[diegofba]

Hi, My parents pc is infected. I'm unable to install or open some files due to a virus and some days earlier i was unable to access internet but it somehow works now. 

For ex. I could only open FRST on safe mode.

I'm attaching the files, thanks in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017

Ran by Felipe (administrator) on FELIPE (06-01-2017 10:29:46)

Running from D:\User2016\Desktop

Loaded Profiles: Felipe (Available Profiles: Felipe)

Platform: Windows 7 Home Premium (X64) Language: Español (España, internacional)

Internet Explorer Version 8 (Default browser: Chrome)

Boot Mode: Safe Mode (minimal)

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

 

==================== Registry (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Run: [f.lux] => C:\Users\Felipe\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\RunOnce: [Adobe Speed Launcher] => 1483715921

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {ac1b0cb2-91fa-11e6-9a82-50e5492444fa} - F:\LG_PC_Programs.exe

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {f9f8731d-7286-11e6-b397-50e5492444fa} - F:\HiSuiteDownLoader.exe

Startup: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk [2017-01-06]

ShortcutTarget: Start.lnk -> C:\Users\Felipe\AppData\Roaming\dfenqkn\lfomuvgye.exe (Microsoft Corporation)

BootExecute: autocheck autochk * sdnclean64.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\..\Interfaces\{92B75EA1-5721-4377-9BB8-8BE2FE93959C}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{A49E6196-757F-47AB-87CF-9D04061CDD5D}: [NameServer] 200.108.96.220,200.108.96.217

 

Internet Explorer:

==================

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.centamnetworks.com/

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://login.centamnetworks.com/

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

Toolbar: HKU\S-1-5-21-3052470422-392353544-3589946678-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)

Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)

Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

 

FireFox:

========

FF DefaultProfile: 793f1rku.default

FF ProfilePath: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default [2017-01-06]

FF user.js: detected! => C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default\user.js [2017-01-06]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3052470422-392353544-3589946678-1000: SkypePlugin -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\npGatewayNpapi.dll [2016-03-31] (Skype Technologies S.A.)

FF Plugin HKU\S-1-5-21-3052470422-392353544-3589946678-1000: SkypePlugin64 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\npGatewayNpapi-x64.dll [2016-03-31] (Skype Technologies S.A.)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR StartupUrls: Default -> "hxxps://www.google.com.pe/?gws_rd=ssl"

CHR DefaultSearchURL: Default -> hxxps://auth.gfx.ms/16.000.26210.00/favicon.ico?v=2

CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default [2017-01-06]

CHR Extension: (HOTMAIL) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\alkekcgkpcoagcmachoigbfdghlbeoon [2016-04-02]

CHR Extension: (Google Docs) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-15]

CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-15]

CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-15]

CHR Extension: (Búsqueda de Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-15]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (AdBlock) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]

CHR Extension: (Skype) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-10]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]

CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-15]

CHR Extension: (Chrome Media Router) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]

CHR Extension: (Llamadas de Skype) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2016-04-09]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)

S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-06] (Malwarebytes)

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-01-06 10:21 - 2017-01-06 10:29 - 00000000 ____D C:\FRST

2017-01-03 07:18 - 2017-01-06 10:20 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2017-01-03 07:18 - 2017-01-06 10:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2017-01-03 07:18 - 2017-01-03 07:18 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2017-01-03 07:18 - 2017-01-03 07:18 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2017-01-03 07:18 - 2017-01-03 07:18 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2017-01-03 07:18 - 2017-01-03 07:18 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2017-01-03 07:18 - 2017-01-03 07:18 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2017-01-03 07:18 - 2017-01-03 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2017-01-03 07:18 - 2017-01-03 07:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2017-01-03 07:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2017-01-03 07:17 - 2017-01-03 07:17 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-01-03 07:17 - 2017-01-03 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-01-03 07:17 - 2017-01-03 07:17 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-01-03 07:17 - 2017-01-03 07:17 - 00000000 ____D C:\Program Files\Malwarebytes

2017-01-03 07:17 - 2017-01-03 06:10 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Felipe\spybot-2.4.exe

2017-01-03 07:17 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys

2017-01-03 07:16 - 2017-01-03 06:03 - 54199488 _____ (Malwarebytes ) C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe

