB8F5, 6677F595565CC80AD6CC46DDA9760FFB1C5D02CDD3A36CB525F5A96D8EDC601C ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvVirtualization.dll
18:43:09.0934 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvVirtualization.dll - ok
18:43:09.0950 0x0d58 [ 0CD7F8CAA8AE75827CFD07EDA964903D, 2FCDAE0965D3C4A8BCEB7C2B1C81CBEAB201B931B0646EEE4726A36404599C3D ] C:\Windows\SysWOW64\wininet.dll
18:43:09.0950 0x0d58 C:\Windows\SysWOW64\wininet.dll - ok
18:43:09.0950 0x0d58 [ 59452E147C6A5D055E5EBCB6B8E99CB7, 191594B8F37A78F673B0A384AF79594268943A6748D1D1C9D3DE947555669197 ] C:\Windows\SysWOW64\imm32.dll
18:43:09.0950 0x0d58 C:\Windows\SysWOW64\imm32.dll - ok
18:43:09.0965 0x0d58 [ C01CC0200F3D889C68B503C68049FF62, 326BCB85652C67780D0193D78D5BAB30E3668E6BCBCFFCFF304751B2F4518F54 ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIntegration.dll
18:43:09.0965 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIntegration.dll - ok
18:43:09.0965 0x0d58 [ D3E5FBC4B4A87DB1036C431C90694D3B, 3B9F2D7AE2B8BF00B7E39C572AF3B41C77C93E378AF4FFCFB80DEAD587BB8E5E ] C:\Windows\SysWOW64\winmm.dll
18:43:09.0965 0x0d58 C:\Windows\SysWOW64\winmm.dll - ok
18:43:09.0965 0x0d58 [ 5C63124CB3259A3D5880427663E911BA, A58AD9D5AFBCBB9A72715B69D1359FB1128195EF414B7E888B522F3EC9692DF9 ] C:\Windows\SysWOW64\netutils.dll
18:43:09.0981 0x0d58 C:\Windows\SysWOW64\netutils.dll - ok
18:43:09.0981 0x0d58 [ A52FDD81E3FACC0518928E432C28E5F0, 2F6CCF279EE98EBA436B82B94C17B63C7D0526CE63E5F7601B18473CC1DF6264 ] C:\Windows\SysWOW64\wintrust.dll
18:43:09.0981 0x0d58 C:\Windows\SysWOW64\wintrust.dll - ok
18:43:09.0981 0x0d58 [ 11511C29D03AEC685DDD78BD122D9486, 011BC552C3D53F49A55F83094D88382F5E192993781856C8CDF9B2AFE76CC095 ] C:\Windows\SysWOW64\srvcli.dll
18:43:09.0981 0x0d58 C:\Windows\SysWOW64\srvcli.dll - ok
18:43:09.0997 0x0d58 [ 5F98A9C985171CD6F7B709B4727F802E, 238A45614B67A38FACF98730B2B5E316B424F79B4AD591EDDB6EC52460C3265C ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvSubsystemController.dll
18:43:09.0997 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvSubsystemController.dll - ok
18:43:09.0997 0x0d58 [ F14DE8865DDA8E8F25D6DD77055B87FC, DB927933FAF1DCBC4153DBAA0F050F6A0AE35FF551CB89C72C7CDE4338C2570E ] C:\Windows\SysWOW64\wkscli.dll
18:43:09.0997 0x0d58 C:\Windows\SysWOW64\wkscli.dll - ok
18:43:10.0012 0x0d58 [ 40A9F8D687A37A2C034EB21832B4422C, 09BA6B60BE2C941A1749BA996097C2D000A55A454A42855514D635E8F53EC7A5 ] C:\Windows\SysWOW64\nsi.dll
18:43:10.0012 0x0d58 C:\Windows\SysWOW64\nsi.dll - ok
18:43:10.0012 0x0d58 [ 937C157EE46E0510C9796416DF312CEB, 8DE40ACA2224059DF6B12C78075712FA30C3C0F6AA52F42F65CE07BA48DF3540 ] C:\Windows\SysWOW64\profapi.dll
18:43:10.0012 0x0d58 C:\Windows\SysWOW64\profapi.dll - ok
18:43:10.0028 0x0d58 [ 299AB3A403E137F5626349009DCB4ED2, E65E13DCC7EE5A136A069B845045457265D07AB418A152855CE6EE96CB31862C ] C:\Windows\SysWOW64\msctf.dll
18:43:10.0028 0x0d58 C:\Windows\SysWOW64\msctf.dll - ok
18:43:10.0028 0x0d58 [ 97F6806A9E9E36C14C319218DDD82B8B, D4746BA7D785DFB1FC625D52B0DEF75C72BD980E0891732009155610D2EC8774 ] C:\Windows\SysWOW64\winnsi.dll
18:43:10.0028 0x0d58 C:\Windows\SysWOW64\winnsi.dll - ok
18:43:10.0028 0x0d58 [ 209FEA49A8A7D43AEF2444025EF1FDFA, 22C0411FA8298C80DD3B93778FD81FA2DE8FEAA8F299BA06ADD78CD6DAC2E3D0 ] C:\Windows\SysWOW64\msasn1.dll
18:43:10.0028 0x0d58 C:\Windows\SysWOW64\msasn1.dll - ok
18:43:10.0043 0x0d58 [ 75EB6ED62567CED8C9749ED05261504E, 602872FC6C7595FA3857F7EDE9CF593572B5BD02CD6AD7374C85EC0EAF541708 ] C:\Windows\SysWOW64\winmmbase.dll
18:43:10.0043 0x0d58 C:\Windows\SysWOW64\winmmbase.dll - ok
18:43:10.0043 0x0d58 [ 47DF99FE851DB855C5507328F660DCF5, 15646E0312A8AC15305EFB382CE658CA37E6D4E4B73F93387589FD1D8139E3DB ] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVFileSystemMetadata.dll
18:43:10.0043 0x0d58 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVFileSystemMetadata.dll - ok
18:43:10.0059 0x0d58 [ 91F9789E2874EBBAA8A16C06EA4160A6, 6D60E84E9F9CD95CD5C2FCDD751D6F31829F3A8C87163AD7EAE07165BACF9F0B ] C:\Windows\SysWOW64\iertutil.dll
18:43:10.0059 0x0d58 C:\Windows\SysWOW64\iertutil.dll - ok
18:43:10.0059 0x0d58 [ C54E60CE4D57C30B9B239DFE0E7737D5, D194B685AB2535C60F0AD309EF002F940615E97B5A2D3D6CBFEA58D54F2A98DB ] C:\Windows\SysWOW64\bcrypt.dll
18:43:10.0059 0x0d58 C:\Windows\SysWOW64\bcrypt.dll - ok
18:43:10.0075 0x0d58 [ BD20A262D8FBF8D667867B3414AA07D5, 91EE1EADB97584ED9039BB39F1209C5635D8BC71AF2673503E2F7CC45551E328 ] C:\Windows\SysWOW64\devobj.dll
18:43:10.0075 0x0d58 C:\Windows\SysWOW64\devobj.dll - ok
18:43:10.0075 0x0d58 [ 003EFF1DD70E56136B7BCCA365173276, 94B8CB1A796FAE827928D293DB1E9A019874E158E3667A7588D7F35278B012F1 ] C:\Windows\SysWOW64\dwmapi.dll
18:43:10.0075 0x0d58 C:\Windows\SysWOW64\dwmapi.dll - ok
18:43:10.0090 0x0d58 [ A0DDFE3DB78F8CD55F369DB3FA52E6AE, 42BDE475AC680D6D533CD7EFF6B9D672361700A55D27FAE9909C1A87C67A59E1 ] C:\Windows\SysWOW64\cscapi.dll
18:43:10.0090 0x0d58 C:\Windows\SysWOW64\cscapi.dll - ok
18:43:10.0090 0x0d58 [ 97CB4A0C007947349F65B81F160E59A9, 440CC90AB8B1A164A1C81B18F522AFF719AAEE35A545D6A3C475E1D07CB63C87 ] C:\Program Files\Elantech\ETDService.exe
18:43:10.0090 0x0d58 C:\Program Files\Elantech\ETDService.exe - ok
18:43:10.0106 0x0d58 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:43:10.0106 0x0d58 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
18:43:10.0106 0x0d58 [ B7EFBA346A67900B1183949DC151827E, 0438249C414BD1EDDA7CFF2C19419B05996D187A1DBF3C2D065B4519DF80E30F ] C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
18:43:10.0106 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe - ok
18:43:10.0122 0x0d58 [ DED882AB2226120E1290C964A138F896, 003FE72E3E72F967249516FB6DFDA2AB6FADC5CEEDF5F577DBD6BD857E6ACAC5 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
18:43:10.0122 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll - ok
18:43:10.0122 0x0d58 [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
18:43:10.0122 0x0d58 C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe - ok
18:43:10.0137 0x0d58 [ 32E390954B2C6B1583A969ED0E7C8A9D, BCB4E8143322025F1B4C66E75DBFFF0495338B617C103B0AC14299D5BADD4185 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\msvcp100.dll
18:43:10.0137 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\msvcp100.dll - ok
18:43:10.0137 0x0d58 [ DC92F2679C42C19C3D86B7CBF4B14829, 30DF60588A24B5933BC225A090080C37D34712737C9A96612C0E1144614CA082 ] C:\Windows\System32\Windows.Networking.Connectivity.dll
18:43:10.0137 0x0d58 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
18:43:10.0153 0x0d58 [ 05E1629EAA9E229D114DE98A41056EB3, F4E72A4CA02C70CDA50BB01735865AB120AE32222597C6DCF1DFF4F52380BFC7 ] C:\Windows\System32\bthprops.cpl
18:43:10.0153 0x0d58 C:\Windows\System32\bthprops.cpl - ok
18:43:10.0153 0x0d58 [ 2B92A88E329F4845D31941967A3BAA90, 649A7AB8E3B5C0940812E40EAFC8F004979BB48BFC8F4BC7DB9F2CBCDD715344 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\msvcr100.dll
18:43:10.0153 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\msvcr100.dll - ok
18:43:10.0168 0x0d58 [ 55C455CC2E4813F1700731374F947435, ED5A826A4452E0CB199F9432C47EAA2547B3263E86B8BB5CAE6B7AF95546A29B ] C:\Windows\System32\BluetoothApis.dll
18:43:10.0168 0x0d58 C:\Windows\System32\BluetoothApis.dll - ok
18:43:10.0168 0x0d58 [ EF3625A402C6C7660F66EB2C148FECAE, 0456014B9314940882F6BA64A44E70CB48F6B33ACA6CF7CE182EC94BD882F9E2 ] C:\Windows\System32\drivers\mrxsmb10.sys
18:43:10.0168 0x0d58 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:43:10.0184 0x0d58 [ 1D8F0719A9D69DC7F047C07E615E27BE, 36F7AD1FE3469404887AD5B2143455BB67694C64C0F1C255756704D21A254DA8 ] C:\Windows\SysWOW64\winsta.dll
18:43:10.0184 0x0d58 C:\Windows\SysWOW64\winsta.dll - ok
18:43:10.0184 0x0d58 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] C:\Windows\System32\drivers\Ndu.sys
18:43:10.0184 0x0d58 C:\Windows\System32\drivers\Ndu.sys - ok
18:43:10.0200 0x0d58 [ 10D35971E29936AE422A9C728014E761, 7B1547312663D50D72B76A7C13A01E532F41132A8E108AF5C6C086B456C86ACA ] C:\Windows\System32\pcasvc.dll
18:43:10.0200 0x0d58 C:\Windows\System32\pcasvc.dll - ok
18:43:10.0215 0x0d58 [ 627AEF76D7ADD6692D7B61038FE29072, 1AA1A943490A83C41679C8F881B75BB418304451D1F36AB1DDE19AD8D83721BF ] C:\Windows\System32\nlasvc.dll
18:43:10.0215 0x0d58 C:\Windows\System32\nlasvc.dll - ok
18:43:10.0215 0x0d58 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] C:\Windows\System32\HPZinw12.dll
18:43:10.0215 0x0d58 C:\Windows\System32\HPZinw12.dll - ok
18:43:10.0231 0x0d58 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] C:\Windows\System32\drivers\PEAuth.sys
18:43:10.0231 0x0d58 C:\Windows\System32\drivers\PEAuth.sys - ok
18:43:10.0231 0x0d58 [ AD0579E0D3A73D5E9D0AFD49DDA4075C, D649EF4A920E0FA4E51A00BFC736FD99DAAE987095BF97F23697F2B6B2040317 ] C:\Windows\System32\ncsi.dll
18:43:10.0231 0x0d58 C:\Windows\System32\ncsi.dll - ok
18:43:10.0247 0x0d58 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] C:\Windows\System32\HPZipm12.dll
18:43:10.0247 0x0d58 C:\Windows\System32\HPZipm12.dll - ok
18:43:10.0247 0x0d58 [ ED9AE6DCF05688AFD41D5DE5897E58A7, 19F28B126E24321A3CDB5935EF566F386143EFC75D4DEE366588FA455A42A316 ] C:\Windows\System32\ssdpapi.dll
18:43:10.0247 0x0d58 C:\Windows\System32\ssdpapi.dll - ok
18:43:10.0262 0x0d58 [ D540461FE5B752BCB967FDE979B9E712, BA3659CC4FA42E6F649CF44833B733C02978171F112AC0B6B4E14565A7E7DC34 ] C:\Windows\System32\drivers\srvnet.sys
18:43:10.0262 0x0d58 C:\Windows\System32\drivers\srvnet.sys - ok
18:43:10.0278 0x0d58 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
18:43:10.0278 0x0d58 C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe - ok
18:43:10.0278 0x0d58 [ F1EEBAFC8DB948A7089CD1B8152548DC, 71C13C910A8560CECBEC486ECAD27C254F7EAE471C63A9F549E11BAA8CFBE82B ] C:\Windows\SysWOW64\ws2_32.dll
18:43:10.0278 0x0d58 C:\Windows\SysWOW64\ws2_32.dll - ok
18:43:10.0293 0x0d58 [ 5A540777BD31438E397ED863AED1A5B9, FB1D20AE19BE2572E15972A2FB43B031D9CA244FE8A765AC699083BEE9B51E12 ] C:\Windows\SysWOW64\mswsock.dll
18:43:10.0293 0x0d58 C:\Windows\SysWOW64\mswsock.dll - ok
18:43:10.0293 0x0d58 [ D1D7C8EA7A0E3DAC58C69CD5BD431644, 63A92B2A5C99F4C339BC55BA45B61D0CD6A4E4970B6BA9613B7B0E19771E4CD1 ] C:\Windows\System32\AtBroker.exe
18:43:10.0293 0x0d58 C:\Windows\System32\AtBroker.exe - ok
18:43:10.0309 0x0d58 [ 7E10190F9497903EC69714D721809F8F, B0863D305A74C6C74657CC57B3F1C21A829D7A6183A9F38FDC5BFED9CF320E10 ] C:\Windows\System32\taskhostex.exe
18:43:10.0309 0x0d58 C:\Windows\System32\taskhostex.exe - ok
18:43:10.0309 0x0d58 [ 984BB09C73A8CFB8FB2372119D1E1F14, 739548258DF751DD312CAF5B9D9D1A2B33BBABEC5B19CC22F7A459E36CC6ACEE ] C:\Program Files\Elantech\ETDCtrl.exe
18:43:10.0309 0x0d58 C:\Program Files\Elantech\ETDCtrl.exe - ok
18:43:10.0325 0x0d58 [ 771254B2F023F50ED9C408B91D54B9D2, EAF455BFAC6F4487BD6E8AC4BEF4BC86C51C516C5F5573C9F2119CB3AACC4D93 ] C:\Windows\System32\wiaservc.dll
18:43:10.0325 0x0d58 C:\Windows\System32\wiaservc.dll - ok
18:43:10.0325 0x0d58 [ 4C8091317136ADD557F96BE56818B7CA, 062F0A719D7A89F29503DE0FC4435D493B5170C8E923CE2BEB119FF47FAA8471 ] C:\Windows\System32\PlaySndSrv.dll
18:43:10.0325 0x0d58 C:\Windows\System32\PlaySndSrv.dll - ok
18:43:10.0340 0x0d58 [ 5C131534A3EA4A461A793FB507A8004F, 016B8F2067D9A18B5D14F33C8ED98D61EA7C63FD53AF5B25B117E2E982E5B780 ] C:\Windows\System32\userinit.exe
18:43:10.0340 0x0d58 C:\Windows\System32\userinit.exe - ok
18:43:10.0356 0x0d58 [ 6AB4D58AF5A3FC9A515F048DC324656E, DE0CAEB579B9B96E2A1B18E0BD248C6AADF7419A510AB612C77AF412BE4697F6 ] C:\Windows\System32\userinitext.dll
18:43:10.0356 0x0d58 C:\Windows\System32\userinitext.dll - ok
18:43:10.0356 0x0d58 [ D094FB74F3896A59812B2DA66A276F92, C82CA652A0D8176B58BF5A06572BE557648D1C3EB85958EEA1606A090681E558 ] C:\Program Files (x86)\Samsung\Settings\sSettings.exe
18:43:10.0356 0x0d58 C:\Program Files (x86)\Samsung\Settings\sSettings.exe - ok
18:43:10.0372 0x0d58 [ ED6B4C95E2A6D67480B9DBB8A8E7D9B4, D2FAF086A07A6A72461D62AA9CCD4B18E4C6B4DE253236EFBA339B5920844FAE ] C:\Windows\explorer.exe
18:43:10.0372 0x0d58 C:\Windows\explorer.exe - ok
18:43:10.0372 0x0d58 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] C:\Windows\System32\drivers\tcpipreg.sys
18:43:10.0372 0x0d58 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:43:10.0387 0x0d58 [ C40E36CED66A4C7A3865B70D71DDDE21, DD0F5F46A7984AB4A12355DA252CF7EEDD2CD6AC4C5B058CB01D1549B031286A ] C:\Windows\System32\MsCtfMonitor.dll
18:43:10.0387 0x0d58 C:\Windows\System32\MsCtfMonitor.dll - ok
18:43:10.0387 0x0d58 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] C:\Windows\System32\trkwks.dll
18:43:10.0387 0x0d58 C:\Windows\System32\trkwks.dll - ok
18:43:10.0403 0x0d58 [ 141D8175EA550B4EBA97AB3CB862CECB, D6E1B9DB9BAD683E986F004838B36209281C1668406AD5354970F40880B6F65C ] C:\Windows\System32\wiatrace.dll
18:43:10.0403 0x0d58 C:\Windows\System32\wiatrace.dll - ok
18:43:10.0403 0x0d58 [ E965C5047EB390085FFA4865C03393AA, C898993F4DC23A1A799387AF70DC0ECF16989A4DA8F64410C3DAD004364F72D5 ] C:\Windows\System32\msutb.dll
18:43:10.0403 0x0d58 C:\Windows\System32\msutb.dll - ok
18:43:10.0418 0x0d58 [ B697FDBB1C43037EEDEDF725D422E991, C419BF61BBD8866A490369B17EBE08D3D3895165C0A588BE2C16AE257B243E26 ] C:\Windows\System32\sysmain.dll
18:43:10.0418 0x0d58 C:\Windows\System32\sysmain.dll - ok
18:43:10.0418 0x0d58 [ C6AE71CD6DDBDCE79B512E24EA8EEA47, CBFB6330B588F4D32B2E1C0FA53CBB147024655A4353C2B02F1BCAD1A4D589E2 ] C:\Windows\System32\SearchIndexer.exe
18:43:10.0418 0x0d58 C:\Windows\System32\SearchIndexer.exe - ok
18:43:10.0434 0x0d58 [ 80644B29E2B93A2967E72A3E0E948EA3, 8BE6A91ECC8118F284C2CCD66DE4DA66DB05414F84127A3373E6878F13DE5C89 ] C:\Windows\System32\wbem\WMIsvc.dll
18:43:10.0434 0x0d58 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:43:10.0450 0x0d58 [ 1368D363230AF9C11724F21AC8E5E483, A96043AE3C7C4ACA103DFBCB07A8C19741A6BAAFC389844128458F562B17A28A ] C:\Windows\System32\rasadhlp.dll
18:43:10.0450 0x0d58 C:\Windows\System32\rasadhlp.dll - ok
18:43:10.0450 0x0d58 [ 588E31ED4A896F24E63729FB894055CB, 908871C2D2EFD99DCDC78C2AC45917B58897AA0085518F7D1139A09A335B185D ] C:\Windows\System32\deviceassociation.dll
18:43:10.0450 0x0d58 C:\Windows\System32\deviceassociation.dll - ok
18:43:10.0465 0x0d58 [ 8DCA194537A715C12ED17E8B2FE16301, C8D764CD7E8CF4BF4FE378DADCC006D75F029FBBC6D865EC1D2724322FF8AF66 ] C:\Windows\System32\wsdchngr.dll
18:43:10.0465 0x0d58 C:\Windows\System32\wsdchngr.dll - ok
18:43:10.0465 0x0d58 [ 2D7C8C02B47994A97F73C57B348E2D69, 85FC090D600E1247662332199CC15BF69E38CE739022C6538D1E9156A6AEBA2E ] C:\Windows\System32\TpmTasks.dll
18:43:10.0465 0x0d58 C:\Windows\System32\TpmTasks.dll - ok
18:43:10.0481 0x0d58 [ BDA5CD250A302AF98130985110997801, 2A911AED902378521A4B12A2F4251FA5559B8E59200CF6A16BD71B6B2443EBA1 ] C:\Windows\System32\tbs.dll
18:43:10.0481 0x0d58 C:\Windows\System32\tbs.dll - ok
18:43:10.0481 0x0d58 [ 850BFE638F441CB50FABD505D97787B0, 1A02BB97E93F135AA65079449ED8B95455E77982A0B3122E6B57244CA1FE187D ] C:\Windows\System32\tquery.dll
18:43:10.0481 0x0d58 C:\Windows\System32\tquery.dll - ok
18:43:10.0497 0x0d58 [ FBDF4C762766E7BE656A1F000372DF83, 7CE1985351EE787951FE687F5F5D07493C25B9DD93AA055A26330E43C54D9BF3 ] C:\Windows\System32\fundisc.dll
18:43:10.0497 0x0d58 C:\Windows\System32\fundisc.dll - ok
18:43:10.0497 0x0d58 [ 33AE1B209D9BE2FC6835B8A35A889CEC, 98BB68AF9F6FB5147A6544D82BC3753C2490C03273A424BE22545195FDAFA6E5 ] C:\Windows\System32\winmm.dll
18:43:10.0497 0x0d58 C:\Windows\System32\winmm.dll - ok
18:43:10.0512 0x0d58 [ DEF60E0D29BB4CDAF117B6E62310E27E, 8029AE140BF2682AC5D6FA9408982983671D4F9C256DA345D2A7237A0D854563 ] C:\Windows\System32\wbem\wbemcore.dll
18:43:10.0512 0x0d58 C:\Windows\System32\wbem\wbemcore.dll - ok