2017-01-03 07:15 - 2017-01-06 10:29 - 00340288 _____ C:\Windows\ntbtlog.txt

2016-12-29 12:04 - 2017-01-03 07:19 - 00000000 ____D C:\ProgramData\AVAST Software

2016-12-29 12:01 - 2016-12-29 12:02 - 00000000 __SHD C:\Config.Msi

2016-12-10 16:53 - 2016-12-10 16:53 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk

2016-12-10 16:53 - 2016-12-10 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-01-06 10:18 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2017-01-06 10:17 - 2009-07-13 23:45 - 00018880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2017-01-06 10:17 - 2009-07-13 23:45 - 00018880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-01-06 09:50 - 2009-07-14 04:31 - 00746992 _____ C:\Windows\system32\perfh00A.dat

2017-01-06 09:50 - 2009-07-14 04:31 - 00158464 _____ C:\Windows\system32\perfc00A.dat

2017-01-06 09:50 - 2009-07-14 00:13 - 01675926 _____ C:\Windows\system32\PerfStringBackup.INI

2017-01-06 09:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf

2017-01-06 09:46 - 2016-08-03 06:39 - 00000000 ___HD C:\Users\Felipe\AppData\Roaming\dfenqkn

2017-01-03 07:32 - 2016-04-09 21:38 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Skype

2017-01-03 07:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF

2017-01-03 07:17 - 2016-03-15 11:31 - 00000000 ____D C:\Users\Felipe

2016-12-30 20:05 - 2016-08-17 04:38 - 00524288 ___SH C:\Windows\system32\config\components{a1d86b91-645a-11e6-b8e4-50e5492444fa}.TMContainer00000000000000000001.regtrans-ms

2016-12-30 20:05 - 2016-08-17 04:38 - 00065536 ___SH C:\Windows\system32\config\components{a1d86b91-645a-11e6-b8e4-50e5492444fa}.TM.blf

2016-12-30 20:05 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\config

2016-12-30 20:05 - 2009-07-13 21:34 - 29360128 _____ C:\Windows\system32\config\components

2016-12-30 20:05 - 2009-07-13 21:34 - 00262144 ____H C:\Windows\system32\config\COMPONENTS.LOG1

2016-12-29 12:02 - 2016-03-15 11:35 - 00000000 __SHD C:\Windows\Installer

2016-12-29 12:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\DriverStore

2016-12-29 12:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\catroot

2016-12-27 06:55 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\config\RegBack

2016-12-24 10:28 - 2016-03-15 13:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2016-12-17 20:26 - 2016-03-15 11:34 - 00000000 ____D C:\Users\Felipe\AppData\Local\Google

2016-12-17 04:00 - 2016-03-15 11:35 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-12-17 04:00 - 2016-03-15 11:35 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-12-17 03:53 - 2016-03-15 11:34 - 00003468 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2016-12-17 03:53 - 2016-03-15 11:34 - 00003340 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2016-12-14 06:13 - 2016-04-12 21:36 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\vlc

2016-12-14 05:35 - 2016-03-15 13:01 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-12-14 05:35 - 2016-03-15 13:01 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk

2016-12-14 05:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Tasks

2016-12-13 23:00 - 2016-03-15 12:40 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Adobe

2016-12-13 05:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\catroot2

2016-12-13 05:02 - 2016-04-09 21:38 - 00000000 ___RD C:\Program Files (x86)\Skype

2016-12-11 03:18 - 2009-07-14 00:08 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-12-10 16:52 - 2016-03-15 11:34 - 00000000 ____D C:\Program Files (x86)\Google

 

Files to move or delete:

====================

C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe

C:\Users\Felipe\spybot-2.4.exe

 

 

==================== Bamital & volsnap ======================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe

[2009-07-13 18:52] - [2011-01-15 19:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

 

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll

[2009-07-13 18:38] - [2011-01-15 19:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

 

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2016-12-27 06:55

 

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017

Ran by Felipe (06-01-2017 10:30:19)

Running from D:\User2016\Desktop

Windows 7 Home Premium (X64) (2016-03-15 16:31:26)

Boot Mode: Safe Mode (minimal)

==========================================================

 

 

==================== Accounts: =============================

 

Administrador (S-1-5-21-3052470422-392353544-3589946678-500 - Administrator - Disabled)

Felipe (S-1-5-21-3052470422-392353544-3589946678-1000 - Administrator - Enabled) => C:\Users\Felipe