18:43:10.0512 0x0d58 [ 1AD1501217EBBA0A39974D09969A5526, 67F906723317D076DF9FB88D805D879BEF344C54E86DAB3FD81BD1AA75DD5282 ] C:\Windows\System32\fdPnp.dll
18:43:10.0512 0x0d58 C:\Windows\System32\fdPnp.dll - ok
18:43:10.0528 0x0d58 [ 1BBC3284F63F89A7F8C54817FDDB6481, 3CFB85172D5C33D8083F11B6A066D1FE5F64E8C61579B8E58780525E656595B4 ] C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
18:43:10.0528 0x0d58 C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll - ok
18:43:10.0528 0x0d58 [ D571E808677C6958C0FCA448A8CE92D9, 77EF884796D73CA26C30A977F46AADEA596C1FD62D50476A3DBD04C25585CB78 ] C:\Windows\System32\winmmbase.dll
18:43:10.0528 0x0d58 C:\Windows\System32\winmmbase.dll - ok
18:43:10.0544 0x0d58 [ 8F1D5A42EF9B53DB59CAA6CA536B9547, 8171B6F9A7C1C914A1E767B704E6DB106D99656A3740C23A4CE557C4C5C19E8C ] C:\Windows\System32\esent.dll
18:43:10.0544 0x0d58 C:\Windows\System32\esent.dll - ok
18:43:10.0544 0x0d58 [ F9CDBECBA8B1DA4E4F32B0431D847C07, 80E281C87FD4B341771DD8610418CC2A5D373C81D3A1244F6CB903591EEA8417 ] C:\Windows\System32\twinapi.dll
18:43:10.0544 0x0d58 C:\Windows\System32\twinapi.dll - ok
18:43:10.0559 0x0d58 [ CB0C9E6D64E81D969535A5CD88D4C6D7, 8D6AA9EA913EDA3BE965EB08B02914911B65B8B23FF501FDB10E826A6FF7C482 ] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.20239_none_7c5f388f60f5ffa7\GdiPlus.dll
18:43:10.0559 0x0d58 C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.20239_none_7c5f388f60f5ffa7\GdiPlus.dll - ok
18:43:10.0559 0x0d58 [ 306F94640CEDDDD0530BA322E1C6A55C, E176C7F1C7BC2B9008E631DCBCEEBC25F82C5C35ED54BB7C50508589F3C2D7FD ] C:\Windows\System32\webio.dll
18:43:10.0559 0x0d58 C:\Windows\System32\webio.dll - ok
18:43:10.0559 0x0d58 [ 9D2DEA5A10A27068BF9B407EF8012E31, 17699719A697717C7C0E8A5E6ECEFCA69AF1B6B3FFED0877DEE34DDA3ED30325 ] C:\Windows\System32\wbem\esscli.dll
18:43:10.0559 0x0d58 C:\Windows\System32\wbem\esscli.dll - ok
18:43:10.0575 0x0d58 [ FB2981EECC4DCA4B4CBDFA8DFABFE75E, 61902F53435F6E50E3A933C47D83BF7AE3FB6A28F39B1350B9462404E731EBBD ] C:\Windows\System32\riched20.dll
18:43:10.0575 0x0d58 C:\Windows\System32\riched20.dll - ok
18:43:10.0575 0x0d58 [ 00A85922F2DA0B5B61E43F3F7E9D6F4F, FE8FABD5153944F00243CB531D74745CCF9339D67C358CC6F237D91D9628B329 ] C:\Windows\System32\mssrch.dll
18:43:10.0575 0x0d58 C:\Windows\System32\mssrch.dll - ok
18:43:10.0590 0x0d58 [ C73263A6CCEF7E2447633AA0060E21F3, 6865E861752D77DD56F4102243A42D4A30D4962B2539CBDFBD4BF75C83BF9653 ] C:\Windows\System32\usp10.dll
18:43:10.0590 0x0d58 C:\Windows\System32\usp10.dll - ok
18:43:10.0590 0x0d58 [ 2E598CC8F74DAB15CF630FEE19E73C26, 00A00B73C2FD5BC67DA2DF8B9D983BB44F43AE5AC077DF8DF57E05E1635F671D ] C:\Windows\System32\wbem\fastprox.dll
18:43:10.0590 0x0d58 C:\Windows\System32\wbem\fastprox.dll - ok
18:43:10.0606 0x0d58 [ F27D93AB3CD672564E2498A06EDA2E02, 0D21A500E541D58265170DEB8185D4436AD20AC0BBFEE2D6C2A036B4456552ED ] C:\Windows\System32\msls31.dll
18:43:10.0606 0x0d58 C:\Windows\System32\msls31.dll - ok
18:43:10.0606 0x0d58 [ 4202ED3CFD0F4DBEA239697CCA60FD4E, 4ADFECC0C9EC65DAC8B882195E16032E14334462198817BD196F4D8079EEFAB1 ] C:\Windows\System32\wbem\wbemsvc.dll
18:43:10.0606 0x0d58 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:43:10.0622 0x0d58 [ FC2036AB90490D8FDFB3B3F3B90AF56F, E293B79E4C06E8DEFD95F3CB9B70BA1CC50E83C37930DA802B50066AC6DF0509 ] C:\Windows\System32\wbem\wmiutils.dll
18:43:10.0622 0x0d58 C:\Windows\System32\wbem\wmiutils.dll - ok
18:43:10.0622 0x0d58 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:43:10.0622 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
18:43:10.0622 0x0d58 [ B23AE2D993F3776FF7998D6D9ABC28C0, 937DDFDBF970A0DB215CB93ACE149456977D042943C0CBF0701E135F081BE962 ] C:\Windows\System32\wuaueng.dll
18:43:10.0637 0x0d58 C:\Windows\System32\wuaueng.dll - ok
18:43:10.0637 0x0d58 [ D9BD70E07C06B932880E771C906271CD, 37CB8EA78E3A16091BC1C2AD4BD5837D0D15D9343C7BBBB8C702537B50CBB459 ] C:\Windows\System32\msidle.dll
18:43:10.0637 0x0d58 C:\Windows\System32\msidle.dll - ok
18:43:10.0637 0x0d58 [ 6EDEC0EE05EF96AF1E38BE4E96A824B0, DF673594F823267A66B2B8959A3378FF03CF808DA1A9C595A83CFA6674B26760 ] C:\Program Files\Elantech\ETDFavorite.dll
18:43:10.0637 0x0d58 C:\Program Files\Elantech\ETDFavorite.dll - ok
18:43:10.0653 0x0d58 [ D5C199A151863D36D83EF9F355B0107D, CFDFEC57119A03FF1F0D26F916A2B67345451358D13476CB52054B11E14DC948 ] C:\Windows\System32\mspatcha.dll
18:43:10.0653 0x0d58 C:\Windows\System32\mspatcha.dll - ok
18:43:10.0653 0x0d58 [ 49640F3D415B9D6447386F632C17B890, 274FE5E4CC21768E3F8FA5890BDCACDE45C19E47298106BF011D9D984DABC10A ] C:\Windows\System32\wbem\repdrvfs.dll
18:43:10.0653 0x0d58 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:43:10.0669 0x0d58 [ 34F01B5A2F089DB611326378ED6E0EEE, C886DFA33BF3760781F1C4009E1743A36852552F6D7F3CDC75C34F00F14642CC ] C:\Windows\System32\wups.dll
18:43:10.0669 0x0d58 C:\Windows\System32\wups.dll - ok
18:43:10.0669 0x0d58 [ C20B3EE1912AE893262E0031E8D0800D, 51B5BA8A881A7633B4231514A792D00EE0958F831D7ABEA6BCA6146862438561 ] C:\Windows\System32\wups2.dll
18:43:10.0669 0x0d58 C:\Windows\System32\wups2.dll - ok
18:43:10.0684 0x0d58 [ 8941ED17DE88001BBB17FE97A8CC7C5B, 37C142F2AEF824CFEF99F2E81F1A2F5676BD9239DE8A7A429A41B2E21D2BEECE ] C:\Program Files\Elantech\ETDApix.dll
18:43:10.0684 0x0d58 C:\Program Files\Elantech\ETDApix.dll - ok
18:43:10.0684 0x0d58 [ 3BD3FFD082FAF1F0092732D8670C7AF0, 3C6054715CBEC6954A0C96ED2CC01019AB515DFFD99B059C6A52F8CF5945C56A ] C:\Windows\System32\wu.upgrade.ps.dll
18:43:10.0684 0x0d58 C:\Windows\System32\wu.upgrade.ps.dll - ok
18:43:10.0700 0x0d58 [ 1811EA281309DF3998933FBA59271227, E599DAEBABD9AB1568DFC09D21A7D887C4141C4325983113FC054D5352E8FBFD ] C:\Windows\SysWOW64\ntmarta.dll
18:43:10.0700 0x0d58 C:\Windows\SysWOW64\ntmarta.dll - ok
18:43:10.0700 0x0d58 [ D22B5291C35B7468606FE1C406D6992D, FF6E1B35E7C37BE542738102E109ACE66F601CA65E34A88818E11017C940A408 ] C:\Windows\SysWOW64\oledlg.dll
18:43:10.0700 0x0d58 C:\Windows\SysWOW64\oledlg.dll - ok
18:43:10.0715 0x0d58 [ 84F20198CAE435DE32ABDB4511550BD7, 89D1F58963BEFE5FE26E03292242F85F7D36731B9A177266B7B036E2C921594B ] C:\Windows\SysWOW64\mscoree.dll
18:43:10.0715 0x0d58 C:\Windows\SysWOW64\mscoree.dll - ok
18:43:10.0715 0x0d58 [ 606B77C072A964DA4E4710151CAC86EB, C6C9E8D77B62C7A52E6E9EAC764C1E1345779FC17544B80730E507627A5D5120 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:43:10.0715 0x0d58 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:43:10.0715 0x0d58 [ CC3C5C434DE3834DEF12F24698CD9FBC, 2548C73D92C8D35197192C989DD7EE0170AE4114CFBFC09EA1C53EBEAE9F0910 ] C:\Program Files\Elantech\ETDCmds.dll
18:43:10.0715 0x0d58 C:\Program Files\Elantech\ETDCmds.dll - ok
18:43:10.0731 0x0d58 [ 4C722B2C50FA6BF5889C7B2E31B5F459, D86C1098746D58F782136FDADB5CD30E0A5111568558BC3A22AFECAE5EF2BF76 ] C:\Program Files\Elantech\ETDTouch.exe
18:43:10.0731 0x0d58 C:\Program Files\Elantech\ETDTouch.exe - ok
18:43:10.0731 0x0d58 [ 7E6821D3202399ED13B7DA91CFD82C2B, 59F721107B6DFE4C84275B0213B0ADB16E31D10A33905E52A0260D417F52975F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
18:43:10.0731 0x0d58 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
18:43:10.0747 0x0d58 [ D0E11E74DC5DBEC8905B5F26A6C5E36F, 67E09813C7D57E3ECCC8DF26A6845A19F965E044A92BCCEF57E55EE86B3DAC79 ] C:\Program Files\Elantech\ETDCtrlHelper.exe
18:43:10.0747 0x0d58 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
18:43:10.0747 0x0d58 [ 0341BF7622E0D547446DB254868EF965, 3EDFFC4F5F4EFAFA62F6E0D61E27FCED6B56A94D6D742821471387017E9CBA43 ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll
18:43:10.0747 0x0d58 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll - ok
18:43:10.0762 0x0d58 [ 2F0C42845E07C82639396857C19613F0, F62CC7B8DFE1E4AF67E9A6393C08CDD15BBE95845093612B0A2039D64FF1E294 ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
18:43:10.0762 0x0d58 C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
18:43:10.0762 0x0d58 [ 071309BE821483287A0FE982AEF005C1, 932920FE06897C0B2ADAF7FA855E3B45498D213994E81AB8694D9EE5CA53AC0A ] C:\Windows\SysWOW64\vcruntime140_clr0400.dll
18:43:10.0762 0x0d58 C:\Windows\SysWOW64\vcruntime140_clr0400.dll - ok
18:43:10.0778 0x0d58 [ 88A56378558724A8B465E3FA82D095EA, 2B7FBF08AE6BB15445BE489CE6A5446FC0CE76974D5AE6B9DABBBA6E3AA6DC75 ] C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.85\msedgeupdate.dll
18:43:10.0778 0x0d58 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.85\msedgeupdate.dll - ok
18:43:10.0778 0x0d58 [ BFE20E1D9BEBE61CD8898663FDACB74E, AA416A9E707BE8475051FF502D20077A687D14CF3ABABF4959F489A3B5BFBF8B ] C:\Windows\SysWOW64\ucrtbase_clr0400.dll
18:43:10.0778 0x0d58 C:\Windows\SysWOW64\ucrtbase_clr0400.dll - ok
18:43:10.0794 0x0d58 [ 071BBA3F4791183CDF3CDE741690BE16, D110EC54595D690E3CA3CF689FBB1602D39C3DFE78B5EBEB327D3F58AEC1344D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\f3b28b2a9beb297391f67f2e4386f26e\mscorlib.ni.dll
18:43:10.0794 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\f3b28b2a9beb297391f67f2e4386f26e\mscorlib.ni.dll - ok
18:43:10.0794 0x0d58 [ D416B695B94189494CFEFE9C25740FB8, E3A8247574554443EF4F1C5DB505EEA38D2003C4E40BDDC02948D674A377CA58 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
18:43:10.0794 0x0d58 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
18:43:10.0809 0x0d58 [ 4C22A273D55A064EEDEA6322A97FE183, 1EAC51FA1BBE72ABE3A900139F940367098984AA98FBD5FC592C09C116555F13 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\49305debd7f2d0c743292886f1983a35\System.ni.dll
18:43:10.0809 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\49305debd7f2d0c743292886f1983a35\System.ni.dll - ok
18:43:10.0809 0x0d58 [ 2AC1FA2324B389A249FD21C8F3637E65, 64117495DCD336607E3E6F091FE61FE3A3E871DB46606D351FC1358998DAFD81 ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:43:10.0809 0x0d58 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:43:10.0825 0x0d58 [ 80E1C0B1BD78FB806492FFB2FA75F158, FC42B2C4F510E210C3DF58C21477EF01D27C90F5F32DF09349C5C97619C234D4 ] C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
18:43:10.0825 0x0d58 C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll - ok
18:43:10.0825 0x0d58 [ 07D5FD57F41F5080F387B6217FEF8FE9, 95C9FB8DE5DB5F5FC0358AE2E3ED4A2453C3ED79D104E7959F37B5B25EF01818 ] C:\Windows\System32\ncobjapi.dll
18:43:10.0825 0x0d58 C:\Windows\System32\ncobjapi.dll - ok
18:43:10.0840 0x0d58 [ 104B37E4EA047F454410250FD6E26500, F94322C4AC3A16962B12C1A8B9CBCE153103C432CB5F2B30092865DC89F1E016 ] C:\Windows\System32\wbem\wbemess.dll
18:43:10.0840 0x0d58 C:\Windows\System32\wbem\wbemess.dll - ok
18:43:10.0840 0x0d58 [ 9367C5A15B27A0C4E8E0688168A0F5CB, 324C44E907D012A9C545234C78343D85DD45F0D6087338C3C2F87664CF40BCD8 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\030d9d9b1f53a133e5e0e496380aab64\System.ServiceProcess.ni.dll
18:43:10.0840 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\030d9d9b1f53a133e5e0e496380aab64\System.ServiceProcess.ni.dll - ok
18:43:10.0840 0x0d58 [ 3346E5B1A3C788831C7798C129B5D9AE, 337402BCA9EE8B6D4C0D1C941E565CB2F20882EFF4CD8AF18FA2AE8A741CBCC2 ] C:\Windows\System32\iphlpsvc.dll
18:43:10.0840 0x0d58 C:\Windows\System32\iphlpsvc.dll - ok
18:43:10.0856 0x0d58 [ B2D0895AAA2EA5F30714DAE04808C252, 628781425C0060E8C7B194AECD3BA27505272989244D1875376057DA1D554A8A ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgr.dll
18:43:10.0856 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgr.dll - ok
18:43:10.0872 0x0d58 [ C2C308C63F9BB7901554DF815B4556AD, 3FEB6147672D9F79EB76EBD45447F81E14CEBE5DC21EDBA5F38DCF2C36F50C48 ] C:\Windows\SysWOW64\cryptsp.dll
18:43:10.0872 0x0d58 C:\Windows\SysWOW64\cryptsp.dll - ok
18:43:10.0872 0x0d58 [ A3A4CCD28306A67BF1E0DC2662C650FD, 3F112656CBB96B15F88CC6D83F11E2BA5D0A88FEE8913458FCF02C9BD05A6990 ] C:\Windows\System32\httpprxm.dll
18:43:10.0872 0x0d58 C:\Windows\System32\httpprxm.dll - ok
18:43:10.0887 0x0d58 [ 4AFA84B1C91860319FD8FB18F16B7A2A, 8E39E1DD4B649A6F9C6771BBC37CAD95CF5BEE968D725E1EBEB5D3BC814DF760 ] C:\Windows\SysWOW64\rsaenh.dll
18:43:10.0887 0x0d58 C:\Windows\SysWOW64\rsaenh.dll - ok
18:43:10.0887 0x0d58 [ A4005F7621C409ADB8E5DE1B807768B4, A44AAE4EC2D0BD9F444B810872972B8E7DCF3AA7878899E538C057154F7E3B0B ] C:\Windows\System32\adhsvc.dll
18:43:10.0887 0x0d58 C:\Windows\System32\adhsvc.dll - ok
18:43:10.0903 0x0d58 [ C40F7BDA5CA45C0804119B0FB2FBB1DF, 3825419A85C6E1EA6117652ADF947BCDF3E3EA2792A4AD6DDE7607FCBF80D67D ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUtil.dll
18:43:10.0903 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUtil.dll - ok
18:43:10.0903 0x0d58 [ E6FC410979F46730AD2342902DAEFDCD, C390118ABFD267CAA9C346B7DBE405C7F6716454576F259A4C79E5441C3F6B66 ] C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
18:43:10.0903 0x0d58 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe - ok
18:43:10.0903 0x0d58 [ 574B7A8FD4F6E3A3CF8ED3201F63DC38, B7A5633F48D9E8D95127F927B2F1559B07B3F6AFE4C20FCF25B6980B491EFC3F ] C:\Windows\System32\sqmapi.dll
18:43:10.0903 0x0d58 C:\Windows\System32\sqmapi.dll - ok
18:43:10.0919 0x0d58 [ 3FF6556704FF0823532BDFD2DD74AB47, 2D81EA517313BDA7102DBC5323F956FF9C90AB7F94E9DCEF34ABA284E1F423A0 ] C:\Windows\System32\nci.dll
18:43:10.0919 0x0d58 C:\Windows\System32\nci.dll - ok
18:43:10.0919 0x0d58 [ 4B61AAD6BCAB15AE410FA533855D300E, AC0FFBF8100701E84BB271B78E1894D21C75FFDAEC523F7E2DABBC10BA862D64 ] C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
18:43:10.0919 0x0d58 C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll - ok
18:43:10.0934 0x0d58 [ 8A42ADD3D04B2E1BD27E396C739B9629, 3A0E5F7FDE0A9C5390E071E046F2F53E77B9C9FBC039E85A8D9634716B32A96F ] C:\Windows\System32\drivers\srv2.sys
18:43:10.0934 0x0d58 C:\Windows\System32\drivers\srv2.sys - ok
18:43:10.0934 0x0d58 [ B75ADC97905F43C7C946F1465A8697BD, AF50E3F5DBF222DB095B40FD4896650B5F8DD47153CB9A1ADE54D17FCE85C529 ] C:\Windows\System32\srvsvc.dll
18:43:10.0934 0x0d58 C:\Windows\System32\srvsvc.dll - ok
18:43:10.0950 0x0d58 [ 320181CD7F1EC13363B80867E98A7DDE, 57B51701822EB9DB27DCDD39579B149B19E24F0307126868D2D8AFCE155DF03A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\1fceafd584ec9c941eb506cbae7fd754\System.Core.ni.dll
18:43:10.0950 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\1fceafd584ec9c941eb506cbae7fd754\System.Core.ni.dll - ok
18:43:10.0950 0x0d58 [ 235A9CB1D7E11BD58A95E0F6A74F77AA, E9A6A3C3F8FCEAD8F11A7B0E351022219178197AD0DC84EF3F91E9E34D478A26 ] C:\Windows\System32\activeds.dll
18:43:10.0950 0x0d58 C:\Windows\System32\activeds.dll - ok
18:43:10.0965 0x0d58 [ 152D65F4954F4B47A08FF77D7FAF007F, 1FD18FC7AE83FA29BBC8899E41EB3BCF52AE5C79A78BA60C4243A2FF5FF588D5 ] C:\Windows\System32\drivers\srv.sys
18:43:10.0965 0x0d58 C:\Windows\System32\drivers\srv.sys - ok
18:43:10.0965 0x0d58 [ DCC48F1BDC0E239776BA05A7239991F7, 25DFB8168246E5D04DD6F124C95E4C4C4E8273503569ACD5452205558D099871 ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:43:10.0965 0x0d58 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:43:10.0981 0x0d58 [ 0C817DEFF7F2159524F9125FE0180B90, 0A0987422A05589FB6BD238472C943E79F3899D40097CD56BD4199A7442DE3ED ] C:\Windows\System32\adsldpc.dll
18:43:10.0981 0x0d58 C:\Windows\System32\adsldpc.dll - ok
18:43:10.0981 0x0d58 [ 937D41AC3B5987D5ADDD41CCAA5FA114, 2FB0A2FFCA27D974592C1ADC0459F85750B6008DF8B9E8A516F8B3F6CF3BA870 ] C:\Windows\System32\wbem\cimwin32.dll
18:43:10.0981 0x0d58 C:\Windows\System32\wbem\cimwin32.dll - ok
18:43:10.0981 0x0d58 [ 3274C6364982349982134840E98EA4A3, C9610CF450CE92939D496085A8286AB7AAFA4F22E11E998186ECCBCCF5BB6CE2 ] C:\Windows\System32\adsldp.dll
18:43:10.0981 0x0d58 C:\Windows\System32\adsldp.dll - ok