HomeGroupUser$ (S-1-5-21-3052470422-392353544-3589946678-1002 - Limited - Enabled)

Invitado (S-1-5-21-3052470422-392353544-3589946678-501 - Limited - Enabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)

CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)

f.lux (HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Flux) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)

Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Malwarebytes versión 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 34.0.5 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 es-ES)) (Version: 34.0.5 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)

Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG)

ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Photoshop CS5 Extended 12.0 (HKLM-x32\...\Photoshop CS5 Extended 12.0) (Version:  - )

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

Skype Web Plugin (HKLM-x32\...\{7E4C8063-6644-4580-B27F-6B70B1A51F0E}) (Version: 7.17.0.44 - Skype Technologies S.A.)

Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)

WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-3052470422-392353544-3589946678-1000_Classes\CLSID\{0BFBE3EE-00BF-49F9-BC19-26B42AF261C1}\InprocServer32 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\GatewayActiveX-x64.dll (Skype Technologies S.A.)

CustomCLSID: HKU\S-1-5-21-3052470422-392353544-3589946678-1000_Classes\CLSID\{AC4E242D-28FB-40A2-9C2E-150FF1EE5B49}\localserver32 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\GatewayVersion-x64.exe (Skype Technologies S.A.)

CustomCLSID: HKU\S-1-5-21-3052470422-392353544-3589946678-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\EdgeCalling.exe (Skype Technologies S.A.)

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {33169B47-AB22-475D-BC94-709705FA9AB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

Task: {514C1404-F5D3-47D1-B2C4-21EAEDDD1FFD} - System32\Tasks\{05E27C9C-E88B-48F5-9203-A9BDA03CB4E5} => C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe [2016-10-06] (Google)

Task: {91DFAED2-827F-4215-BD0F-9E9D34FBEB14} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()

Task: {B202AEC0-ACF8-468B-8A25-10598C67828C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)

Task: {B40F25B0-F906-46B3-98E2-4BB5B2863390} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-03-15] ()

Task: {C7887804-832B-4E55-81DC-7033D8AB298B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)

Task: {E9812601-D2D0-4931-9F02-C9DB9EE64386} - System32\Tasks\{0D61BCCA-A4BB-48B1-90E2-B05B0F8F3FD8} => C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe [2016-10-06] (Google)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\HOTMAIL.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=alkekcgkpcoagcmachoigbfdghlbeoon

 

==================== Loaded Modules (Whitelisted) ==============

 

2017-01-03 07:17 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

 

==================== Alternate Data Streams (Whitelisted) =========

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

e"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: Media is not connected to internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{55EDC9DB-7EE8-4173-8250-6FE0FAF53DB5}] => C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{C724532D-5422-495F-9E85-4CBF405EB01A}] => C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{E4B67E3E-14D4-4F85-9F8E-83F07C886A39}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{EC4D0ECA-D192-45B2-A1A1-74C3D8293D39}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{B965BF6E-08D5-4A6A-BABB-A42A3BCA24BE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{E35DBD8E-668C-40F6-8F3B-D2BCD455FFDE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{59FDAC0C-9F84-46E6-BFC3-386B3BF57D47}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{CE074DA9-8640-40CB-8DF4-0E0DC2FFD80B}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{096DB4C0-F0F7-40C7-896B-EBA1A0053764}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{79688221-6C69-437C-817B-63A606014028}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{01B05AF3-BDC1-4D74-8CF6-41A31EFF9021}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

 

==================== Restore Points =========================

 

 

==================== Faulty Device Manager Devices =============

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (01/06/2017 09:46:57 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe9abce270

Id. del proceso con errores: 0x4d8

Hora de inicio de la aplicación con errores: 0x01d2682b85269c89

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: f85dbfa7-d41e-11e6-b817-50e5492444fa

 

Error: (01/06/2017 09:46:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/03/2017 07:26:50 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: El programa SDUpdate.exe, versión 2.4.40.94, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

 

Identificador de proceso: 118c

 

Hora de inicio: 01d265bc9f610248

 

Hora de finalización: 10

 

Ruta de acceso de la aplicación: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

 

Identificador de informe: e4d57f60-d1af-11e6-9e69-50e5492444fa

 

Error: (01/03/2017 07:26:16 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe9a32e270