18:43:10.0997 0x0d58 [ E413EAA3CE2E05E6EF38641A82AA1706, 772556FFC7B0253477EDF25A4BA35E4A04435AFA287738399DE27B38E085DB48 ] C:\Windows\System32\sscore.dll
18:43:10.0997 0x0d58 C:\Windows\System32\sscore.dll - ok
18:43:10.0997 0x0d58 [ 11354BDEF875ECD012D49305BDF79778, 2F7C9AB285DF3F55C23B4E6D83959F91C80B64EBF792494EF4B4D40C9213F820 ] C:\Windows\System32\sscoreext.dll
18:43:10.0997 0x0d58 C:\Windows\System32\sscoreext.dll - ok
18:43:11.0012 0x0d58 [ BE0BA5CD54F4F19AF7B420E13229DF75, 8363A1EF63B3686ABC46309078CB9F6D9F407456F12DE77441C2FCD8270FB429 ] C:\Windows\System32\framedynos.dll
18:43:11.0012 0x0d58 C:\Windows\System32\framedynos.dll - ok
18:43:11.0012 0x0d58 [ 1813016124FDF47963EC20AC0A001E44, BE1AB427667685DC934662149CAFE289A1E6898E18EBF52D11F2B5E35CA32401 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6b5ef308f254a21f53b64b8bd3f7a973\System.Configuration.ni.dll
18:43:11.0012 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6b5ef308f254a21f53b64b8bd3f7a973\System.Configuration.ni.dll - ok
18:43:11.0028 0x0d58 [ 8BF2C3F1A8E27E95AD9E7D430FCC7861, 68F683C794D1EE8F1288C465E163D5A632C7E61CF0B9AAB20F33B0C56515EE04 ] C:\Windows\System32\mi.dll
18:43:11.0028 0x0d58 C:\Windows\System32\mi.dll - ok
18:43:11.0028 0x0d58 [ 0FE6CAD65EA3720A1619BE0D8F5A282B, 457F53254994245FE4E79A22DA2EC52CCDD0B2AB6DBC58F5FF01410CFE3F4B77 ] C:\Windows\System32\miutils.dll
18:43:11.0028 0x0d58 C:\Windows\System32\miutils.dll - ok
18:43:11.0044 0x0d58 [ 36A23B2EABEC9B1087FD08EB81DE0E41, E1A52F36B13E1F4981E33BC8FEA91650DB7742BA0756E30C8A97D59935677D81 ] C:\Windows\System32\wmi.dll
18:43:11.0044 0x0d58 C:\Windows\System32\wmi.dll - ok
18:43:11.0044 0x0d58 [ E6FD6AB9B0EDC5D36F80050F86BD82C2, D144E35407376F53C7A2D27BBB6D5226641D3EB17F7680B072C7461802FD7099 ] C:\Windows\System32\cscapi.dll
18:43:11.0044 0x0d58 C:\Windows\System32\cscapi.dll - ok
18:43:11.0059 0x0d58 [ E82B2DD7F40B434A0F12D900D4D66BB5, EC4B308762C3A3D8C11A11BA602617E9838AE5300FF12ADA3B256F9E60808DC3 ] C:\Windows\System32\browcli.dll
18:43:11.0059 0x0d58 C:\Windows\System32\browcli.dll - ok
18:43:11.0059 0x0d58 [ 9DCFF9945F4AB99DE774E1B658D3AB66, F36ED16484E1D576F73E6BFEA97177FF49F2245BF11D49C48738622752CE3731 ] C:\Windows\System32\schedcli.dll
18:43:11.0059 0x0d58 C:\Windows\System32\schedcli.dll - ok
18:43:11.0059 0x0d58 [ 6A742FC11C6B8F3CB537EFE26F9FF797, 5F460EC026BB53C6B872C4298053F3A991E2C607DB7601164DF8FFD31F9460B8 ] C:\Windows\System32\wmidcom.dll
18:43:11.0059 0x0d58 C:\Windows\System32\wmidcom.dll - ok
18:43:11.0075 0x0d58 [ 1B0BF54BCBF211D87F4E1D29FB0C5B56, 764394707910784C25FD32BAAC7919FEB8658C40C3A3ED5458A4BF276E03AF79 ] C:\Windows\System32\resutils.dll
18:43:11.0075 0x0d58 C:\Windows\System32\resutils.dll - ok
18:43:11.0075 0x0d58 [ 5EB2C390F30F8030C7ED53A1B3FE093F, DFE282B540095CF7752ACBF7EA49A38011651BEDF9501205023240851F4E0B79 ] C:\Windows\System32\clusapi.dll
18:43:11.0075 0x0d58 C:\Windows\System32\clusapi.dll - ok
18:43:11.0090 0x0d58 [ 7C9F4479BD2D810B1EE158C97F4E5CBA, FB6106C5455C32DEB7A2ABD62BF44D36E839A835101BBE840713298AC986B802 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\317bf206d82baad2a505dde383099e6f\System.Xml.ni.dll
18:43:11.0090 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\317bf206d82baad2a505dde383099e6f\System.Xml.ni.dll - ok
18:43:11.0090 0x0d58 [ 1049A05B3303790C2C61132EB0AF07D6, F978C3259BD58E893B48E045524A439CCA5FD5E8885C2759A1EA48A92EC4EFCF ] C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
18:43:11.0090 0x0d58 C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll - ok
18:43:11.0106 0x0d58 [ FF79379D5BBF2BDB9BA0A1205444DF45, 175E7B271C4EB7AAE08B364A27FCEA8E684A7696C45C829BB07AC819E72E2B1A ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorCommon.dll
18:43:11.0106 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorCommon.dll - ok
18:43:11.0106 0x0d58 [ 439E2F41CC91DE42214D5CA2EA69ECD1, 94A820E238024DC5C65785B37141020078EED9B170BE4389F085577637B538DF ] C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
18:43:11.0106 0x0d58 C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll - ok
18:43:11.0122 0x0d58 [ 1C80328E4951668EF2FB323F249A1B9E, 8B93BC31E0DD4444527E94FE057F53F4056AB39BE42C38FBFEF96171CD626EAE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
18:43:11.0122 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess.resources\v4.0_4.0.0.0_es_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - ok
18:43:11.0122 0x0d58 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] C:\Windows\System32\wdi.dll
18:43:11.0122 0x0d58 C:\Windows\System32\wdi.dll - ok
18:43:11.0137 0x0d58 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] C:\Windows\System32\aelupsvc.dll
18:43:11.0137 0x0d58 C:\Windows\System32\aelupsvc.dll - ok
18:43:11.0137 0x0d58 [ D1813A139CADEB0F9FD2CB96936EA702, F902F5EE3DF11DE120B8B57F95841DFDEB29CB62018C120C8022164254401820 ] C:\Windows\System32\dafupnp.dll
18:43:11.0137 0x0d58 C:\Windows\System32\dafupnp.dll - ok
18:43:11.0137 0x0d58 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] C:\Windows\System32\DeviceSetupManager.dll
18:43:11.0137 0x0d58 C:\Windows\System32\DeviceSetupManager.dll - ok
18:43:11.0153 0x0d58 [ CA8878209AA72250366295235F9BF6AC, 2A5A600C9F1A8FE76DDC885858A9C1621EA6FFB37984FF1F8D1A335ADAF31738 ] C:\Windows\System32\netprofmsvc.dll
18:43:11.0153 0x0d58 C:\Windows\System32\netprofmsvc.dll - ok
18:43:11.0169 0x0d58 [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] C:\Windows\System32\wpdbusenum.dll
18:43:11.0169 0x0d58 C:\Windows\System32\wpdbusenum.dll - ok
18:43:11.0169 0x0d58 [ 338AE1E66BAFBFD860EB89B110163989, F1DE21AFAF1846307539C71C71576A15D19B88E908673DF56D6F4D25162BF7CA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38733e8e52acdc7a012d2a83e0b60cd5\System.Management.ni.dll
18:43:11.0169 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38733e8e52acdc7a012d2a83e0b60cd5\System.Management.ni.dll - ok
18:43:11.0169 0x0d58 [ 0D4AD7EAAEB499A915AA01576FFB2AFC, 3A6D59A42BF4830265DDCE40ACFD0D9520EC24ECAA97A91989415EAA19B4788D ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorDataMgr.resources.dll
18:43:11.0184 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorDataMgr.resources.dll - ok
18:43:11.0184 0x0d58 [ 1BA16B30BC59D2A9836B30DBFD1959F4, 7DAC21DB55030E2077DCFD6A05505E75E56B17B45E4677F490CF90807388CC81 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PSI.dll
18:43:11.0184 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PSI.dll - ok
18:43:11.0184 0x0d58 [ F040E3559171F27B80BBB499FD9E5855, 7E9043F1AA9964A160621B8EA62EFA224E1753B154A293E7C1284A6472A8A613 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvcInterfaces.dll
18:43:11.0184 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvcInterfaces.dll - ok
18:43:11.0200 0x0d58 [ A57EB3F21BCC05F519CB42EEF6645AEC, 9E76531EC9553C6BA4C93C2805F24C673B4794C8ABB7E17A6151C7A909CFA473 ] C:\Windows\System32\diagperf.dll
18:43:11.0200 0x0d58 C:\Windows\System32\diagperf.dll - ok
18:43:11.0200 0x0d58 [ 54ACF58A59A5FD3AD29EABBECA5B5BA4, B3B7572E93ACFF3CCB08968F33B796A6FC6DDCF75F48038A0626E46997AAD2D1 ] C:\Windows\System32\appinfo.dll
18:43:11.0200 0x0d58 C:\Windows\System32\appinfo.dll - ok
18:43:11.0215 0x0d58 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] C:\Windows\System32\hidserv.dll
18:43:11.0215 0x0d58 C:\Windows\System32\hidserv.dll - ok
18:43:11.0215 0x0d58 [ 7858563A65A5E61566B34A6D5A142F6F, 615C918871A0985AC3F55A9EFBE9CAC01B2ED321CA5BD94A406D9DA6D0ADC90F ] C:\Windows\System32\perftrack.dll
18:43:11.0215 0x0d58 C:\Windows\System32\perftrack.dll - ok
18:43:11.0231 0x0d58 [ 2408447B06D7373FD481A0323248FF71, C93B0EDEDFC536BEF0C6D317740F333B0F79B654DCE2803029A1D00CAD4DE92B ] C:\Windows\System32\ssdpsrv.dll
18:43:11.0231 0x0d58 C:\Windows\System32\ssdpsrv.dll - ok
18:43:11.0231 0x0d58 [ A6D94E482863A3CB8C1C9430855F1DE3, DB900D4C4B24C884E96A5887A034235C430CDA70B773E1643CADE98E8CC8B518 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
18:43:11.0231 0x0d58 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll - ok
18:43:11.0231 0x0d58 [ C16526B898B16A443D2C7D82B4C525B8, B1AFB2D867912191F6130C77F7A0199D801EBE7D75D8F619A3A7C1E93F8C2E16 ] C:\Windows\SysWOW64\clbcatq.dll
18:43:11.0231 0x0d58 C:\Windows\SysWOW64\clbcatq.dll - ok
18:43:11.0247 0x0d58 [ 4CCC0575E2EC19302354058E15F64BF7, 2ABFF22E2A65B76D725DDEE3468AD542179A2B9000101F38C352400CB3E502A2 ] C:\Windows\System32\PortableDeviceApi.dll
18:43:11.0247 0x0d58 C:\Windows\System32\PortableDeviceApi.dll - ok
18:43:11.0247 0x0d58 [ A5704DD2FD353C7C352D4E162EEE3A51, 377A76E25379AC2ADBF60AC84EE06E644DD2131EDD6D6D64B0BC8A163379DFB8 ] C:\Windows\System32\npmproxy.dll
18:43:11.0247 0x0d58 C:\Windows\System32\npmproxy.dll - ok
18:43:11.0262 0x0d58 [ D78AB660D17CBC2DE9B04BE9CCED7DB3, 524C4EC32E081A6359BE500778F8B076BCF7F3C88A2F13E55E6BB00A57AD9555 ] C:\Windows\System32\lpksetupproxyserv.dll
18:43:11.0262 0x0d58 C:\Windows\System32\lpksetupproxyserv.dll - ok
18:43:11.0262 0x0d58 [ F64AFE911E8341ED98CC37D0F2FD32F9, AFC3F43A0A69CFCCC859D568002FBD6A5D81EBFA8C50A37DFD6B7F8EBB2C65B7 ] C:\Windows\System32\DevPropMgr.dll
18:43:11.0262 0x0d58 C:\Windows\System32\DevPropMgr.dll - ok
18:43:11.0278 0x0d58 [ 56B710F8E84F70811F0CE5116272E70D, BA5663F34A1CED732EE83168D2103C9B14758D374E454D5EC044FAFC1632960C ] C:\Windows\System32\DeviceDriverRetrievalClient.dll
18:43:11.0278 0x0d58 C:\Windows\System32\DeviceDriverRetrievalClient.dll - ok
18:43:11.0278 0x0d58 [ A4FE34A388A5F26CF8D7BF559105C76A, B176E6859358B1D5D6059806EDEB24780379EBF449EE168B8D884D5EA3A9BE32 ] C:\Windows\System32\hnetcfg.dll
18:43:11.0278 0x0d58 C:\Windows\System32\hnetcfg.dll - ok
18:43:11.0294 0x0d58 [ 34898DB5AFD23E501E5F1DD349E89CAB, 0BF5304B4D4CCC4134BD4480DBF2E0E74689F1A53F8809B61BB75D4E0CCCDDCF ] C:\Windows\SysWOW64\wbem\wmiutils.dll
18:43:11.0294 0x0d58 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
18:43:11.0294 0x0d58 [ 600D506FEA867E0BAEAFFEFCE54F35B3, 86D8631C075400AF09ECBFC531D64B187696D6AA277AD6D58E718E17DDCD4616 ] C:\Windows\System32\consent.exe
18:43:11.0294 0x0d58 C:\Windows\System32\consent.exe - ok
18:43:11.0309 0x0d58 [ 8AE95C9655D24787AC951D84C0999DDF, 31F9A7FE6617B035DF0FD6BF0B21FCD33528B4962C15AF20CE617FDF0E57CF0A ] C:\Windows\System32\runonce.exe
18:43:11.0309 0x0d58 C:\Windows\System32\runonce.exe - ok
18:43:11.0309 0x0d58 [ 2B92A88E329F4845D31941967A3BAA90, 649A7AB8E3B5C0940812E40EAFC8F004979BB48BFC8F4BC7DB9F2CBCDD715344 ] C:\Program Files (x86)\Samsung\Settings\msvcr100.dll
18:43:11.0309 0x0d58 C:\Program Files (x86)\Samsung\Settings\msvcr100.dll - ok
18:43:11.0325 0x0d58 [ C5D3070BC274E27828703B410FCE505C, F376BE030F38A81B5D838CB0A32388314865CC68EBC25B048C365F891038ED33 ] C:\Windows\System32\wscapi.dll
18:43:11.0325 0x0d58 C:\Windows\System32\wscapi.dll - ok
18:43:11.0325 0x0d58 [ 257CD019CB19A7F8E3A304CB2746A8D9, B0EA497DA38622462E3ED3B5C341839FEBAB38142D6B4055BD4B292194024B2B ] C:\Windows\System32\cryptnet.dll
18:43:11.0325 0x0d58 C:\Windows\System32\cryptnet.dll - ok
18:43:11.0340 0x0d58 [ DBC7CC6CADD146F0FD4701A12C407530, C3BF12772B439A91C443A8B422550ED42874A9C81FAB2610F87B0E364A3BF299 ] C:\Windows\SysWOW64\wbemcomn.dll
18:43:11.0340 0x0d58 C:\Windows\SysWOW64\wbemcomn.dll - ok
18:43:11.0356 0x0d58 [ 1149524E4187EA10AC54FB81423FF015, B64432879B94B96116E4D6AEE69DC1FC4356F3F2F50C6A52719192E1AE85F4B2 ] C:\Windows\System32\DDORes.dll
18:43:11.0356 0x0d58 C:\Windows\System32\DDORes.dll - ok
18:43:11.0356 0x0d58 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] C:\Windows\servicing\TrustedInstaller.exe
18:43:11.0356 0x0d58 C:\Windows\servicing\TrustedInstaller.exe - ok
18:43:11.0372 0x0d58 [ EA2286450A2793C1298DEE0D9C8F7545, 17BBB05EFBDB82C89AFA3316101767B06360F469B6278ECFC2268E6BEC4490CD ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:43:11.0372 0x0d58 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:43:11.0372 0x0d58 [ 5603633CA44D0B025DB7A907FCA5262F, 74109F091509623D0EE7896ED0AD9099DCA72A55E2E420EDEE0F9E0265BC87E9 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
18:43:11.0372 0x0d58 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
18:43:11.0387 0x0d58 [ 076D76E9C7A1495D7AF4201AD6F86C1B, 8C66988F4E5EC9BE8B25C460B7E4724BA6C5621799357C89980C1D6CA248151E ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
18:43:11.0387 0x0d58 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
18:43:11.0387 0x0d58 [ A963FCA77A716166E2E95E40E092B0F9, 44CC56602E075098626BA46CE0DE6D6E6A06A6439687FF278A29BC3FB3DE6CBC ] C:\Windows\System32\pnpts.dll
18:43:11.0387 0x0d58 C:\Windows\System32\pnpts.dll - ok
18:43:11.0403 0x0d58 [ 4DC2886CD072216A4EEDF03B99C5FAAC, 029D36AB4AA5E641BEFDEF12F8F0903F73440BFA1C67E859327E409F47534BEF ] C:\Windows\System32\wdiasqmmodule.dll
18:43:11.0403 0x0d58 C:\Windows\System32\wdiasqmmodule.dll - ok
18:43:11.0403 0x0d58 [ B2EF139DE808F902F09AC7AADDFFBBFC, F85F5E77648F85D5D10FFC32D1ADD46F741A2240A8B306A78A1878410FAD4693 ] C:\Windows\System32\radardt.dll
18:43:11.0403 0x0d58 C:\Windows\System32\radardt.dll - ok
18:43:11.0419 0x0d58 [ B897164CEF0FF64AA3C3FD97AF1A7DA0, 08D352387AC890C950292B81B95424DDD113A23777BDACEEA12153A16BC953E5 ] C:\Windows\System32\srumsvc.dll
18:43:11.0419 0x0d58 C:\Windows\System32\srumsvc.dll - ok
18:43:11.0419 0x0d58 [ F758C81CB99875B6A519CE8C9F7DD1D5, 3F7F0B892E011AE30CF6BBD2505362A356C865DC5514671010EBA9278013E2BA ] C:\Windows\SysWOW64\wbem\fastprox.dll
18:43:11.0419 0x0d58 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
18:43:11.0434 0x0d58 [ 9AF99E82146CE684677F7BBE51D0DDC7, AC0BE8D5608AD0B2630D9B959B3BE0CAF72B38BC035FDF145BBADB298EF2401B ] C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
18:43:11.0434 0x0d58 C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll - ok
18:43:11.0450 0x0d58 [ 08BB02194B3B34D480BA91E7860FA7F6, 9517EB1943FDBDDFEA6249FCE811C281C041D6E809B0C25CC3FDE2DB12AD955A ] C:\Windows\System32\appsruprov.dll
18:43:11.0450 0x0d58 C:\Windows\System32\appsruprov.dll - ok
18:43:11.0450 0x0d58 [ 53046D15CE74CD6D9E5D3978073623AA, F8FB602EA18BFF0C98933BFFFAB71203ABC8998F0B69599EBA3EC5E9235AA799 ] C:\Windows\System32\nduprov.dll
18:43:11.0450 0x0d58 C:\Windows\System32\nduprov.dll - ok
18:43:11.0465 0x0d58 [ 15C6EB10169D8B96B8107C909BA2659F, 3D1917B076F4832773CFCC5DFFD72E2EC515A115C1E170FEC9752B2AF4C46938 ] C:\Windows\System32\wpnsruprov.dll
18:43:11.0465 0x0d58 C:\Windows\System32\wpnsruprov.dll - ok
18:43:11.0465 0x0d58 [ 2F0FF942FC55D9719D5126C3BD5D6FC2, D4F991ADFDD1949AE08A106DAD8A7899FEF0BF5E691AC74099137FC5FFD9386F ] C:\Windows\SysWOW64\runonce.exe
18:43:11.0465 0x0d58 C:\Windows\SysWOW64\runonce.exe - ok
18:43:11.0481 0x0d58 [ 3D95BD3198561F0B72357CE711C6FEFF, 6F08DF9511BCA6FEBB295C49727A2EEE18ACB932F4C8A719A655E5F6C4838B88 ] C:\Windows\System32\ncuprov.dll
18:43:11.0481 0x0d58 C:\Windows\System32\ncuprov.dll - ok
18:43:11.0481 0x0d58 [ 48BDEBC0BB6861402C23EF18ECF8D33D, 1AF7D55AA326C5749C7AFD65BF4238685A0CE18F6011BE19D84EB9F76015E7FC ] C:\Windows\System32\wwapi.dll
18:43:11.0481 0x0d58 C:\Windows\System32\wwapi.dll - ok
18:43:11.0497 0x0d58 [ 4E055023867C622EA8D859316CA66E6B, 65011BBA3F778F28ABF9D9AFE33489EE9D5546E68ACAFC7D871688E2D2F973F7 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
18:43:11.0497 0x0d58 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
18:43:11.0512 0x0d58 [ BCD3CF0DA3BEB6EADD2BA2D2C98C53AF, 7133F41E8CB645A360E1B94A38C1C977960C375D17A812FAE8BC26D35FB39DF5 ] C:\Windows\System32\energyprov.dll
18:43:11.0512 0x0d58 C:\Windows\System32\energyprov.dll - ok
18:43:11.0512 0x0d58 [ 496D0C2A5A1B57B010AA1714FC730B8D, 1605A3631C9A02026BAAE2630E11B81B5DA129E2D8CB4B92FC85F7EBE88FFD7D ] C:\Windows\System32\DeviceMetadataRetrievalClient.dll