Id. del proceso con errores: 0x500

Hora de inicio de la aplicación con errores: 0x01d265bc6ae5038e

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: d21f7385-d1af-11e6-9e69-50e5492444fa

 

Error: (01/03/2017 07:26:16 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/03/2017 06:40:42 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe997ee270

Id. del proceso con errores: 0x50c

Hora de inicio de la aplicación con errores: 0x01d265b6206c6f70

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: 74a1b9a3-d1a9-11e6-9ac1-50e5492444fa

 

Error: (01/03/2017 06:40:40 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/03/2017 06:25:25 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe99dce270

Id. del proceso con errores: 0x4f0

Hora de inicio de la aplicación con errores: 0x01d265b3fdc3ac1f

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: 51b24889-d1a7-11e6-aea3-50e5492444fa

 

Error: (01/03/2017 06:25:23 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/03/2017 05:18:48 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe9957e270

Id. del proceso con errores: 0x514

Hora de inicio de la aplicación con errores: 0x01d265aaa9cbf86a

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: 03b0ad0b-d19e-11e6-9b3a-50e5492444fa

 

 

System errors:

=============

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/06/2017 10:20:16 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: Error de DCOM "1068" al intentar iniciar el servicio netman con argumentos "" para ejecutar el servidor:

{BA126AD1-2166-11D1-B1D0-00805FC1270E}

 

Error: (01/06/2017 10:20:16 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: Error de DCOM "1068" al intentar iniciar el servicio netprofm con argumentos "" para ejecutar el servidor:

{A47979D2-C419-11D9-A5B4-001185AD2B89}

 

 

CodeIntegrity:

===================================

  Date: 2017-01-06 10:18:25.869

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-06 10:16:20.093

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-06 09:55:33.134

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-06 09:45:25.616

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-03 07:25:05.618

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-03 07:07:58.905

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-03 07:02:03.524

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-03 06:55:43.564

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-03 06:40:03.742

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-03 06:38:43.114

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz

Percentage of memory in use: 16%

Total physical RAM: 4079.43 MB

Available physical RAM: 3398.56 MB

Total Virtual: 8157.01 MB

Available Virtual: 7495.34 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:29.19 GB) (Free:6.66 GB) NTFS

Drive d: (DATOS) (Fixed) (Total:203.58 GB) (Free:96.9 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9A9D9A9D)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=29.2 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=203.6 GB) - (Type=OF Extended)

 

==================== End of Addition.txt ============================

 

Attached Files

•  Addition.txt   24.44KB   164 downloads
•  FRST.txt   18.8KB   166 downloads
•  Addition.txt   24.44KB   150 downloads
•  FRST.txt   18.8KB   176 downloads

[Advertisements]

Hi diegofba,

Welcome to . My name is Jr0x and I'll be helping you with your problem.

Please Note: I am still in training and my fixes have to be approved by my instructor so there may be a slight delay in my replies. Look upon it as a good thing though in that you have two people looking at your problem.

Before we get started, there are a few things I need you to take note of.

• Please read through the instructions before attempting to follow those procedures. I would recommend printing them out as some of the instructions would requires you to be in safe mode / offline.
• If there is anything you are unclear of, please ask before you start the fix.
• Do not run any scripts / tools on your own, unsupervised usage may cause more harm than good.
• Please stay with me on this thread, do not start another thread in here (Geeks To Go) or any other forum until I've declared you clean and good to go.
• There may be delayed response to you as we may live in different timezone.
• Inform me of anything that happens unexpectedly during the fix at any point of time.
• As much as we like to make this a easy process for you. Malware removal is a complex multi-step process, and things may happen such as data loss or render your machine unbootable. I would recommend that you backup your personal data before we proceed.
• Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
• As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.

Let's get started.


WVCheck

Please download WVCheck from Latest EXE Download.

• Double click WVCheck.exe. (If you downloaded the zipped version you will need to extract it.)
• As indicated by the prompt, This program can take a while depending on your hard drive space.
• Once the program is done, copy the contents of the notepad file as a reply.

[Jr0x]

Hi diegofba,

Welcome to . My name is Jr0x and I'll be helping you with your problem.

Please Note: I am still in training and my fixes have to be approved by my instructor so there may be a slight delay in my replies. Look upon it as a good thing though in that you have two people looking at your problem.

Before we get started, there are a few things I need you to take note of.

• Please read through the instructions before attempting to follow those procedures. I would recommend printing them out as some of the instructions would requires you to be in safe mode / offline.
• If there is anything you are unclear of, please ask before you start the fix.
• Do not run any scripts / tools on your own, unsupervised usage may cause more harm than good.
• Please stay with me on this thread, do not start another thread in here (Geeks To Go) or any other forum until I've declared you clean and good to go.
• There may be delayed response to you as we may live in different timezone.
• Inform me of anything that happens unexpectedly during the fix at any point of time.
• As much as we like to make this a easy process for you. Malware removal is a complex multi-step process, and things may happen such as data loss or render your machine unbootable. I would recommend that you backup your personal data before we proceed.
• Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
• As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.

Let's get started.


WVCheck

Please download WVCheck from Latest EXE Download.

• Double click WVCheck.exe. (If you downloaded the zipped version you will need to extract it.)
• As indicated by the prompt, This program can take a while depending on your hard drive space.
• Once the program is done, copy the contents of the notepad file as a reply.

[diegofba]

Hi jr0x, thank you. Here's the notepad content:

 

Windows Validation Check

Version: 1.9.12.7

Log Created On: 1440_06-01-2017

-----------------------

INFORMATION & UPDATES

[email protected]

Latest versions:

http://www.demonwork...arl/WVCheck.exe

http://www.geekstogo...4d76/wvcheckexe

http://www.demonwork...arl/WVCheck.zip

-----------------------

 

 

Windows Information

-----------------------

Windows Version: Windows 7  

Windows Mode: Normal

Systemroot Path: C:\Windows

 

WVCheck's Auto Update Check

-----------------------

Auto-Update Option: Do not download or install updates automatically.

-----------------------

Last success time for Automatic Updates for 'Detect', 'Download' and 'Install' could not be found.

 

 

WVCheck's Registry Check Check

-----------------------

Antiwpa: Not Found

-----------------------

Chew7Hale: Not Found

-----------------------

 

 

WVCheck's File Dump

-----------------------

WVCheck found no known bad files.

 

 

WVCheck's Dir Dump

-----------------------

WVCheck found no known bad directories.

 

 

WVCheck's Missing File Check

-----------------------

WVCheck found no missing Windows files.

 

 

WVCheck's HOSTS File Check

-----------------------

WVCheck found no bad lines in the hosts file.

 

 

WVCheck's MD5 Check

EXPERIMENTAL!!

-----------------------

user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3

 

 

-------- End of File, program close at 1440_06-01-2017 --------

[Jr0x]

Hi diegofba,

CKScanner

Download CKScanner from here

Important : Save it to your desktop.

• Double click (Vista and above - right click and run as Administrator) CKScanner.exe and click Search For Files.
• After a very short time, when the cursor hourglass disappears, click Save List To File.
• A message box will verify that the file is saved.
• Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

MGA Diagnostic Tool

Please run the MGA Diagnostic Tool and post back the report it produces:

• Download MGADiag to your desktop.
• Double-click on MGADiag.exe to launch the program
• Click "Continue"
• Ensure that the "Windows" tab is selected (it should be by default).
• Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
• Paste the MGA Diagnostic Report back here in your next reply.

Spybot Search & Destroy

I see that you have Spybot Search & Destroy. We no longer recommend this product because of the poor testing results. I recommend uninstalling this program. If you don't want to uninstall the program then please at least disable Tea Timer while performing any of my instructions. You can re-enable it when we are all done. Instructions for that are here. If you do decide to uninstall the program, first Undo your immunization before uninstalling. You can do that by clicking the Undo button with Spybot S&D and then remove from Add/Remove programs.



Malwarebytes Anti-Malware

• Launch MalwareBytes from your Desktop.
• Click Settings>Protection
• Make sure that "scan for rootkits" box under Scan Options are checked
  
• Go back to Dashboard and click the big, blue Scan Now button.
• Wait for Malwarebytes Anti-Malware to finish the scan
• If the program will detect anything, click Remove Selected. The program might want to reboot the system. Allow it it wants to.
• Once the deletion is done (or after reboot), go to Reports, select the latest Scan Log.
• Click View Report, then click Export then click Copy to Clipboard.
• Paste (CTRL+V) the log into your next reply.