18:43:11.0512 0x0d58 C:\Windows\System32\DeviceMetadataRetrievalClient.dll - ok
18:43:11.0528 0x0d58 [ F44508F6DA6128E57DDD2456B717E231, 9923629CD36EE336A210C10B72065B698428813074F578E0AFA2E35EC3C38270 ] C:\Windows\SysWOW64\propsys.dll
18:43:11.0528 0x0d58 C:\Windows\SysWOW64\propsys.dll - ok
18:43:11.0528 0x0d58 [ 86AA9E772270A4F97E56A91F689735F0, 021C809F48883F668FE654DDD03E1BAF5DFEA959E0BFF0591B6BE39BB25F6297 ] C:\Windows\servicing\CbsApi.dll
18:43:11.0528 0x0d58 C:\Windows\servicing\CbsApi.dll - ok
18:43:11.0544 0x0d58 [ 49BFC8671B88F47BAC1B6123309FF8BB, F62CFC998477F8636F1C0722D67C683B73027DF4D30B4A679A6C3575AFBFB86C ] C:\Windows\SysWOW64\urlmon.dll
18:43:11.0544 0x0d58 C:\Windows\SysWOW64\urlmon.dll - ok
18:43:11.0544 0x0d58 [ 0D99F2FD6696D19F20C6E646E449C495, EE896ABEE229E53A42FE41A5BD4EC7A4218135EB77BBD55E73043E76358F7202 ] C:\Windows\SysWOW64\secur32.dll
18:43:11.0544 0x0d58 C:\Windows\SysWOW64\secur32.dll - ok
18:43:11.0559 0x0d58 [ 622D21C40A25F9834A03BFD5FF4710C1, 48985B22A895154CC44F9EB77489CFDF54FA54506E8ECAEF492FE30F40D27E90 ] C:\Windows\SysWOW64\cmd.exe
18:43:11.0559 0x0d58 C:\Windows\SysWOW64\cmd.exe - ok
18:43:11.0559 0x0d58 [ 5D0D9F6F7A188B8EDDBB2B14D78BEE7D, 1945E4C5EDD70B5F0C5533E6051060D7870251F5B736B04DDCD33EE190425EED ] C:\Windows\System32\actxprxy.dll
18:43:11.0559 0x0d58 C:\Windows\System32\actxprxy.dll - ok
18:43:11.0575 0x0d58 [ 3F674D941D9C65FB4702B1A737C92688, 2169F027B8299412B9C0989F83778F4E45B95942B47C9FD3023E7E34B44E302D ] C:\Windows\System32\pcacli.dll
18:43:11.0575 0x0d58 C:\Windows\System32\pcacli.dll - ok
18:43:11.0590 0x0d58 [ AF7577BAEA397E05019881753520C20F, CBB58BBF1356F7D987CB9727AF6216AEB1B30617E8419C382061E7C920AF04E9 ] C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
18:43:11.0590 0x0d58 C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll - ok
18:43:11.0590 0x0d58 [ 55D8D46BEC0FA1390040026726A0AF67, 5FC7F63CBCE1024F2BE38FCAE13663E27EB2F6481475DC5151AC5469DD11AF95 ] C:\Windows\System32\HelpPaneProxy.dll
18:43:11.0590 0x0d58 C:\Windows\System32\HelpPaneProxy.dll - ok
18:43:11.0606 0x0d58 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] C:\Windows\System32\wlidsvc.dll
18:43:11.0606 0x0d58 C:\Windows\System32\wlidsvc.dll - ok
18:43:11.0606 0x0d58 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] C:\Windows\System32\drivers\condrv.sys
18:43:11.0606 0x0d58 C:\Windows\System32\drivers\condrv.sys - ok
18:43:11.0622 0x0d58 [ B03B2D2526B2573920F596FCE0E8403D, 1EA8037E34D14CDEAA454E6649A1D700E191F8B00F422B22B3D9B954CD905A92 ] C:\Windows\System32\localspl.dll
18:43:11.0622 0x0d58 C:\Windows\System32\localspl.dll - ok
18:43:11.0622 0x0d58 [ BAD35CDD5E5245EE380DAFA2CCDB39EA, D3DEA8352F49FCC6D02206552B83B9EF291C5C6A542104159C1357565334C307 ] C:\Windows\System32\VAN.dll
18:43:11.0622 0x0d58 C:\Windows\System32\VAN.dll - ok
18:43:11.0637 0x0d58 [ EE3ED9FF4BE5D79556EB8CC1BC889A74, DCF694734190FDC1F382F7118E58C2DED979DFCB207ECD5D33F3FD589AD17E29 ] C:\Windows\System32\security.dll
18:43:11.0637 0x0d58 C:\Windows\System32\security.dll - ok
18:43:11.0637 0x0d58 [ EAA3EE12B2CAA0365F2B4D495B50AD22, F30686DD09B81D4080AB58DEF209173772FA132FA3762688274270AFA6407872 ] C:\Windows\System32\conhost.exe
18:43:11.0637 0x0d58 C:\Windows\System32\conhost.exe - ok
18:43:11.0653 0x0d58 [ F0BE5A908A4AFDC38BB4A47F68CF7C61, 4577487A41E756FE81A6DA476C66CF94250F3258FBC036A903A34974DC17FFCE ] C:\Windows\System32\ncryptsslp.dll
18:43:11.0653 0x0d58 C:\Windows\System32\ncryptsslp.dll - ok
18:43:11.0653 0x0d58 [ 2041307831E670E4DEFBD3F51AA62157, 9B73E4EAF071699A498115AC7DEC3477489BDAF02DE45D61DB3715EC9E2A3A56 ] C:\Windows\System32\ncryptprov.dll
18:43:11.0653 0x0d58 C:\Windows\System32\ncryptprov.dll - ok
18:43:11.0669 0x0d58 [ 6640FD3EAA9C0A7536A505FA4B2B5178, 3BE5C046026AEB4020C9478244183924690E462626B7A6545174FA5FCF291D95 ] C:\Windows\System32\spoolss.dll
18:43:11.0669 0x0d58 C:\Windows\System32\spoolss.dll - ok
18:43:11.0669 0x0d58 [ 8DBD9DEB993678791D7FD86B1BC41789, 121CEE40FBD1D29E21C37625E86B8BD4356195313A638DF928C4999967C96B49 ] C:\Windows\System32\PrintIsolationProxy.dll
18:43:11.0669 0x0d58 C:\Windows\System32\PrintIsolationProxy.dll - ok
18:43:11.0684 0x0d58 [ E3EE69D7F68DB7F9A48ABF618253279E, 23883CA38CECBEC853F0712191F16F6B86107747D80B16E065A2A68B2645F51F ] C:\Windows\System32\FXSMON.dll
18:43:11.0684 0x0d58 C:\Windows\System32\FXSMON.dll - ok
18:43:11.0684 0x0d58 [ 090A67A23CC449AA2ADF49BE797B66EA, E04DBDE19528A5BE04C396638C8CE8C89F4351B6BE9752CB7A064A15334CFE5B ] C:\Windows\System32\dssenh.dll
18:43:11.0684 0x0d58 C:\Windows\System32\dssenh.dll - ok
18:43:11.0700 0x0d58 [ 62A0ED06E9FF55EEF51B27EC4839EE0B, C206495B66EC9CBCDE0D7D9A2F420ADEF750B81BBD75A578F0A15F66864A0C98 ] C:\Windows\System32\hpz3lw71.dll
18:43:11.0700 0x0d58 C:\Windows\System32\hpz3lw71.dll - ok
18:43:11.0700 0x0d58 [ 4AE1645286D07AF628DDB2AE978CE526, F7DF65AEA001F78FA3E7A009A599B36C7BAC9D9E430C52E772BF192DF26BF93A ] C:\Windows\SysWOW64\cmdext.dll
18:43:11.0700 0x0d58 C:\Windows\SysWOW64\cmdext.dll - ok
18:43:11.0700 0x0d58 [ F728D7DE52C65B8C2F4C64D392932386, 98B2C9A8480902147E6D7168FE832EC0635FDBBF451F8CD7DD83FE4B43EA938A ] C:\Windows\System32\tcpmon.dll
18:43:11.0700 0x0d58 C:\Windows\System32\tcpmon.dll - ok
18:43:11.0715 0x0d58 [ E5B4A9018F7271540ECF77BC984F3C46, 60E9E162552BE6DC305B38B40C8F5C39B79EA5A3873EF6D3CFAADFCB873E7F39 ] C:\Windows\System32\snmpapi.dll
18:43:11.0715 0x0d58 C:\Windows\System32\snmpapi.dll - ok
18:43:11.0715 0x0d58 [ E84EED08699444CC4026497520C561DE, C8C4928C50EDBAF255C05D87E54FE326984022D3FBE51541E89C00F2692F06A9 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorUtil.resources.dll
18:43:11.0715 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorUtil.resources.dll - ok
18:43:11.0731 0x0d58 [ 58CA75F0883DB0B1CA456981A77ACA44, A17B1D963D3CA92EF2DD041AE8DA9E703B1D55374E6543054F243B4300C3E768 ] C:\Windows\System32\wsnmp32.dll
18:43:11.0731 0x0d58 C:\Windows\System32\wsnmp32.dll - ok
18:43:11.0731 0x0d58 [ 2B902EA3056AABF8ECCB689D434AE2C9, 7CC977D574720B6267030469AA589B9B7EBF0B108A4B024A54429DFF9D633D35 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\TiWorker.exe
18:43:11.0731 0x0d58 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\TiWorker.exe - ok
18:43:11.0747 0x0d58 [ D3D676388D30A85763AA7E16463EA81E, EA2DAFF68E536EDCF3C7603B8D36DBE3DA0F2AEDA6D1A7B0A64872EE67D4117C ] C:\Windows\System32\usbmon.dll
18:43:11.0747 0x0d58 C:\Windows\System32\usbmon.dll - ok
18:43:11.0747 0x0d58 [ 12EF3676927FB358E9941C8BF6CC89B9, 7140265C1E525FAD5C03CCDDFDCEE553645CEB8FE33E0AF83EDC50DD0C170CFB ] C:\Windows\System32\wbem\wmipcima.dll
18:43:11.0747 0x0d58 C:\Windows\System32\wbem\wmipcima.dll - ok
18:43:11.0747 0x0d58 [ 7ECB0200EC162D6742E07BBA3835B57A, ABCAF988AA1A7BAD4A2050A0C22BF5315B835567F70BBEC163054F50B64D0C9E ] C:\Windows\System32\WSDMon.dll
18:43:11.0747 0x0d58 C:\Windows\System32\WSDMon.dll - ok
18:43:11.0762 0x0d58 [ 3C98FF4A7F70FDA8139F13CCE7030C19, D3FE2AFA335D5D4949D7FD911CE5B96E3B68962B6ADBFBF47C1A29F5403C7967 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8037846f4be533b1bff7a66347c48af5\System.ServiceModel.ni.dll
18:43:11.0762 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8037846f4be533b1bff7a66347c48af5\System.ServiceModel.ni.dll - ok
18:43:11.0762 0x0d58 [ A290E9849A0C0948136A785F5096F48B, FB3269CDA55197891F2FE9971D4C933D3C8BB4CCBE8EA6676F4CA3288B5A7EAD ] C:\Users\paris429pcf566\AppData\Local\Temp\{7886E033-682A-478C-BEA9-A90599A9884B}\{DE81A8E8-9DAD-49FD-8CB8-DB0B97987FE6}.exe
18:43:11.0762 0x0d58 C:\Users\paris429pcf566\AppData\Local\Temp\{7886E033-682A-478C-BEA9-A90599A9884B}\{DE81A8E8-9DAD-49FD-8CB8-DB0B97987FE6}.exe - ok
18:43:11.0778 0x0d58 [ BBD32A0FCD0C54D2B25717EF55C0E324, A0D491E4A67D4BB5957332B6E9100B632BBA3AB4741EA74E14F8A37242719BC3 ] C:\Windows\System32\WSDApi.dll
18:43:11.0778 0x0d58 C:\Windows\System32\WSDApi.dll - ok
18:43:11.0778 0x0d58 [ 59949C037C8519A6A1AAC1B30E4BD7F7, 2783921038246AC19FCC82282962D038F4AB38A5747CD22D3C4ADA69452A4E7E ] C:\Windows\System32\webservices.dll
18:43:11.0778 0x0d58 C:\Windows\System32\webservices.dll - ok
18:43:11.0794 0x0d58 [ 726BE70BEF5F11C0CAEC01AAE108F487, CE2096EAF4C241F011D2B102FB8B822E9CEF485467DBB1C6E442BC572DDBFFB4 ] C:\Windows\System32\drvstore.dll
18:43:11.0794 0x0d58 C:\Windows\System32\drvstore.dll - ok
18:43:11.0794 0x0d58 [ 32E390954B2C6B1583A969ED0E7C8A9D, BCB4E8143322025F1B4C66E75DBFFF0495338B617C103B0AC14299D5BADD4185 ] C:\Program Files (x86)\Samsung\Settings\msvcp100.dll
18:43:11.0794 0x0d58 C:\Program Files (x86)\Samsung\Settings\msvcp100.dll - ok
18:43:11.0809 0x0d58 [ 3D8D7ABDB98031C7803C110514B5FCD1, AA41F6586902838FEE17B93FF58F79E81DE2AEF97D2BFC5CEA231B07374C5778 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\wdscore.dll
18:43:11.0809 0x0d58 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\wdscore.dll - ok
18:43:11.0809 0x0d58 [ 4C6FF266291064A59B0289AF8AFB5EC0, D5BE03C783E06B138C48DAD0CE952BA12CC531A8EFDCFAF6A757DE8F1A24192A ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll
1 me gusta
Esta es la última parte de TDSSKiller, ahora voy con lo Malawarebytes anti-rootkitbeta
18:43:11.0809 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll - ok
18:43:11.0825 0x0d58 [ 921210D5501BC448F6BF4D4FF608B3DE, FBE3E1BFF81223E8355B326D869ED0739C31E1FEB0EAA96FEBA63BBBB629DE5F ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
18:43:11.0825 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll - ok
18:43:11.0825 0x0d58 [ FDCDFD57D23E2D5D14FD2AD628119FAE, 8FBB7EB1EA6E40554E8A879DF092F78C14FE035421DD90FF94CFF00FF6731BA1 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\CbsCore.dll
18:43:11.0825 0x0d58 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\CbsCore.dll - ok
18:43:11.0840 0x0d58 [ DC89E0274DF59458221BFBED3D00C4C8, 843F70FA967F83D7F9D5619F190A01D04368FD5B7E5473BDCD1246AFAF9CC514 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
18:43:11.0840 0x0d58 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
18:43:11.0840 0x0d58 [ 13B40ED7E62385FAA6F8BC03A54C489F, 63738EBFC9C451896CD2F1A75F24A170169DCB8658EF9E341276030520F6C8DC ] C:\Windows\SysWOW64\pcacli.dll
18:43:11.0840 0x0d58 C:\Windows\SysWOW64\pcacli.dll - ok
18:43:11.0840 0x0d58 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69, CC29187582D78060AB7D910BF0D1E68F6B6E6DF7A71755205A2D466C32CD098D ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
18:43:11.0840 0x0d58 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
18:43:11.0856 0x0d58 [ F2242D98566BFB691A1C39EBBD5E5CF3, D72EC265DB74D79A483ABDD524CB4F3E1FC6EFCEBEE109374B8E352A5E8D9746 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\df3fd1c71f46e3ed49fa84bc08377e25\System.Runtime.Serialization.ni.dll
18:43:11.0856 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\df3fd1c71f46e3ed49fa84bc08377e25\System.Runtime.Serialization.ni.dll - ok
18:43:11.0872 0x0d58 [ 053BE425ACB22AD533936C3E381CBAFF, 40338051B271A7F50F44F4B1154A7BEE6043E186F6B7B724C20AB6BB3FC4B506 ] C:\Windows\SysWOW64\devrtl.dll
18:43:11.0872 0x0d58 C:\Windows\SysWOW64\devrtl.dll - ok
18:43:11.0872 0x0d58 [ 0787B908ADF23ACCA03DC45D0A838AC9, FF38C8E1309F92980F184265502855CE88529F728FB5613566CAD1C2B136FD4C ] C:\Windows\System32\win32spl.dll
18:43:11.0872 0x0d58 C:\Windows\System32\win32spl.dll - ok
18:43:11.0887 0x0d58 [ 85943E87EA818E09043A5340833D53EB, F65A1A8859F008D34491C73382A759B74E81D2544BE55ABEA8B9D34186FFDF0B ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\dpx.dll
18:43:11.0887 0x0d58 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\dpx.dll - ok
18:43:11.0887 0x0d58 [ 4D5B52DCCA36CAEB5BE80BC27DD035B5, C13987C80D6CBE6EE3E58F0FB7E9D7C7B219CD23DD675ED4383B4D4B75CF0DE5 ] C:\Windows\System32\inetpp.dll
18:43:11.0887 0x0d58 C:\Windows\System32\inetpp.dll - ok
18:43:11.0903 0x0d58 [ 119B48EFFB71B5F10D131C15A3C9EB66, 0A687C032BDB4D6DE0B07556D523080FD51C0A96428E67EE5732D22397CA58AF ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\wcp.dll
18:43:11.0903 0x0d58 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\wcp.dll - ok
18:43:11.0903 0x0d58 [ 8C5949321540D636087A39662AC662F4, 7482A1D8D16844DFB67D1225E907B5B0DA4D933D9728E7AAE09414EA8BC798C4 ] C:\Windows\System32\SettingSyncPolicy.dll
18:43:11.0903 0x0d58 C:\Windows\System32\SettingSyncPolicy.dll - ok
18:43:11.0919 0x0d58 [ F73037E015A54ABD7D8EB944B0D4CE1A, C7FD4FB1B5F0D42C64A32CF5FDC2FFB4C6A827F455263F5B269EA2639C08236F ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
18:43:11.0919 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll - ok
18:43:11.0934 0x0d58 [ 817D5A0BE24E7355542304A9AE2C5321, 7078793549A2A31395F594C35BFB09D176B2F799B7E726002F0A6BEA4E75AA4C ] C:\Windows\System32\twinui.dll
18:43:11.0934 0x0d58 C:\Windows\System32\twinui.dll - ok
18:43:11.0934 0x0d58 [ F68E647392DF1C05B7D51DA11717A42D, BBFBE7AF3A1B2671B3E7FB61B5E6ED088B08977C474A4D2B85100E9BA3E21B90 ] C:\Windows\SysWOW64\winhttp.dll
18:43:11.0934 0x0d58 C:\Windows\SysWOW64\winhttp.dll - ok
18:43:11.0950 0x0d58 [ EAE5EACAEA980F5BF037724C825F2BB5, 44B5C198E4D6B3B3E4A9395B20FB866FF01DF2D8C3BDD65A02DEBD7BE3887A80 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\DrUpdate.dll
18:43:11.0950 0x0d58 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\DrUpdate.dll - ok
18:43:11.0950 0x0d58 [ F6294D409CA95CFE405332911AA13B00, 1709FF44D9775A76F0733BBD39B4964B87202E459860072E08007CC9CBAD169A ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
18:43:11.0950 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - ok
18:43:11.0965 0x0d58 [ AD10ECEC53DDB9A1D9879D4C73A15D4C, 52576505EB21F9FF43B541CDA5A9170C5C5F41C0E86A878257C923B73116C4BC ] C:\Windows\System32\srclient.dll
18:43:11.0965 0x0d58 C:\Windows\System32\srclient.dll - ok
18:43:11.0965 0x0d58 [ 0AE33E33BD8167E839101318EA9F5C05, D4DB5D83C0B41EB718055ED40410FD69734C5539FD75D1CCED866F02D73A7E16 ] C:\Windows\System32\wuapi.dll
18:43:11.0965 0x0d58 C:\Windows\System32\wuapi.dll - ok
18:43:11.0981 0x0d58 [ 34D7B359AF1BB7FCB9E3786D5CE51773, 1AA292EABBF3A4C8DAD7A43A831111172C815B226AD4B655954340C875C6D80C ] C:\Windows\SysWOW64\webio.dll
18:43:11.0981 0x0d58 C:\Windows\SysWOW64\webio.dll - ok
18:43:11.0981 0x0d58 [ 7CD9F58139A939E3BF0139254EF7D187, 621588ABCF1DFB00459D461F4135B3F1B60B7232546BCF18DBC3ABC8A43EA251 ] C:\Windows\System32\spp.dll
18:43:11.0981 0x0d58 C:\Windows\System32\spp.dll - ok
18:43:11.0997 0x0d58 [ DEF9ADCA591F9831B344C0266F9B9F89, 798E1E3985A2821092C87BFA9F2E942BE7CBF4D0D77E3620D1774B3D469E2722 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorViewModel.dll
18:43:11.0997 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorViewModel.dll - ok
18:43:11.0997 0x0d58 [ AAF2C09C8DF192C369FFB4FA4106C4E1, A74FD398746D7094248D68AF71EF869AD0A60C2F113F5C4C519DBEC3A1A56E63 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PSIClient.dll
18:43:11.0997 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PSIClient.dll - ok
18:43:12.0012 0x0d58 [ 6D4C268C087F68F523EB5B3D2493D1D8, 9B36EF15F21ED07B41402A7F48A5FD34040604509FDD353197A52A21A72967E9 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
18:43:12.0012 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll - ok
18:43:12.0028 0x0d58 [ E7AC2E85E8A46347EECC6A264A64AE24, A65A82442F5F71B9284A3F0D71308E3B133D932C429355D4015CE4FE18A3C9FB ] C:\Windows\SysWOW64\dnsapi.dll
18:43:12.0028 0x0d58 C:\Windows\SysWOW64\dnsapi.dll - ok
18:43:12.0028 0x0d58 [ 2CD943B8247931FBF6FE7C4DD0C8FE2D, 2F13F98FF9D31455D811A1EB6B74D800F1BA26363581B4993119AE498E73AD4D ] C:\Windows\SysWOW64\rasadhlp.dll
18:43:12.0028 0x0d58 C:\Windows\SysWOW64\rasadhlp.dll - ok
18:43:12.0044 0x0d58 [ B940470D06A00CB9630511AB0B700B53, A5B9D4852F2897AED4AF177ACB5C3012CA8D03D5B411FC681A17603E70DBB30F ] C:\Windows\System32\twinapi.appcore.dll
18:43:12.0044 0x0d58 C:\Windows\System32\twinapi.appcore.dll - ok
18:43:12.0044 0x0d58 [ 31D858C6F1C453AF516343758A4B2C69, 12ABCF99DD28BF35B3C224ACCFE2587BA5F4199D163224B344CDC770EED36130 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll
18:43:12.0044 0x0d58 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll - ok
18:43:12.0059 0x0d58 [ D5E12B3377D025509FDEBF399F3AC385, 365262FAC0E69FCD822676E44D74520D401CD3AA69518CF54DC4397103528B47 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
18:43:12.0059 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll - ok
18:43:12.0059 0x0d58 [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{5A9764B1-E6EC-4193-9334-1CC685A5B52B}.tmp
18:43:12.0059 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{5A9764B1-E6EC-4193-9334-1CC685A5B52B}.tmp - ok
18:43:12.0075 0x0d58 [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{3EB5DD73-5930-4654-95E6-5C3D527C2EA7}.tmp
18:43:12.0075 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{3EB5DD73-5930-4654-95E6-5C3D527C2EA7}.tmp - ok
18:43:12.0090 0x0d58 [ 2326B79A5B3CCF433E00AA1782E8E84C, 5BCE3764A69E4C7D6806B53FACD462C17B2706FCE3DF3AC8B13C123D7BAABC36 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcm90.dll
18:43:12.0090 0x0d58 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcm90.dll - ok
18:43:12.0090 0x0d58 [ FA17EC109029B01C1DC956FF3BD6FC77, D657D71001E5ECDA4BBBC4C35B2B17BF7FC87E90C965A115D59670A3EDD5F8CD ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{C4176227-6A98-4644-9B0C-0108986B1C23}.tmp
18:43:12.0090 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{C4176227-6A98-4644-9B0C-0108986B1C23}.tmp - ok
18:43:12.0106 0x0d58 [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{0A6BADC3-B97B-485C-BB9E-6427FA08C439}.tmp
18:43:12.0106 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{0A6BADC3-B97B-485C-BB9E-6427FA08C439}.tmp - ok
18:43:12.0106 0x0d58 [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{0F5137B3-1500-45A1-9D3D-DF915ABF5003}.tmp
18:43:12.0106 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{0F5137B3-1500-45A1-9D3D-DF915ABF5003}.tmp - ok
18:43:12.0122 0x0d58 [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{132C7F12-FAE8-4F06-A19C-1E37022BA98E}.tmp
18:43:12.0122 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{132C7F12-FAE8-4F06-A19C-1E37022BA98E}.tmp - ok
18:43:12.0122 0x0d58 [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{1943EA25-696A-4D36-920B-D9D03CB9A5C1}.tmp
18:43:12.0122 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{1943EA25-696A-4D36-920B-D9D03CB9A5C1}.tmp - ok
18:43:12.0137 0x0d58 [ EFEE65678F2B3684875BB301088FB2B0, 058B913611CC12B95530270DA722985F362A976A5088B3D0A0E65C02B0CC566C ] C:\Windows\System32\ExplorerFrame.dll
18:43:12.0137 0x0d58 C:\Windows\System32\ExplorerFrame.dll - ok
18:43:12.0153 0x0d58 [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{6FBC50DE-8739-47E5-ADF4-40A31730F92C}.tmp
18:43:12.0153 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{6FBC50DE-8739-47E5-ADF4-40A31730F92C}.tmp - ok
18:43:12.0169 0x0d58 [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{27F5B21E-C2F4-4C4C-A6CB-8A6EB3C62E41}.tmp
18:43:12.0169 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{27F5B21E-C2F4-4C4C-A6CB-8A6EB3C62E41}.tmp - ok
18:43:12.0169 0x0d58 [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ] C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{2A1C8D45-F345-42AC-BE0C-AF2FD480A12C}.tmp
18:43:12.0169 0x0d58 C:\Users\PARIS4~1\AppData\Local\Temp\{30261C61-E110-4870-8CB5-7896781AA5EE}\{2A1C8D45-F345-42AC-BE0C-AF2FD480A12C}.tmp - ok
18:43:12.0184 0x0d58 [ AF9225D084286521F1C66DD0926AC49F, 370EC3A79B9CE8F090548C7DB3F474F2DDC54F183F4C113A3A9E126925D64495 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
18:43:12.0184 0x0d58 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
18:43:12.0184 0x0d58 [ 82767524218B74F295B97F032F9B6DBF, 0E4B7E44199A7003A252BB3C609ABED56F656C8A85BF6E52AEB942732F3B27AE ] C:\Windows\System32\wldp.dll
18:43:12.0184 0x0d58 C:\Windows\System32\wldp.dll - ok
18:43:12.0200 0x0d58 [ 1BBC3284F63F89A7F8C54817FDDB6481, 3CFB85172D5C33D8083F11B6A066D1FE5F64E8C61579B8E58780525E656595B4 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsAPI.dll
18:43:12.0200 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsAPI.dll - ok
18:43:12.0200 0x0d58 [ FD6D5825A2FBFF59522C6A65D70DBDDC, AE7826D8C6806C16ADC35BE86DAD3EE2B993D6BAB28683DCCDAD7522EF40F0CF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6d99e90916a9bdd94f16c1afd0c01c0a\System.Data.ni.dll
18:43:12.0200 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6d99e90916a9bdd94f16c1afd0c01c0a\System.Data.ni.dll - ok
18:43:12.0215 0x0d58 [ 80E1C0B1BD78FB806492FFB2FA75F158, FC42B2C4F510E210C3DF58C21477EF01D27C90F5F32DF09349C5C97619C234D4 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
18:43:12.0215 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll - ok
18:43:12.0215 0x0d58 [ 61ECEAA964E2FFB5708FDA33797958F3, B23C158A6E935E825B5D25086C3338BB8BBB9D8E548C1B7C59D78AF1CBFCFA55 ] C:\Windows\SysWOW64\msi.dll
18:43:12.0215 0x0d58 C:\Windows\SysWOW64\msi.dll - ok
18:43:12.0231 0x0d58 [ 19F6E47033B583D498CD3408B4041966, BB47D250076582DA63A7F0B0534C0A3129300C9BE879CCC77E52E403A07C5514 ] C:\Windows\System32\twinui.appcore.dll
18:43:12.0231 0x0d58 C:\Windows\System32\twinui.appcore.dll - ok
18:43:12.0231 0x0d58 [ FF58B159979675889528DB2D8AAE095B, F6CE36B7A83BC061B59E0C9FA5C983947E1F2BCB1C7B0A64EA2E05E59E2DCCE8 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
18:43:12.0231 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll - ok
18:43:12.0247 0x0d58 [ 272250BCF8C7819CC2DA6469208A1881, 6CADF46531F81796C47899FCDA3103EBF2B523E6F576D1CBF44D4B25F211DE71 ] C:\Windows\System32\wpncore.dll
18:43:12.0247 0x0d58 C:\Windows\System32\wpncore.dll - ok
18:43:12.0247 0x0d58 [ 33C8CC7A7D11636AA04422813DDADE7C, 1C09634167CF7C7717417C940FA06BD69299BE830FDEF7B9074868A5A4ED67EF ] C:\Windows\System32\NapiNSP.dll
18:43:12.0247 0x0d58 C:\Windows\System32\NapiNSP.dll - ok
18:43:12.0262 0x0d58 [ 7A6C1ACAC4B48811930A034CC983E130, F352055B14F1694E13A65ABB7153DC855D3339BBE240879AD5DB14F3DD5655D9 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
18:43:12.0262 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
18:43:12.0262 0x0d58 [ C891E81BCB8104F02202A061F312879A, 88A5A40A2C607D5947F31DE8D06F5822ACE066EE86C563978F3594521F77B460 ] C:\Windows\System32\pnrpnsp.dll
18:43:12.0262 0x0d58 C:\Windows\System32\pnrpnsp.dll - ok
18:43:12.0278 0x0d58 [ 115CB68340D52A344A4370C4C23FC929, 75E11EECFE898DEBD4FF8809FF05B4111FC4CE5C03356446797573EB69F06FC1 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\SUS.dll
18:43:12.0278 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\SUS.dll - ok
18:43:12.0278 0x0d58 [ 39A2C8D619B4DD6E1F5B575E6632994C, 9C2E198FAB95B3B3B5D1E27E7475594533C12CFCBEBB5F52EEBD7DD5BE7F6C8C ] C:\Windows\System32\winrnr.dll
18:43:12.0278 0x0d58 C:\Windows\System32\winrnr.dll - ok
18:43:12.0294 0x0d58 [ 07274360953B810C4E213DC21534F27B, CCA5B445D47366168DB3C1E3568825DA55C268FE01377D65B2B79C0ABC49CB64 ] C:\Windows\System32\wlidprov.dll
18:43:12.0294 0x0d58 C:\Windows\System32\wlidprov.dll - ok
18:43:12.0294 0x0d58 [ 36C0B30DB1C2F0B33CBC22EEAD6FF81D, E00A7F2E7F786858804BBCBCD6571791B836AE4EE78DB04A4E102B71742BAF13 ] C:\Windows\System32\wshbth.dll
18:43:12.0294 0x0d58 C:\Windows\System32\wshbth.dll - ok
18:43:12.0294 0x0d58 [ AD9FFA97884BDC76BAFB7AA8EB99FC65, B79FFBE413E0C2C095A09F2844FB51BA11716764C7A569B2D80D17469CD15D90 ] C:\Windows\SysWOW64\riched20.dll
18:43:12.0294 0x0d58 C:\Windows\SysWOW64\riched20.dll - ok
18:43:12.0309 0x0d58 [ 349434229F5A758C8802B24F520FAC31, E730A9F4A43674AC8FEB0D38BE20BD1417AE73AC0002C0A6719D79D637732179 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\3c92e9ae882de6b055e98e54110bc5b5\System.Configuration.Install.ni.dll
18:43:12.0309 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\3c92e9ae882de6b055e98e54110bc5b5\System.Configuration.Install.ni.dll - ok
18:43:12.0309 0x0d58 [ 7A0A6E9B15B18DCDEFBC3245AC386508, E4DE6DC05DE4AC958C355C08D49614F47CBE85ACA8346474567522271D0B8605 ] C:\Windows\SysWOW64\powrprof.dll
18:43:12.0309 0x0d58 C:\Windows\SysWOW64\powrprof.dll - ok
18:43:12.0325 0x0d58 [ 686AAC28A59DA7500124E56589DB927D, 3491B3350DE24C20D3742790F3561C27B6BB7858DBD79BFB91B874581D708DA5 ] C:\Windows\System32\SearchProtocolHost.exe
18:43:12.0325 0x0d58 C:\Windows\System32\SearchProtocolHost.exe - ok
18:43:12.0325 0x0d58 [ C27421E50D567CC8703F479981542784, 735818ED90C01035ADBD7971DC3259E69ADAD3A2C04F3A94D8F30A111FD11EAD ] C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
18:43:12.0325 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll - ok
18:43:12.0340 0x0d58 [ 2DFB70080151DADD961F34EA545302D1, 54976509E7F7C3BA792F292994DE2E24DE5EF3B225E2FE89BA0FAA5052E6F761 ] C:\Windows\SysWOW64\wlanapi.dll
18:43:12.0340 0x0d58 C:\Windows\SysWOW64\wlanapi.dll - ok
18:43:12.0340 0x0d58 [ 385481616CAD8046BFAF993877AC5A0D, 161F5DF6657D1C2BA1604851161011823BDCB460B0E9D4CBADA4FC566A033DE7 ] C:\Windows\SysWOW64\usp10.dll
18:43:12.0340 0x0d58 C:\Windows\SysWOW64\usp10.dll - ok
18:43:12.0356 0x0d58 [ A756834B5BE8401CE01C2C3BCE0218AC, 3238E6DB7B4BE6F00CB5C3AF615A2EB469E4111E0CB984D3B7E23A8A5DD2855B ] C:\Windows\System32\msshooks.dll
18:43:12.0356 0x0d58 C:\Windows\System32\msshooks.dll - ok
18:43:12.0356 0x0d58 [ 4378C696C9624F7AB15502C155EFBA2B, 739473B1FBCC6C6F09DC01D7AA195031CF8A17694DE5CF3D5BF3E0CB1A2BEC3B ] C:\Program Files (x86)\Samsung\Settings\CmdServer\ModuleBlindScreen.dll
18:43:12.0356 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\ModuleBlindScreen.dll - ok
18:43:12.0372 0x0d58 [ 2D55D5357B3844B5F8FFF23699B5854B, 15CCB6A9F625D52B68D3BD49D5D1B1F0554EC0051145AF035A03DF80760B75E1 ] C:\Windows\System32\SearchFilterHost.exe
18:43:12.0372 0x0d58 C:\Windows\System32\SearchFilterHost.exe - ok
18:43:12.0372 0x0d58 [ 9C9E344E210E930C2BBD3030F01A2448, 49EF05875C9B8E4CB95013E47767D7C2A76E0EE3E1EE68D1C8ECCD3C4FE43CB8 ] C:\Windows\System32\thumbcache.dll
18:43:12.0372 0x0d58 C:\Windows\System32\thumbcache.dll - ok
18:43:12.0387 0x0d58 [ 955466AE2B73E419822068FBD8D6D31F, CF2CC5572152688C5947391D3059FDC274244B97933FF88041E31ABACA3201D6 ] C:\Windows\SysWOW64\samcli.dll
18:43:12.0387 0x0d58 C:\Windows\SysWOW64\samcli.dll - ok
18:43:12.0387 0x0d58 [ AF33B3D7B32FE39656147E0849D987A4, 2893D2358F1AF804963DF69E592FC1F44E1AE8CF1894F0EC7BE4764E471E5645 ] C:\Windows\System32\lockscreencn.dll
18:43:12.0387 0x0d58 C:\Windows\System32\lockscreencn.dll - ok
18:43:12.0403 0x0d58 [ 492BA0BA3E5AF9C10DCF54A606CE9EF9, 0FCE0145488AA3EA55BF36C628328DD2C3F7F425C50E977AF95E6892F753F7E0 ] C:\Windows\SysWOW64\msls31.dll
18:43:12.0403 0x0d58 C:\Windows\SysWOW64\msls31.dll - ok
18:43:12.0403 0x0d58 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] C:\Windows\System32\ncbservice.dll
18:43:12.0403 0x0d58 C:\Windows\System32\ncbservice.dll - ok
18:43:12.0403 0x0d58 [ 73672397196FF76D2550B7DDC9A39EA6, 7DFA9B17B0B613B9EA61F870AD4283A97464E15099590ADC511868C296B94DE9 ] C:\Windows\System32\stobject.dll
18:43:12.0403 0x0d58 C:\Windows\System32\stobject.dll - ok
18:43:12.0419 0x0d58 [ 1BB09445C81C22EEBD92EF830EF7648E, 9E49EF9396F9DAB354B614A6B996A2F222E6958B08E8CC2FBD717E27B4D214B3 ] C:\Windows\System32\dlnashext.dll
18:43:12.0419 0x0d58 C:\Windows\System32\dlnashext.dll - ok
18:43:12.0419 0x0d58 [ AB30F80EA0A22AF80432A7628943762E, 94F6FE72B3F698EA4E47292F2BF4456272DB6188FE5EAF7F32A953B6F038BC51 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
18:43:12.0419 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll - ok
18:43:12.0434 0x0d58 [ D0CA07F5FF2002A912916319048648F2, F07B0BD76CE202F4E43145C006DD794793DC24CEE18B200F64CEA9F7E296766B ] C:\Windows\System32\atlthunk.dll
18:43:12.0434 0x0d58 C:\Windows\System32\atlthunk.dll - ok
18:43:12.0434 0x0d58 [ 69A533EEF6AF96EBAF8BB77A2B8F55C4, 2CE7E5A2AC5366A0DDBF98E8E6EE045EFED5F7DD4423332A2854FFD91AA06CE1 ] C:\Windows\System32\BrokerLib.dll
18:43:12.0434 0x0d58 C:\Windows\System32\BrokerLib.dll - ok
18:43:12.0450 0x0d58 [ B9094E31C98844E31E83820A5E6FC734, 46AB8A4DC7AF140D75921F8E33EA3FF866474B35CF26FF0D3A847DD58A046499 ] C:\Windows\System32\mssprxy.dll
18:43:12.0450 0x0d58 C:\Windows\System32\mssprxy.dll - ok
18:43:12.0450 0x0d58 [ BCB086262AE1C25E63F904AA5E09CEDF, 135F23EFBE5069C4DD4957C1F672DC43813C3487A058A403D7048374684C4118 ] C:\Windows\System32\PlayToDevice.dll
18:43:12.0450 0x0d58 C:\Windows\System32\PlayToDevice.dll - ok
18:43:12.0450 0x0d58 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] C:\Windows\System32\TimeBrokerServer.dll
18:43:12.0465 0x0d58 C:\Windows\System32\TimeBrokerServer.dll - ok
18:43:12.0465 0x0d58 [ D8C7291403BD25513F60C89073831BDF, FF7CCA6C9A27E30820F2FA60359595471D055B00CF203B36C0AD3A0E4A0E27CA ] C:\Windows\System32\DXP.dll
18:43:12.0465 0x0d58 C:\Windows\System32\DXP.dll - ok
18:43:12.0481 0x0d58 [ DA9EBE8C765DC1C18A925B10A49C169E, 38E82B979030C9A6C1C310D89D16A92AD9CB12ADCFEEEF2D7B091591307E9390 ] C:\Windows\SysWOW64\samlib.dll
18:43:12.0481 0x0d58 C:\Windows\SysWOW64\samlib.dll - ok
18:43:12.0481 0x0d58 [ 01AE443F30DF8EBB63EDC7431D9739DA, 2C4EC49C1C37B3FE841108EFAA338FA6B6548BF866419932F64478C81890F093 ] C:\Windows\System32\shdocvw.dll
18:43:12.0481 0x0d58 C:\Windows\System32\shdocvw.dll - ok
18:43:12.0497 0x0d58 [ 255A461686E499EF3437FA6AE3E08FC0, C1ED14494D881E3F08BC3102F8AA13B1B42F4181627F88FA6C03BDCCED1A1A43 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\SCCNetworkDll.dll
18:43:12.0497 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\SCCNetworkDll.dll - ok
18:43:12.0497 0x0d58 [ ECC6B2CABACC6C07D506CFCCCF2B292A, 381B3D8F394D823A1E9E69836936B1592B5C899E89A9F10847809C531ED20918 ] C:\Windows\SysWOW64\ExplorerFrame.dll
18:43:12.0497 0x0d58 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
18:43:12.0512 0x0d58 [ ABA88ECE8AA90946DA8DA825E66FB3F0, B07A564942A541E29D90483320EC537F5D01562F7131DE666808DCAA60E59626 ] C:\Windows\System32\mssph.dll
18:43:12.0512 0x0d58 C:\Windows\System32\mssph.dll - ok
18:43:12.0512 0x0d58 [ BA7CC36BE0C05E55DA584F40DA948E2A, 055D71308E2078D627963F81D8A85A508BB77BB29862A1D9EC7AB534F1732AA5 ] C:\Windows\System32\ActionCenter.dll
18:43:12.0512 0x0d58 C:\Windows\System32\ActionCenter.dll - ok
18:43:12.0528 0x0d58 [ 55EC71864152D0D4AD719D9311A5DD97, D995018DA3327029F0473A902033C74BF939843170FA61564D5B41085A4B4BD8 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
18:43:12.0528 0x0d58 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
18:43:12.0528 0x0d58 [ F066A5FB1FEE4BD0BAE71FFB2168628C, 186411FC5F77F84F1901BFDBFAAF412A5842E3B475C0851CA718E65E3D8BA3AB ] C:\Windows\System32\DevDispItemProvider.dll
18:43:12.0528 0x0d58 C:\Windows\System32\DevDispItemProvider.dll - ok
18:43:12.0544 0x0d58 [ 0FCECB32E4EA75149922E9DDCC5A1E66, 60372D56EFE60E30C7CEDAE1818A7BAE80E494C212260D4AE9AE15C5481CF677 ] C:\Windows\SysWOW64\dhcpcsvc.dll
18:43:12.0544 0x0d58 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
18:43:12.0544 0x0d58 [ 27097A653B844B5EBE62A2A753F16725, 8053742FB5F5FA19DD3502C1E50309D6B59ADC6CE56592A41CA75F266ED71C36 ] C:\Windows\SysWOW64\duser.dll
18:43:12.0544 0x0d58 C:\Windows\SysWOW64\duser.dll - ok
18:43:12.0559 0x0d58 [ 29A5ACFDFEA4E61CEE2C67C9EEC44E42, D060B90818F88E135048DD7BC48DA3D22CFDB1DC3F36F6E7F3BD5F5D266776BB ] C:\Windows\System32\mapi32.dll
18:43:12.0559 0x0d58 C:\Windows\System32\mapi32.dll - ok
18:43:12.0559 0x0d58 [ 34CE046E760BC993CFC1AB12E4ECE6B9, 97A95DBB0744B28CFBB6BE3FA7A70E0C3EE4F417006D974C6E4663EA846A32AA ] C:\Windows\System32\AudioSes.dll
18:43:12.0559 0x0d58 C:\Windows\System32\AudioSes.dll - ok
18:43:12.0575 0x0d58 [ 9AEA6FEA674320A151BF13881006FA98, B68452579A3F5F898AD8CCF63D655AED62C5BE221784B799CDF471DA674FBDCC ] C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
18:43:12.0575 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll - ok
18:43:12.0575 0x0d58 [ 978C7BA0A92952149298B5DFFA5A68FF, 9163FC95DA39A5866EDD972E6EAD5038BC2836658B50AC13EDBFBA97FC0AFF05 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0a3a1e7699f2a7ee82482f2f24e2a5e9\WindowsBase.ni.dll
18:43:12.0575 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0a3a1e7699f2a7ee82482f2f24e2a5e9\WindowsBase.ni.dll - ok
18:43:12.0590 0x0d58 [ 01A69116720EF73FF15F59C68760FADD, ABC85C824CEC37F3534C5345FBDF08E5CAD1026C178BB0BF15FF34F3529BFB6F ] C:\Windows\System32\prnfldr.dll
18:43:12.0590 0x0d58 C:\Windows\System32\prnfldr.dll - ok
18:43:12.0590 0x0d58 [ AF454A1198076CE87B171AD85AC2966A, 4B99F12DE00D0FDF5D75285F2F1D352BA429D72B81F5CA77A9DE4172DA103E2C ] C:\Windows\SysWOW64\dui70.dll
18:43:12.0590 0x0d58 C:\Windows\SysWOW64\dui70.dll - ok
18:43:12.0606 0x0d58 [ 0BB6089A1AEE468209FE22E29E6B87BD, 8F2FCB00BD4237645B7DABE62BAB3A7824572EE4C903806B858D6125CF466AF2 ] C:\Windows\System32\wpdshext.dll
18:43:12.0606 0x0d58 C:\Windows\System32\wpdshext.dll - ok
18:43:12.0606 0x0d58 [ 1865B70E12F45529F2856782CA8E0481, 8F3965403DD8DE325DAE598146559164B9079E923A195303A7B0266203C3D90A ] C:\Windows\System32\AltTab.dll
18:43:12.0606 0x0d58 C:\Windows\System32\AltTab.dll - ok
18:43:12.0622 0x0d58 [ 94A0C54D43668D8D444C6EB5C25ECFA2, FBAF8046DC25F773CD4426977A92A341597FD3EA06E4708F9D0057E26F2BDCAD ] C:\Windows\System32\Syncreg.dll
18:43:12.0622 0x0d58 C:\Windows\System32\Syncreg.dll - ok
18:43:12.0622 0x0d58 [ 2D4AE4C13FDBEAA797F30D16F13B44F7, 4C2E3576A84FF55A599F24F7594188D4745059FBF4B6458303A97363805A0861 ] C:\Windows\System32\gameux.dll
18:43:12.0622 0x0d58 C:\Windows\System32\gameux.dll - ok
18:43:12.0637 0x0d58 [ B18D5F41ADEB7FC758265C65AE9D5E26, 2DDBFD810FD87748766EC2D0EE026A8A7DF1A889FB54FA687ADF11D61E5905E6 ] C:\Windows\System32\ntshrui.dll
18:43:12.0637 0x0d58 C:\Windows\System32\ntshrui.dll - ok
18:43:12.0637 0x0d58 [ 17AD2D5135084F82AE8D85181CF82814, C697C6AF04DEA06ACAF94FEB637AC1560326DC089D1D53194D8D7ADF337AEF7A ] C:\Windows\System32\wbem\wmiprov.dll
18:43:12.0637 0x0d58 C:\Windows\System32\wbem\wmiprov.dll - ok
18:43:12.0653 0x0d58 [ 5AA7BAC4B80BCD6E3561008E80BD2407, F1CE763E643D8B0EDA6DAE94A9D764BABC61ED1ADB9223D01DE048490F50EC4E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\caea98fabc513fb0143b034dfc04739b\System.Drawing.ni.dll
18:43:12.0653 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\caea98fabc513fb0143b034dfc04739b\System.Drawing.ni.dll - ok
18:43:12.0653 0x0d58 [ 8AC3C01B450BAF88E2C5809B08B35A3B, 4818346C6C2D24B0D406865AD17CB32CFA57A3AD83882A45C20D404BF5B0C07E ] C:\Windows\System32\WPDShServiceObj.dll
18:43:12.0653 0x0d58 C:\Windows\System32\WPDShServiceObj.dll - ok
18:43:12.0669 0x0d58 [ 1FEAB9A32FD5427BB3C54224FBF43667, 2433E7ADC9B839B1FC65E93DEA5DC72C3ECE735CD68CF0F6F8C0920C7FA42CC7 ] C:\Windows\System32\linkinfo.dll
18:43:12.0669 0x0d58 C:\Windows\System32\linkinfo.dll - ok
18:43:12.0669 0x0d58 [ 53BCDAC7DF99061F524922D9F6BA652D, AD3E9CB4E0CCB7C4C8B6CAF7E824728BCE0C18C20B5B359C5BA8F1EFDFA87CDB ] C:\Windows\System32\PortableDeviceTypes.dll
18:43:12.0669 0x0d58 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:43:12.0684 0x0d58 [ B51C5C0894A708E0D90FCF053DBADFAC, 6B873F58D295C008FC4346944394E3DEE98D0A3B95FD513F1758994BAE193C88 ] C:\Program Files\Windows Portable Devices\sqmapi.dll
18:43:12.0684 0x0d58 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
18:43:12.0684 0x0d58 [ 6BA8A2A04C8BE600158B2937D4200E16, 91E8CF3769E4BC42E40D33C86A6ED60CB825042A9AAB8E0FCAA1D53B5B26D885 ] C:\Windows\System32\pnidui.dll
18:43:12.0684 0x0d58 C:\Windows\System32\pnidui.dll - ok
18:43:12.0700 0x0d58 [ 459957A61331236C92A6D8768EC38967, 4DA98BA384207B0EBD231C131DB74CC91E6DDDA6F69B111672475DA7B6364C71 ] C:\Windows\System32\SettingMonitor.dll
18:43:12.0700 0x0d58 C:\Windows\System32\SettingMonitor.dll - ok
18:43:12.0700 0x0d58 [ 59F77A45DFF579E2267E439BD593C59D, 46654E715B66FF15AFD75606AAAB61D26E4C9B543B60DAA565C8C9905D433241 ] C:\Windows\System32\IconCodecService.dll
18:43:12.0700 0x0d58 C:\Windows\System32\IconCodecService.dll - ok
18:43:12.0700 0x0d58 [ F1A7E8DE5BC2B64C77446C4F334FAAB2, 2285168BDFA2B5FB874A79B9D0D5E7A619965A7C093519EDD7F04ED3B3977226 ] C:\Windows\System32\srchadmin.dll
18:43:12.0700 0x0d58 C:\Windows\System32\srchadmin.dll - ok
18:43:12.0715 0x0d58 [ BC313E03B3E817E3B1F307462DE42126, 5B7C66EF8217595005F92EA06FB857286A7745F56EEB5C70841533A30AF7F60D ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
18:43:12.0715 0x0d58 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
18:43:12.0715 0x0d58 [ A315285DDAC9E60207D777E8F76871B4, 788296177E149CC167B5C9685EEA10812BB397DA658DB9F64996B427F8904B68 ] C:\Windows\System32\SyncCenter.dll
18:43:12.0715 0x0d58 C:\Windows\System32\SyncCenter.dll - ok
18:43:12.0731 0x0d58 [ 9743499464C910D3B66BB83D24977AA6, EE71F69FE27B7C1127DB47DA755934AAB47DCA70237D56B518895A467CFCC121 ] C:\Windows\System32\imapi2.dll
18:43:12.0731 0x0d58 C:\Windows\System32\imapi2.dll - ok
18:43:12.0731 0x0d58 [ EE32288B9D4B48A485A4EF70EE56B814, 5F4153FE8F2FC1475E51AC8E84130F74235D82C47185B078E1EA9A65D156CC57 ] C:\Windows\System32\FXSST.dll
18:43:12.0731 0x0d58 C:\Windows\System32\FXSST.dll - ok
18:43:12.0747 0x0d58 [ CB989D9DA5EFD04C58858736AC03D4FF, 02DC85F583509C68390A87BF53932AA4E1A95E94306B4184A02C2D52A8D284B0 ] C:\Windows\System32\FXSAPI.dll
18:43:12.0747 0x0d58 C:\Windows\System32\FXSAPI.dll - ok
18:43:12.0747 0x0d58 [ 9A7C59794E0E2CABE953FE4501BA3C11, C13A9C918303B8250663129410CA5B2108A5761866EC9AC3DA7EA25A13615509 ] C:\Windows\System32\hgcpl.dll
18:43:12.0747 0x0d58 C:\Windows\System32\hgcpl.dll - ok
18:43:12.0762 0x0d58 [ 536AC44F045C611A13AAA3D6EE32241A, E98C65D72BAA539197A950C08921B43E129BF91616B7BDAA74D2D48EDDF07FE8 ] C:\Windows\System32\msiltcfg.dll
18:43:12.0762 0x0d58 C:\Windows\System32\msiltcfg.dll - ok
18:43:12.0762 0x0d58 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] C:\Windows\System32\provsvc.dll
18:43:12.0762 0x0d58 C:\Windows\System32\provsvc.dll - ok
18:43:12.0762 0x0d58 [ 01B0B798E4012BAC6EEECF7859D9B045, 5E3B57EA485D18570ACE26976BA78D57283561D0A07A8003416BC815405817BB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6f79712bd3ab944ccbfb8e5644a8a46f\PresentationCore.ni.dll
18:43:12.0762 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6f79712bd3ab944ccbfb8e5644a8a46f\PresentationCore.ni.dll - ok
18:43:12.0778 0x0d58 [ 1B76D48A97E3E61661846A5BF64E2008, 5E3524F06CF733107092C36ED3CAF6C967E09E4F3AFDDFB6F8464D5AFDE30587 ] C:\Windows\System32\FXSRESM.dll
18:43:12.0778 0x0d58 C:\Windows\System32\FXSRESM.dll - ok
18:43:12.0778 0x0d58 [ 386D2C903FEC8F1F9B1F7A2B750AE65F, CCCC64D2B7311B6B84135D372E9375C2DB92B64530D7326B70C4233475016450 ] C:\Windows\System32\ieframe.dll
18:43:12.0778 0x0d58 C:\Windows\System32\ieframe.dll - ok
18:43:12.0794 0x0d58 [ FE58B851F07CD1D5723BC3A9D1768F53, E789D4D904164DE5B94EA21391B2ECE374B8D4B41642CBEA7A3AE01CEF80D96C ] C:\Windows\System32\Windows.UI.Search.dll
18:43:12.0794 0x0d58 C:\Windows\System32\Windows.UI.Search.dll - ok
18:43:12.0794 0x0d58 [ EF1F37E61A60ED44BBE8A8182A5D1B5F, E25C03D6878C55482776D57E6B0BBC6EA4DF12CC101D8CC37913F7AB7916A078 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c107b07804dd84b53582ac78b8962560\System.Windows.Forms.ni.dll
18:43:12.0794 0x0d58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c107b07804dd84b53582ac78b8962560\System.Windows.Forms.ni.dll - ok
18:43:12.0809 0x0d58 [ BD1AF65D05DB0DB390432630BFBE5B96, C998A0B682D8B588DF627B514B668A563B31CB76AB5EBC4A7DA78CE0AC7ED15F ] C:\Windows\System32\wincorlib.dll
18:43:12.0809 0x0d58 C:\Windows\System32\wincorlib.dll - ok
18:43:12.0809 0x0d58 [ 4E0894C78EBE23C540CC967445D56744, 10EBA5B72A25FFE1D184967050F6DC2233DE4EEA4A1B5D554DED8EC7885040B2 ] C:\Windows\System32\WSClient.dll
18:43:12.0809 0x0d58 C:\Windows\System32\WSClient.dll - ok
18:43:12.0825 0x0d58 [ 35A4955E1D2646FC01EDC70C6738E3B2, 2889569234ECD4F8B421BCE4A2A59D74E9CEE868FA1840670C5B46594AC37C6E ] C:\Windows\System32\WSShared.dll
18:43:12.0825 0x0d58 C:\Windows\System32\WSShared.dll - ok
18:43:12.0825 0x0d58 [ A7110E8EBCFA5D2E58B4272F09170E9D, 70D3BB13930901D796B169B06E36C86B590918F2491DCA3D95EE2AFA823F4EA9 ] C:\Windows\System32\WSSync.dll
18:43:12.0825 0x0d58 C:\Windows\System32\WSSync.dll - ok
18:43:12.0825 0x0d58 [ A556E60B7C2AE73F2734FC80C7C41ECF, 202D92467B57EEF244BF058E684CA7D09E640CBF0237C9EE4F03DCD452D4D293 ] C:\Windows\System32\ELSCore.dll
18:43:12.0825 0x0d58 C:\Windows\System32\ELSCore.dll - ok
18:43:12.0841 0x0d58 [ 5A6747C670FC0C6AA6E94A042EEF0F35, 8C4CBBF97B1043178DCA77A06C49A44B7B6DD31B334B1B3B0BA4844379B2522B ] C:\Windows\System32\Windows.UI.dll
18:43:12.0841 0x0d58 C:\Windows\System32\Windows.UI.dll - ok
18:43:12.0841 0x0d58 [ 6665E75972B9ACB78CA1DF9DEFE439C3, C79135FDD0FF053B36291C7AF3EB4C511E255C9614E0F33DC43044BC6C52D72E ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
18:43:12.0841 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll - ok
18:43:12.0856 0x0d58 [ CB1B3A65BD56BCD5C384EFE6D4392971, D3948B628EFD335696D266C6A149E224F921B0391D7AFF895ED77549CA91E5ED ] C:\Windows\System32\networkexplorer.dll
18:43:12.0856 0x0d58 C:\Windows\System32\networkexplorer.dll - ok
18:43:12.0856 0x0d58 [ 9EB7AC4A685AC9C2DF2E782256758BF8, 1D9EB2F623C72FBE05DF89653ED7DCC01F4ACBA1EFF39D1B90ECAEBEE2C03D68 ] C:\Windows\System32\mlang.dll
18:43:12.0856 0x0d58 C:\Windows\System32\mlang.dll - ok
18:43:12.0872 0x0d58 [ ED5B09923D8594CB7CE9073C361E74D3, 2C3DE0EC08023CB89850A776A2B0D28AC43BDDF65F1EF4FCA6034A6BAE85C220 ] C:\Windows\SysWOW64\WWanAPI.dll
18:43:12.0872 0x0d58 C:\Windows\SysWOW64\WWanAPI.dll - ok
18:43:12.0872 0x0d58 [ E30EB3CF4A4ACF98A486CDEBB515B944, 5D2679B517B4D3A5E23FC51FE8C21B507AFB808CA27ABF49BA9B3A5B0BF5B34A ] C:\Program Files\AVAST Software\Avast\ashShell.dll
18:43:12.0872 0x0d58 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
18:43:12.0887 0x0d58 [ B51C5C0894A708E0D90FCF053DBADFAC, 6B873F58D295C008FC4346944394E3DEE98D0A3B95FD513F1758994BAE193C88 ] C:\Program Files\Internet Explorer\sqmapi.dll
18:43:12.0887 0x0d58 C:\Program Files\Internet Explorer\sqmapi.dll - ok
18:43:12.0887 0x0d58 [ 1F3FF6015194A55FBB12E456F68F031A, 342501649B6704300032B62986A5241542548BBFF86AB6149B17C7903767B620 ] C:\Windows\SysWOW64\wwapi.dll
18:43:12.0887 0x0d58 C:\Windows\SysWOW64\wwapi.dll - ok
18:43:12.0903 0x0d58 [ 6DBACE2254D8D80669727F1345E64788, BD0DEF6A484A88D1363050AB4528E6D1D0A5BEFECAB94F1B7D32B587A66D3C8E ] C:\Program Files (x86)\Samsung\Settings\CmdServer\MobileAPCore.dll
18:43:12.0903 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\MobileAPCore.dll - ok
18:43:12.0903 0x0d58 [ 6EEC7A430C242583A33EABA324D1A35F, 0466CD615935EF620E653B8E2ACE8461F87526D36BF55B15ECF30E56A8272D75 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorViewModel.resources.dll
18:43:12.0903 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorViewModel.resources.dll - ok
18:43:12.0919 0x0d58 [ 1DCA0ECFF2D015D3FE5D82B5005E4342, B19AE94FBD599BDF5E2D1A44C677043F172DA1A92B95CC048EC7E6E55A4D9A0F ] C:\Windows\System32\EhStorShell.dll
18:43:12.0919 0x0d58 C:\Windows\System32\EhStorShell.dll - ok
18:43:12.0919 0x0d58 [ 10231E6C0208C02B18F80F52917DB49A, 8811C42AE740B7DD3D5FEDAFAC60543D2EC6B44CAABA9ACF6013B051678912C6 ] C:\Windows\System32\Windows.UI.Xaml.dll
18:43:12.0919 0x0d58 C:\Windows\System32\Windows.UI.Xaml.dll - ok
18:43:12.0919 0x0d58 [ D1EACE1F5F7C97AA2F8A1F5A28577209, F5EFE7E3A106F1BA9F6C3DDC1E37708F583F856F1F4112E49982706F47C7B7DF ] C:\Windows\SysWOW64\pcwum.dll
18:43:12.0919 0x0d58 C:\Windows\SysWOW64\pcwum.dll - ok
18:43:12.0934 0x0d58 [ 3C544C566EE7091AC52D4D9156C62687, 4113C3D662D7212FCE5DD9362DF0A3C1025D934461A7F1364706536BF045C604 ] C:\Windows\SysWOW64\url.dll
18:43:12.0934 0x0d58 C:\Windows\SysWOW64\url.dll - ok
18:43:12.0934 0x0d58 [ 1EEC954AA977BE64D8E374ECF9211491, 7A14003292AAD4FF095336FAB03DEE27D8D31CE7A1F9BAB9EC9A10AC9A7CB791 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
18:43:12.0934 0x0d58 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
18:43:12.0950 0x0d58 [ 05DB01000F608263255771A2A3037697, EA0A72139E616615A0FCC4AF9451738D26CCC4A7247C6EDD9A824253C7E8D553 ] C:\Windows\System32\WinTypes.dll
18:43:12.0950 0x0d58 C:\Windows\System32\WinTypes.dll - ok
18:43:12.0950 0x0d58 [ C5BFF7A07D58CE39BEB4D0CD88D95078, 2E7AE8F1A6B7D71B4E0973BBE2DA66847BFCA71342166D5C0D917AA4C68745AA ] C:\Windows\SysWOW64\ieframe.dll
18:43:12.0950 0x0d58 C:\Windows\SysWOW64\ieframe.dll - ok
18:43:12.0966 0x0d58 [ 8448DC6EDCC6372DA997BC0225715E9E, 432FF97F8765F0883DC14171C2685B2F05E288BF1E51B101A55853F868251D33 ] C:\Program Files\Samsung\S Agent\CommonAgent.exe
18:43:12.0966 0x0d58 C:\Program Files\Samsung\S Agent\CommonAgent.exe - ok
18:43:12.0966 0x0d58 [ B36809060BE3AEF4119A1EB687FFF82D, DFE7B6EAF60687E853567D0513F1EEFF41836EBBC6AF6E984F4EA38D12761B9D ] C:\Windows\System32\SearchFolder.dll
18:43:12.0966 0x0d58 C:\Windows\System32\SearchFolder.dll - ok
18:43:12.0966 0x0d58 [ F2FB921391164BE226C8121AA0002A88, CE328B706B6BBAD2E3CF07BBC5DECFE17EA2A09C1EA1CC2D0407CF5B67D47874 ] C:\Windows\System32\StructuredQuery.dll
18:43:12.0966 0x0d58 C:\Windows\System32\StructuredQuery.dll - ok
18:43:12.0981 0x0d58 [ 0D75C087E6F78FD2F7B8DF6CBE25D1EB, BFDCD3B7D138A209F3019407DA3A8CDFA02DE8CC34EBEE6D9E54FFE5A1D9D68D ] C:\Windows\System32\oledlg.dll
18:43:12.0981 0x0d58 C:\Windows\System32\oledlg.dll - ok
18:43:12.0981 0x0d58 [ C84FCC8ED90E39A47E22329989ACF279, 5C7A3930BBA438BE261258BF7A24FF247D1814FF3992EFF7777EF9ACACECCDBF ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
18:43:12.0981 0x0d58 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll - ok
18:43:12.0997 0x0d58 [ B160B5456AEDD2D50398055448A03116, 2EFD2AE3BE656623D7F9C0713DD9C410D62BCBAB143FBE1475C1EE8191C8D6D6 ] C:\Windows\System32\SNTSearch.dll
18:43:12.0997 0x0d58 C:\Windows\System32\SNTSearch.dll - ok
18:43:12.0997 0x0d58 [ EC72598AF0253EF30F1E19357DA8D086, CDF5F207C025DC9E5976D21DB59DBA4F052EF364C645F466273937DDBC53B801 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\SCCColorDll.dll
18:43:12.0997 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\SCCColorDll.dll - ok
18:43:13.0012 0x0d58 [ A591326014CB6A0C68FC8EBD8873E94A, 13100A06F30D7AA69CC41947EBF48BC58BDEF8F03BC6448DBF34F3F6F5FFCB00 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\MAPISHELL.DLL
18:43:13.0012 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\MAPISHELL.DLL - ok
18:43:13.0012 0x0d58 [ 7667B0883DE4667EC87C3B75BED84D84, 04E7CCBDCAD7CBAF0ED28692FB08EAB832C38AAD9071749037EE7A58F45E9D7D ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\vcruntime140_1.dll
18:43:13.0012 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\vcruntime140_1.dll - ok
18:43:13.0028 0x0d58 [ B6F7D38D14EF7582578327FDC8577547, 1437567DB9BA93BD8A14707D29A2750768534FE51AF6EF65EEE28D452150EB36 ] C:\Windows\System32\igfxext.exe
18:43:13.0028 0x0d58 C:\Windows\System32\igfxext.exe - ok
18:43:13.0028 0x0d58 [ 11D9AC94E8CB17BD23DEA89F8E757F18, E1D6F78A72836EA120BD27A33AE89CBDC3F3CA7D9D0231AAA3AAC91996D2FA4E ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\vcruntime140.dll
18:43:13.0028 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\vcruntime140.dll - ok
18:43:13.0044 0x0d58 [ 5D409D47F9AEBD6015F7C71D526028C3, 7050043B0362C928AA63DD7800E5B123C775425EBA21A5C57CBC052EBC1B0BA2 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-heap-l1-1-0.dll
18:43:13.0044 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-heap-l1-1-0.dll - ok
18:43:13.0059 0x0d58 [ 3A96F417129D6E26232DC64E8FEE89A0, 01E3C0AA24CE9F8D62753702DF5D7A827C390AF5E2B76D1F1A5B96C777FD1A4E ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-string-l1-1-0.dll
18:43:13.0059 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-string-l1-1-0.dll - ok
18:43:13.0059 0x0d58 [ C25321FE3A7244736383842A7C2C199F, BF55134F17B93D8AC4D8159A952BEE17CB0C925F5256AA7F747C13E5F2D00661 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-runtime-l1-1-0.dll
18:43:13.0059 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-runtime-l1-1-0.dll - ok
18:43:13.0075 0x0d58 [ 53E23E326C11191A57DDF7ADA5AA3C17, 293C76A26FBC0C86DCF5906DD9D9DDC77A5609EA8C191E88BDC907C03B80A3A5 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-stdio-l1-1-0.dll
18:43:13.0075 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-stdio-l1-1-0.dll - ok
18:43:13.0075 0x0d58 [ AFC20D2EF1F6042F34006D01BFE82777, CD5256B2FB46DEAA440950E4A68466B2B0FF61F28888383094182561738D10A9 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-convert-l1-1-0.dll
18:43:13.0075 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-convert-l1-1-0.dll - ok
18:43:13.0091 0x0d58 [ CC9518A539D3C67F11DDECE996482BC6, 3A153A8D679BBA5C89BDE6792C2051BE91343335E9BE0558D393D9FCEDD53D05 ] C:\Windows\System32\igfxsrvc.exe
18:43:13.0091 0x0d58 C:\Windows\System32\igfxsrvc.exe - ok
18:43:13.0091 0x0d58 [ 34168A4AF676D6A5733BBF7A0905D3C7, 2AB2A74BCB5BFD8248D232EB3BC56698FB5173B9FF7FC0DAF87D8120D0F448D7 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ucrtbase.dll
18:43:13.0091 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ucrtbase.dll - ok
18:43:13.0106 0x0d58 [ 7ECB4F91F748AD7BAB52EFEB7E9E6D7D, 058F5990C16C4A570ECA6FB47A1964C15217A2DB192E263608E176EB426ADB25 ] C:\Windows\System32\igfxsrvc.dll
18:43:13.0106 0x0d58 C:\Windows\System32\igfxsrvc.dll - ok
18:43:13.0122 0x0d58 [ E92CBCE358FF0AB7F2ED0E89762D296F, 95463D97D8926F4FDB42F57AF77600EA856E9BF6B7DCF2E2250C4DDAB19E8BD5 ] C:\Windows\System32\igfxdev.dll
18:43:13.0122 0x0d58 C:\Windows\System32\igfxdev.dll - ok
18:43:13.0122 0x0d58 [ 60158210F0B8A50631029374E3C05C19, 2571A61DF18494ADF4A90F901CA26B99EAB8677D0AEACFABFAD9F423AE60BF3E ] C:\Windows\System32\opengl32.dll
18:43:13.0122 0x0d58 C:\Windows\System32\opengl32.dll - ok
18:43:13.0137 0x0d58 [ 5A7AD0C50C70343B3F509F9F6A4ED006, 7E43BD275DEB87DEF356B58F81BB4C558531D11A56EA00B23D69ACFC7768172C ] C:\Windows\System32\glu32.dll
18:43:13.0137 0x0d58 C:\Windows\System32\glu32.dll - ok
18:43:13.0137 0x0d58 [ F1F7F2995EA2B432F4BAD478DE7E56A1, EAEB6DFA94E27C9E8A2EC10E70A6A60DBC0FD2971490FEEFA890A90534A64CEE ] C:\Windows\System32\ddraw.dll
18:43:13.0137 0x0d58 C:\Windows\System32\ddraw.dll - ok
18:43:13.0153 0x0d58 [ 4F80646BF7D639F135672332407DC1CA, 59FCC4633D06527735AEE9F5C5B77F75294D829D18009D6ED4BCFCF1DE2C5D05 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONFILTER.DLL
18:43:13.0153 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONFILTER.DLL - ok
18:43:13.0153 0x0d58 [ 6E3381152091034DD1773C7B5D0B85E5, 7C4723736DDAF3FD87434475170610ACED43F95A346FE96A18797B193ABB5EEA ] C:\Windows\System32\dciman32.dll
18:43:13.0153 0x0d58 C:\Windows\System32\dciman32.dll - ok
18:43:13.0169 0x0d58 [ B607AD82711B4D79BB8147A9D438ECDE, 1DBEB0D4D976D1E7E198D59965C7AFD9F1E3C74B31DA148A8E8782B5E0DE2C5C ] C:\Windows\System32\igfxexps.dll
18:43:13.0169 0x0d58 C:\Windows\System32\igfxexps.dll - ok
18:43:13.0169 0x0d58 [ C44AED91F57546BF7F48DFB00BD319A1, 2E487DD156639174263C91F4D5D7AA04402D296612872EE34DC621B4F78312EA ] C:\Windows\SysWOW64\igfxexps32.dll
18:43:13.0169 0x0d58 C:\Windows\SysWOW64\igfxexps32.dll - ok
18:43:13.0184 0x0d58 [ CD0C37F1875B704F8EB08E397381AC16, D86AC158123A245B927592C80CC020FEA29C8C4ADDC144466C4625A00CA9C77A ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\msvcp140.dll
18:43:13.0184 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\msvcp140.dll - ok
18:43:13.0200 0x0d58 [ F440DC5623419E013D07DD1FCD197156, BBA068F29609630E8C6547F1E9219E11077426C4F1E4A93B712BFBA11A149358 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-utility-l1-1-0.dll
18:43:13.0200 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-utility-l1-1-0.dll - ok
18:43:13.0200 0x0d58 [ 877C5FF146078466FF4370F3C0F02100, 9B05A43FDC185497E8C2CEA3C6B9EB0D74327BD70913A298A6E8AF64514190E8 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-math-l1-1-0.dll
18:43:13.0200 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-math-l1-1-0.dll - ok
18:43:13.0216 0x0d58 [ 0D50A16C2B3EC10B4D4E80FFEB0C1074, FAB41A942F623590402E4150A29D0F6F918EE096DBA1E8B320ADE3EC286C7475 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-locale-l1-1-0.dll
18:43:13.0216 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-locale-l1-1-0.dll - ok
18:43:13.0216 0x0d58 [ D76F73BE5B6A2B5E2FA47BC39ECCDFE5, 6C86E40C956EB6A77313FA8DD9C46579C5421FA890043F724C004A66796D37A6 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-filesystem-l1-1-0.dll
18:43:13.0216 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-filesystem-l1-1-0.dll - ok
18:43:13.0231 0x0d58 [ 05AF3F787A38ED1974FF3BDA3D752E69, F4163CBC464A82FCE47442447351265A287561C8D64ECC2F2F97F5E73BCB4347 ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-time-l1-1-0.dll
18:43:13.0231 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-time-l1-1-0.dll - ok
18:43:13.0231 0x0d58 [ FE93C3825A95B48C27775664DC54CAE4, C4ED8F65C5A0DBF325482A69AB9F8CBD8C97D6120B87CE90AC4CBA54AC7D377A ] C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-environment-l1-1-0.dll
18:43:13.0231 0x0d58 C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\api-ms-win-crt-environment-l1-1-0.dll - ok
18:43:13.0247 0x0d58 [ 46F125C1600438ADDDE9E7E8582D005F, 7001FD47ED98ABDF5CCA86FE1008BDB5482A6ABC97F44C798A219C4CA23AA5B8 ] C:\Program Files (x86)\Samsung\Settings\CmdServer\VendorAPIRun64.exe
18:43:13.0247 0x0d58 C:\Program Files (x86)\Samsung\Settings\CmdServer\VendorAPIRun64.exe - ok
18:43:13.0262 0x0d58 [ 1F98236F5D803A97B95727AAFBC1958D, 3C2B043516D5CBD8EE918773994EFB695ECC2A644C7DD96904B222964DBF9F3B ] C:\Windows\System32\apprepapi.dll
18:43:13.0262 0x0d58 C:\Windows\System32\apprepapi.dll - ok
18:43:13.0262 0x0d58 [ 9438C1835DEBD283AF551274EEBC1B2A, 9512464D5C874294E97782568AE0305FACA8837DBD5B54DB970844EB0DCE5848 ] C:\Windows\System32\RtkApi64.dll
18:43:13.0262 0x0d58 C:\Windows\System32\RtkApi64.dll - ok
18:43:13.0278 0x0d58 [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:43:13.0278 0x0d58 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
18:43:13.0278 0x0d58 [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
18:43:13.0278 0x0d58 C:\Windows\System32\RtkCfg64.dll - ok
18:43:13.0294 0x0d58 [ B1118081E42CBF1E0CECF3C42FC0BB46, 1D7ACD2744FB3F3F7F679E3C03D694AAB50DE637613B356B75B37FC23903CE21 ] C:\Windows\System32\RtkAPO64.dll
18:43:13.0294 0x0d58 C:\Windows\System32\RtkAPO64.dll - ok
18:43:13.0294 0x0d58 [ 6F237EE5DDA34EAF3D9C79D4A283E250, ADA6083FA042F786FB15E21A669354DF41C26A1FD7BD36A144F6541C00393E3F ] C:\Windows\System32\AudioEng.dll
18:43:13.0294 0x0d58 C:\Windows\System32\AudioEng.dll - ok
18:43:13.0309 0x0d58 [ CC0434CBB00ECF7B4FDD072A4101AC60, 64E9061347176957723EE6F3F15A4906B077477E7175A214991F3360A21E3C7C ] C:\Windows\System32\SRSLabs\{0D490185-0EF5-4E25-9994-EF95218A851C}\slcnt64.dll
18:43:13.0309 0x0d58 C:\Windows\System32\SRSLabs\{0D490185-0EF5-4E25-9994-EF95218A851C}\slcnt64.dll - ok
18:43:13.0309 0x0d58 [ 43B0E62B728A04A73FE6FAE3274FFEE7, B172ABC783E1E62BA58824A1C11F0C7AFCC2B28834081F8C6B3FF78F7973C529 ] C:\Windows\System32\SRSLabs\{0D490185-0EF5-4E25-9994-EF95218A851C}\sltech64.dll
18:43:13.0309 0x0d58 C:\Windows\System32\SRSLabs\{0D490185-0EF5-4E25-9994-EF95218A851C}\sltech64.dll - ok
18:43:13.0325 0x0d58 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\System32\rundll32.exe
18:43:13.0325 0x0d58 C:\Windows\System32\rundll32.exe - ok
18:43:13.0341 0x0d58 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:43:13.0341 0x0d58 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe - ok
18:43:13.0341 0x0d58 [ A6F4941BA377CAB44B383EBB7E547F21, E0841BDC42CB3DA5A3DB09455DA3A9FFE007401E54E955B04222D2252C7BEE80 ] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
18:43:13.0341 0x0d58 C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll - ok
18:43:13.0356 0x0d58 [ 5039FDFB4267235655C21EF52BA784C9, 3650C435D9A6A479C6A90E1A2CE00DBCAB7C63E372113BB76A4EB28AC3C06C96 ] C:\Windows\System32\igfxtray.exe
18:43:13.0356 0x0d58 C:\Windows\System32\igfxtray.exe - ok
18:43:13.0356 0x0d58 [ 4A9AA0D25943DFD19915F1BF58A659ED, 0E73D357BD8E54F4D747DB8306D709AD9DB3407B795B800113B84391DE092BD2 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\esn.dll
18:43:13.0356 0x0d58 C:\Program Files (x86)\Intel\Bluetooth\Resources\esn.dll - ok
18:43:13.0372 0x0d58 [ 4744C2FC4CD93C4579E2D0CED20B8501, 763866D653DC871856600A5C5C1D1F226C4CF66535809EC7C5E2A091E1A4C87D ] C:\Windows\System32\hccutils.dll
18:43:13.0372 0x0d58 C:\Windows\System32\hccutils.dll - ok
18:43:13.0372 0x0d58 [ EE52962813B2E7F5D265AAFF3BDDD18D, 433F59557745F7E6CBB63B004DF5D3310F86814B537A52E2668722B086A1FE83 ] C:\Windows\System32\hkcmd.exe
18:43:13.0372 0x0d58 C:\Windows\System32\hkcmd.exe - ok
18:43:13.0387 0x0d58 [ 1F1C25EED93390B62047AA020E224A18, B0AC5BD6DB3B173C9721334AE7E9EB2E1562D17F40E7DCC8A31BCF6CB1BC5E26 ] C:\Windows\System32\igfxresn.lrc
18:43:13.0387 0x0d58 C:\Windows\System32\igfxresn.lrc - ok
18:43:13.0387 0x0d58 [ 1A3FD0F7C15044F4C7263111AD84A965, DF6E908B30A405F7A362BF4230B7BD3991C15D9082C0BEF85689AC1F1DE4E4BC ] C:\Windows\System32\igfxpers.exe
18:43:13.0387 0x0d58 C:\Windows\System32\igfxpers.exe - ok
18:43:13.0403 0x0d58 [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:43:13.0403 0x0d58 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - ok
18:43:13.0419 0x0d58 [ 9651EE124A68573D5FA27ED64F9E5038, C7E21E81E57BE6B969FA91FA1BAA836AEF15004432FCB4F1935ECB7B4F4147DD ] C:\Program Files\AVAST Software\Avast\AvLaunch.exe
18:43:13.0419 0x0d58 C:\Program Files\AVAST Software\Avast\AvLaunch.exe - ok
18:43:13.0419 0x0d58 [ 9E5CFBFB6B854124740DDEDC4E4EF80E, 9512CF6C381BF86BFC1F098B6C3A5116285E10E2EC30C0A259C61C3C61840556 ] C:\Windows\SysWOW64\bthprops.cpl
18:43:13.0419 0x0d58 C:\Windows\SysWOW64\bthprops.cpl - ok
18:43:13.0434 0x0d58 [ 5324C0300133B405D720FAE26F62B4AC, D4B32590112894DEE7707FFCCE2C97336BEF4D24ACAB421BCF5106F5FB76C180 ] C:\Windows\SysWOW64\BluetoothApis.dll
18:43:13.0434 0x0d58 C:\Windows\SysWOW64\BluetoothApis.dll - ok
18:43:13.0434 0x0d58 [ 91FDB8A648BBAB9890DCC2C90012BD09, E40B8A52C6DC075C6807C2A412E93BFEBEB030845361889BC75DDFBFCA12FC60 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:43:13.0434 0x0d58 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
18:43:13.0450 0x0d58 [ A30392203EC423D1FF0DB1DFCD8A71E4, 954532739CFDA27C9CC348E0F15A32C3293AF8195D0AA0E055F7203414BBC9F8 ] C:\Windows\SysWOW64\sxs.dll
18:43:13.0450 0x0d58 C:\Windows\SysWOW64\sxs.dll - ok
18:43:13.0450 0x0d58 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:43:13.0450 0x0d58 C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe - ok
18:43:13.0466 0x0d58 ================ Scan generic autorun ======================
18:43:13.0825 0x0d58 [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:43:13.0903 0x0d58 RtHDVBg - ok
18:43:14.0216 0x0d58 [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:43:14.0294 0x0d58 RtHDVBg_SRSSA - ok
18:43:14.0294 0x0d58 ETDCtrl - ok
18:43:14.0309 0x0d58 BTMTrayAgent - ok
18:43:14.0466 0x0d58 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:43:14.0497 0x0d58 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
18:43:14.0497 0x0d58 IAStorIcon ( UnsignedFile.Multi.Generic ) - warning
18:43:14.0606 0x0d58 [ 5039FDFB4267235655C21EF52BA784C9, 3650C435D9A6A479C6A90E1A2CE00DBCAB7C63E372113BB76A4EB28AC3C06C96 ] C:\WINDOWS\system32\igfxtray.exe
18:43:14.0653 0x0d58 IgfxTray - ok
18:43:14.0794 0x0d58 [ EE52962813B2E7F5D265AAFF3BDDD18D, 433F59557745F7E6CBB63B004DF5D3310F86814B537A52E2668722B086A1FE83 ] C:\WINDOWS\system32\hkcmd.exe
18:43:14.0856 0x0d58 HotKeysCmds - ok
18:43:14.0997 0x0d58 [ 1A3FD0F7C15044F4C7263111AD84A965, DF6E908B30A405F7A362BF4230B7BD3991C15D9082C0BEF85689AC1F1DE4E4BC ] C:\WINDOWS\system32\igfxpers.exe
18:43:15.0059 0x0d58 Persistence - ok
18:43:15.0341 0x0d58 [ 9651EE124A68573D5FA27ED64F9E5038, C7E21E81E57BE6B969FA91FA1BAA836AEF15004432FCB4F1935ECB7B4F4147DD ] C:\Program Files\AVAST Software\Avast\AvLaunch.exe
18:43:15.0372 0x0d58 AvastUI.exe - ok
18:43:16.0325 0x0d58 [ 88F2DFD72A912F9244A08DE63C0C3757, E36D91D0F571CB049BAA68141E6655179E9F54C5810DDB9949373EEB1FFA6F66 ] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
18:43:16.0606 0x0d58 Adobe Reader Synchronizer - ok
18:43:16.0731 0x0d58 [ F5AE03DE0AD60F5B17B82F2CD68402FE, 6F88FB88FFB0F1D5465C2826E5B4F523598B1B8378377C8378FFEBC171BAD18B ] C:\WINDOWS\system32\cmd.exe
18:43:16.0825 0x0d58 Uninstall C:\Users\paris429pcf566\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64 - ok
18:43:16.0934 0x0d58 [ F5AE03DE0AD60F5B17B82F2CD68402FE, 6F88FB88FFB0F1D5465C2826E5B4F523598B1B8378377C8378FFEBC171BAD18B ] C:\WINDOWS\system32\cmd.exe
18:43:16.0981 0x0d58 Uninstall C:\Users\paris429pcf566\AppData\Local\Microsoft\OneDrive\17.3.6390.0509 - ok
18:43:17.0028 0x0d58 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60110 ( disabled : outofdate )
18:43:17.0028 0x0d58 AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 21.4.6162.0 ), 0x41000 ( enabled : updated )
18:43:17.0028 0x0d58 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.207 ), 0x61000 ( enabled : updated )
18:43:17.0184 0x0d58 Win FW state via NFP2: enabled ( trusted )
18:43:17.0184 0x0d58 ============================================================
18:43:17.0184 0x0d58 Scan finished
18:43:17.0184 0x0d58 ============================================================
18:43:17.0200 0x0ee8 Detected object count: 4
18:43:17.0200 0x0ee8 Actual detected object count: 4
19:05:31.0008 0x0ee8 C:\Program Files\Intel\iCLS Client\HeciServer.exe - copied to quarantine
19:05:31.0008 0x0ee8 HKLM\SYSTEM\ControlSet001\services\Intel(R) Capability Licensing Service Interface - will be deleted on reboot
19:05:31.0180 0x0ee8 C:\Program Files\Intel\iCLS Client\HeciServer.exe - will be deleted on reboot
19:05:31.0180 0x0ee8 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:05:31.0227 0x0ee8 C:\Windows\System32\HPZinw12.dll - copied to quarantine
19:05:31.0227 0x0ee8 HKLM\SYSTEM\ControlSet001\services\Net Driver HPZ12 - will be deleted on reboot
19:05:31.0243 0x0ee8 C:\Windows\System32\HPZinw12.dll - will be deleted on reboot
19:05:31.0243 0x0ee8 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:05:31.0305 0x0ee8 C:\Windows\System32\HPZipm12.dll - copied to quarantine
19:05:31.0305 0x0ee8 HKLM\SYSTEM\ControlSet001\services\Pml Driver HPZ12 - will be deleted on reboot
19:05:31.0321 0x0ee8 C:\Windows\System32\HPZipm12.dll - will be deleted on reboot
19:05:31.0321 0x0ee8 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:05:31.0383 0x0ee8 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe - copied to quarantine
19:05:31.0383 0x0ee8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:IAStorIcon - will be deleted on reboot
19:05:31.0383 0x0ee8 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe - will be deleted on reboot
19:05:31.0383 0x0ee8 IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:05:31.0633 0x0ee8 KLMD registered as C:\WINDOWS\system32\drivers\95093068.sys
19:08:37.0305 0x0ea4 Deinitialize success
1 me gusta
Perfecto! El programa ha realizado correctamente su función!
IMPORTANTE:
Realice todo este procedimiento en Modo Seguro con Funciones de Red y si el programa de desinfección que se le va a pasar le pide reiniciar para poder eliminar las amenazas e infecciones que encuentre, pues reinicias!, pero sólo si se lo pide dicho programa.
Una vez aclarado esto, siga estos pasos que le indico a continuación:
Descargue, Instale y ejecute el siguiente programa: MALWAREBYTES ANTI-ROOTKIT BETA. A continuación, le dejo la Url de Descarga del programa: MALWAREBYTES ANTI-ROOTKIT BETA y su Manual para que sepas cómo utilizarlo y configurarlo correctamente:
. 
. Url de Descarga de MALWAREBYTES ANTI-ROOTKIT BETA: Url de Descarga: MALWAREBYTES ANTI-ROOTKIT BETA para que pueda ejecutar e instalar el programa correctamente.
. 
. Manual del MALWAREBYTES ANTI-ROOTKIT BETA para que sepas cómo utilizarlo y configurarlo correctamente: Manual MALWAREBYTES ANTI-ROOTKIT BETA (Elimine TODAS las amenazas e infecciones que encuentre).
. . Siga su Manual al pie de la letra y me manda una Captura de Pantalla con todas las amenazas e infecciones que encuentre.
Quedo a la espera de su respuesta!
Hola cero hallazgos
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9600 Windows 8.1 x64
System is currently in a safe mode
Account is Administrative
Internet Explorer version: 11.0.9600.20296
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.594000 GHz
Memory total: 8471248896, free: 6556782592
Downloaded database version: v2022.03.21.09
Downloaded database version: v2022.03.21.09
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
03/21/2022 20:27:18
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\intmsd.sys
\SystemRoot\system32\DRIVERS\FLTMGR.SYS
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\viaide.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2.sys
\SystemRoot\System32\drivers\lsi_sas3.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\megasr.sys
\SystemRoot\System32\drivers\iaStorAV.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stornvme.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\ADP80XX.SYS
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\drivers\vmstorfl.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\gagp30kx.sys
\SystemRoot\System32\drivers\uagp35.sys
\SystemRoot\System32\drivers\agp440.sys
\SystemRoot\System32\drivers\nv_agp.sys
\SystemRoot\System32\drivers\uliagpkx.sys
\SystemRoot\System32\drivers\amdkmpfd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\system32\drivers\aswArDisk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Netwew01.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\Drivers\RtsUVStor.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\ETDSMBus.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\RadioHIDMini.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\drivers\aswNetHub.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\MbamChameleon.sys
\??\C:\WINDOWS\system32\drivers\7132129A.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2022.03.21.09
rootkit: v2022.03.21.09
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe0007e1bc060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0007e1be290, DeviceName: Unknown, DriverName: \Driver\aswArDisk\
DevicePointer: 0xffffe0007e1bcb20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0007e1bc060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0007e082b00, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe0007e082060, DeviceName: \Device\00000034\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthA2DP.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthA2DP.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthHfAud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthHfAud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usb80236.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usb80236.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rndismp6.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rndismp6.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 4F494D44
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2640322760
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 97d979da-f5d8-42c7-a83d-4eae98236644
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2640322760
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 97d979da-f5d8-42c7-a83d-4eae98236644
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID bde3cda4-cccd-4f63-bf30-6ccf9930acad
FirstLBA 2048 Last LBA 1023999
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 3b189530-98c3-4992-b0b1-cf41b349abd
FirstLBA 1024000 Last LBA 1638399
Attributes 0
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 7c061529-aedb-489a-b520-f162ce77aa63
FirstLBA 1638400 Last LBA 1900543
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 957f6a58-aacf-40eb-8cc5-b9323d9b4ee
FirstLBA 1900544 Last LBA 1902952448
Attributes 0
Partition Name Basic data partition
Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 31b2b4d0-84dc-4ee7-b226-c975dfbf9cec
FirstLBA 1902954496 Last LBA 1903878143
Attributes 1
Partition Name
Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 3c93c03f-1ac-42ce-b36b-70eaf8c32095
FirstLBA 1903878145 Last LBA 1951426560
Attributes 1
Partition Name Basic data partition
Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID eccb4745-3b08-4dab-4173-636c65706975
FirstLBA 1951426561 Last LBA 1953523712
Attributes 1
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthA2DP.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthHfAud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHLEENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\COMPOSITEBUS.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usb80236.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\Windows\System32\BthHFSrv.dll" is compressed (flags = 1)
File "C:\Windows\System32\SysFxUI.dll" is compressed (flags = 1)
File "C:\Windows\System32\fsquirt.exe" is compressed (flags = 1)
File "C:\Windows\System32\CIRCoInst.dll" is compressed (flags = 1)
File "C:\Windows\System32\iscsilog.dll" is compressed (flags = 1)
File "C:\Windows\System32\MsApoFxProxy.dll" is compressed (flags = 1)
File "C:\Windows\System32\streamci.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtp.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtpUS.dll" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rndismp6.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
Scan finished
1 me gusta
Acabo de revisar el informe que me ha enviado y no ha encontrado ninguna infección!
IMPORTANTE:
Realice todo este procedimiento en Modo Seguro con Funciones de Red y si el programa de desinfección que se le va a pasar le pide reiniciar para poder eliminar las amenazas e infecciones que encuentre, pues reinicias!, pero sólo si se lo pide dicho programa.
Como este programa se va a demorar en su proceso de análisis deje pasando dicho programa que le dejo a continuación, siguiendo su manual que le indico aquí y lo reviso mañana.
Una vez aclarado esto, siga estos pasos que le indico a continuación:
Descargue el programa de la siguiente Url: Le dejo "2 Url de Descarga" por si uno no le funciona el proceso de Instalación pueda probar con la segunda Url de Descarga:
Url descarga 1: RogueKiller x64 Bits
Url descarga 2: RogueKiller x82 Bits
Aquí le dejo su manual de RogueKiller para que sepas cómo utilizarlo y configurarlo correctamente:
"Abra" el programa: "RogueKiller" que ha descargado.
Clikea en la pestaña que pone: Análisis. Donde pone: "Análisis personalizado" clicke en la pestaña: [color=orange]**“Personalizar”. IMPORTANTE: Si NO le deja realizar un Análisis Personalizado realice un Análisis Full Scan (Tal y cómo se muestra en la imagen):
Dejar marcadas las opciones que se reflejan en la siguiente pantalla y clickea en la pestaña que pone: Iniciar. (Tal y como se muestra en la imagen):
Automáticamente empezará el Proceso de Análisis en busca de Virus e Infecciones dejar que analice por completo y "NO" interrumpir el programa hasta que finalice en su totalidad. Finalizado el Proceso de Análisis por completo clickea en la pestaña que pone: Resultados: (Proceso tal y como se indica en la siguiente pantalla):
Una vez finalizado el Proceso de Análisis por completo, si encuentra “AMENAZAS” e “INFECCIONES” saldrá una pantalla similar a esta, clicka en la pestaña que pone: Resultados para poder eliminar dichas “INFECCIONES.” (Tal y como se muestra en esta pantalla):
Si le sale una pantalla similar a esta significa que el programa ha “ELIMINADO” con éxito “TODAS” las “AMENAZAS” e “INFECCIONES” de su ordenador. Clickea en la pestaña que pone: Resultados. (Tal y cómo se indica en esta página):
Para “ELIMINAR” las AMENAZAS e “INFECCIONES” clickea en la pestaña que pone: Eliminación. (Tal y como se muestra en esta pantalla):
Le aparecerá una pantalla similar a esta, dejar "TODAS" las opciones marcadas que te salgan a ti. Para “ELIMINAR” todas las “INFECCIONES” clikea en la pestaña que pone: Finalizar. (Tal y cómo se muestra en la pantalla):
Para enviarme el "Informe" que ha generado el programa cuando haya finalizado por completo de Analizar siga estos pasos que se reflejan a continuación:
Para que pueda enviarme el informe que le vaya solicitando en este foro a partir de ahora le daré las indicaciones correctas para que pueda elegir el método que más se adapte a sus necesidades para que me pueda enviar dicho informe correctamente:
Abra la siguiente Url y entre las diferentes opciones que se le indican elija el método que le resulta más fácil para poder enviarme dicho informe que le he solicitado:
Url: ¿Como Pegar Reportes en el Foro?
Mándeme dicho informe que le solicito que haya generado como le he indicado.
Quedo a la espera de su respuesta!
Hola, encontró amenazas potencioalmente peligrosas en archivos temporales de firefox o algo similar
Program : RogueKiller Anti-Malware
Version : 15.4.0.0
x64 : Yes
Program Date : Mar 7 2022
Location : C:\Users\paris429pcf566\Downloads\RogueKiller_portable64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 8.1 (6.3.9600) 64-bit
64-bit OS : Yes
Startup : 2
WindowsPE : No
User : paris429pcf566
User is Admin : Yes
Date : 2022/03/22 02:17:30
Type : Scan
Aborted : No
Scan Mode : Standard
Duration : 2475
Found items : 2
Total scanned : 152462
Signatures Version : 20220321_135205
Truesight Driver : No
Updates Count : 6
truesight_error : 1
************************* Warnings *************************
************************* Updates *************************
Mozilla Firefox (x64 en-US) (64-bit), version 95.0
[+] Available Version : 98.0.1
[+] Size : 205 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\Mozilla Firefox
WinRAR 6.02 (64-bit) (64-bit), version 6.02.0
[+] Available Version : 6.11
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\WinRAR\
blender (64-bit), version 2.93.5
[+] Available Version : 3.1
[+] Size : 640 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\Blender Foundation\Blender 2.93\
Google Chrome (32-bit), version 99.0.4844.51
[+] Available Version : 99.0.4844.82
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Google\Chrome\Application
Adobe Acrobat Reader DC - Español (32-bit), version 21.011.20039
[+] Available Version : 22.001.20085
[+] Size : 485 MB
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Adobe\Acrobat Reader DC\
Zoom (64-bit), version 5.6.1 (617)
[+] Available Version : 5.9.7
[+] Size : 9,76 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Users\paris429pcf566\AppData\Roaming\Zoom\bin
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
************************* Registry *************************
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
************************* Web Browsers *************************
>>>>>> Firefox Config
├── [PUM.SearchEngine (Potencialmente Malicioso)] browser.search.defaultenginename (C:\Users\paris429pcf566\AppData\Roaming\Mozilla\Firefox\Profiles\q7vdn3t8.default\prefs.js) -- Yahoo® -> Encontrado
└── [PUM.SearchEngine (Potencialmente Malicioso)] browser.search.selectedEngine (C:\Users\paris429pcf566\AppData\Roaming\Mozilla\Firefox\Profiles\q7vdn3t8.default\prefs.js) -- Yahoo® -> Encontrado
************************* Antirootkit *************************
1 me gusta
Una pregunta @Svpam, ¿Le ha dado a Eliminar esas amenazas que ha encontrado dicho programa de desinfeccion?
Quedo a la espera de su respuesta!
Hola sí, tras haber eliminado me muestra la primera imagen que adjunté en la publicación inmediatamente anterior, donde dice “Eliminación finalizada” (en color blanco). Y en la sesegunda image muestra en verde dos amenazas, indicando con ese color que ya están eliminados, de lo contrario mostraría en rojo.
1 me gusta
Una pregunta, @Svpam ¿La licencia de su antivirus Avast lo adquirió usted de licencia de pago ó tiene usted la versión gratuita del antivirus Avast?
Le hago otra pregunta, @Svpam ¿Posee usted la licencia de pago del Antivirus Avast a mano o no dispone de dicha licencia de pago?
Le comento esto porque lo mismo se tiene de desinstalar su Antivirus Avast para poder solucionar el problema que dio con dicho error para saber si se puede desinstalar para luego poder volvérselo a instalar de nuevo por eso le preguntaba si usted posee la licencia de pago de su Antivirus Avast para saber si lo podemos desinstalar o no para así poder resolver muchos más problemas en su ordenador con el segundo paso que serían las tareas de mantenimiento de reparación del Registro de Windows para poder realizar muchas más reparaciones y poder solucionar el problema que tiene usted del que no se apaga su ordenador.
Quedo a la espera de su respuesta!
Hola es antivirus avast gratuito, ¿puedo desinstalar antivirus avast desde modo (seguro) a prueba de fallo con opciones de red?
1 me gusta
Si, correcto! Se puede desinstalar desde Modo Seguro con Funciones de Red! Le pongo los pasos a seguir para poder desinstalarlo correctamente!
…
En primer lugar, realiza lo siguiente:
Selecciona 
> de la lista que te sale busca la carpeta que pone: Sistema de Windows > ve a la opción que pone: Panel de control > clickea en donde dice: Programas > Programas y características y en la lista que sale busque > Avast ó Avast Premium Security ó (Todos los que sean AVAST + Lo que sea de Nombre ). y lo selecciona y click en donde pone > Desinstalar y desinstale todo lo que salga con el Nombre de Avast ó (Todos los que sean AVAST + Lo que sea de Nombre ). (IMPORTANTE: Si dicho programa te pide Reiniciar para poder desinstalar dicho programa, pues Reinicias, pero SÓLO si te lo pide el programa).
Cuando haya realizado todo el procedimiento avísame por aquí!
Quedo a la espera de su respuesta!
Hola tengo una duda, ¿los archivos en cuarentena que tiene avast serán eliminados al eliminar el programa? Y la otra duda es que en Programas y características aún me muestra el programa “Smart Guard Anti-Cheat” el cual dijo que era pontencial amenaza, ¿desinstalo también el Smart Guard Anti-Cheat?
1 me gusta
En teoría no tiene porqué eliminarse los archivos en cuarentena pero cada antivirus lleva su sistema pero en teoría no tiene porqué eliminarse dichos archivos que me comentas.
…
Con respecto a lo que me comenta, yo le indicaré los pasos a seguir para poder realizar dicho procedimiento del poder desinstalar el programa: Smart Guard Anti-Cheat. para que pueda desinstalarse por completo sin que sigan quedando restos de dicho programa en el Registro de Windows. y se puedan eliminar TODOS sus restos por completo.
Desinstale el Antivirus Avast siguiendo las indicaciones que le he indicado y en Modo Seguro Con Funciones de Red. IMPORTANTE: Si en Modo Seguro Con Funciones de Red NO le dejara desinstalar dicho antivirus Avast siguiendo las indicaciones que le he dado me lo comunica por aquí!
Cuando haya realizado dicho procedimiento me lo comunica por aquí!
Quedo a la espera de su respuesta!
Hola listo avast desinstalado y ya reinicié, pero ahora me encuentro en modo aprueba de fallo con opciones de red.
1 me gusta
Click el la pestaña que pone: Restart computer y una vez que se haya reiniciado su odenador deja que se ejecuten los iconos de la barra de tareas correctametente y que aparezcan TODOS los iconos y vuelva a poner su ordenador en Modo Seguro con Funciones de Red y cuando haya realizado dicho procedimiento me avisa por aquí.
…
selecciona Inicio > Configuración > Actualización y seguridad > Seguridad de Windows > Abrir Seguridad de Windows > Protección antivirus y contra amenazas > Administrar la configuración
Maximizas la pantalla y me mandas una Captura de Pantalla con todo lo que te salga.
IMPORTANTE:
SI NO LE DEJA REALIZAR ESTE PROCEDIMIENTO EN MODO SEGURO CON FUNCIONES DE RED AVISEME POR AQUI!
Quedo a a la espera de su respuesta!
Hola en windows 8.1 traté de encontrar algo similar a lo indicado en tu última publicación, no sé si está bien:
1 me gusta
Perfecto! Realice el siguiente procedimiento en MODO SEGURO CON FUNCIONES DE RED:
DESINSTALACIÓN PROGRAMAS
Para los programas en que te diga: puedes quitarlos. Hazlo así:
Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.
Quitas todos los programas que encuentre Revo con los nombres de: Smart Guard Anti-Cheat
Pues serían los siguientes:
Smart Guard Anti-Cheat
O bien:
Smart Guard Anti-Cheat (Todos los que sean Smart Guard Anti-Cheat + Lo que sea de Nombre).
Estos deben de quedar completamente desinstalados.
Manual de Uso: Revo Uninstaller: Manual de Revo Uninstaller - nº 2 por SanMar
Ahora realice lo siguiente, siguiendo el manual aplicado a los programas que le indico que desinstale a continuación:
DESINSTALACIÓN PROGRAMAS:
Para los programas en que te diga: puedes quitarlos. Hazlo así:
Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.
Quitas todos los programas que encuentre Revo con los nombres de:
:
Smart Guard Anti-Cheat
:
AVAST
Pues serían los siguientes:
Smart Guard Anti-Cheat
AVAST
O bien:
Smart Guard Anti-Cheat (Todos los que sean Smart Guard Anti-Cheat + Lo que sea de Nombre).
AVAST (Todos los que sean AVAST + Lo que sea de Nombre).
Estos deben de quedar completamente desinstalados.
Manual de Uso: Revo Uninstaller: Manual de Revo Uninstaller - nº 2 por SanMar
Me mandas una Captura de Pantalla! con todo lo que salga.
Quedo a la espera de su respuesta!
Hola al desinstalar Smart Guard Anti-Cheat manda lo siguientes mensajes:
Y en la ventana de Revo Uninstaller muestra:
1 me gusta
Perfecto! Realice el mismo procedimiento reiniciando su ordenador en Modo Normal, como lo reinicia normalmente y realice de nuevo el mismo procedimiento que le he indicado.
Cuando haya finalizado dicho procedimiento que le he indicado me lo comunica por aquí!
Quedo a la espera de su respuesta!