In your next reply, please include the following:

• CKScanner log
• MGADiag log
• MalwareBytes log

[diegofba]

Hi Jr0x, thank you; i couldn't access malwarebytes even on safe mode and searching for compatibility, also i tried install it again and didn't work

 

Here are the other two logs, thanks in advance

 

CKScanner

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad

c:\windows\autokms\autokms.exe

c:\windows\kj\kmservice.exe

scanner sequence 3.AA.11.UIAPHZ

 ----- EOF ----- 

 

 

MGA

 

Diagnostic Report (1.9.0027.0):

-----------------------------------------

Windows Validation Data-->

 

Validation Code: 0

Cached Online Validation Code: N/A, hr = 0xc004f012

Windows Product Key: *****-*****-2QWT6-HCQXJ-9YQTR

Windows Product Key Hash: PVjSC5x6njvqunmbCY3lOD7rYDo=

Windows Product ID: 00359-OEM-8992687-00007

Windows Product ID Type: 2

Windows License Type: OEM SLP

Windows OS version: 6.1.7600.2.00010300.0.0.003

ID: {8B92C9DD-E347-4366-B903-A4E2AFE4CB90}(1)

Is Admin: Yes

TestCab: 0x0

LegitcheckControl ActiveX: N/A, hr = 0x80070002

Signed By: N/A, hr = 0x80070002

Product Name: Windows 7 Home Premium

Architecture: 0x00000009

Build lab: 7600.win7_rtm.090713-1255

TTS Error: 

Validation Diagnostic: 

Resolution Status: N/A

 

Vista WgaER Data-->

ThreatID(s): N/A, hr = 0x80070002

Version: N/A, hr = 0x80070002

 

Windows XP Notifications Data-->

Cached Result: N/A, hr = 0x80070002

File Exists: No

Version: N/A, hr = 0x80070002

WgaTray.exe Signed By: N/A, hr = 0x80070002

WgaLogon.dll Signed By: N/A, hr = 0x80070002

 

OGA Notifications Data-->

Cached Result: N/A, hr = 0x80070002

Version: N/A, hr = 0x80070002

OGAExec.exe Signed By: N/A, hr = 0x80070002

OGAAddin.dll Signed By: N/A, hr = 0x80070002

 

OGA Data-->

Office Status: 109 N/A

OGA Version: N/A, 0x80070002

Signed By: N/A, hr = 0x80070002

Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

 

Browser Data-->

Proxy settings: N/A

User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)

Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Download signed ActiveX controls: Prompt

Download unsigned ActiveX controls: Disabled

Run ActiveX controls and plug-ins: Allowed

Initialize and script ActiveX controls not marked as safe: Disabled

Allow scripting of Internet Explorer Webbrowser control: Disabled

Active scripting: Allowed

Script ActiveX controls marked as safe for scripting: Allowed

 

File Scan Data-->

File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]

File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]

File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]

File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]

File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100

File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

 

Other data-->

Office Details: <GenuineResults><MachineData><UGUID>{8B92C9DD-E347-4366-B903-A4E2AFE4CB90}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-9YQTR</PKey><PID>00359-OEM-8992687-00007</PID><PIDType>2</PIDType><SID>S-1-5-21-3052470422-392353544-3589946678</SID><SYSTEM><Manufacturer>Gigabyte Technology Co., Ltd.</Manufacturer><Model>H61M-D2P-B3</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>F5</Version><SMBIOSVersion major="2" minor="4"/><Date>20110331000000.000000+000</Date></BIOS><HWID>8FBA3607018400FE</HWID><UserLCID>280A</UserLCID><SystemLCID>0C0A</SystemLCID><TimeZone>Hora est. Pacífico, Sudamérica(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

 

Spsys.log Content: 0x80070002

 

Licensing Data-->

Versión del Servicio de licencias de software: 6.1.7600.16385

 

Nombre: Windows® 7, HomePremium edition

Descripción: Windows Operating System - Windows® 7, OEM_SLP channel

Id. de activación: d2c04e90-c3dd-4260-b0f3-f845f5d27d64

Id. de aplicación: 55c92734-d682-4d71-983e-d6ec3f16059f

PID extendido: 00359-00178-926-800007-02-10250-7600.0000-0752016

Id. de instalación: 010633712074279592061145753893968654884092527644813801

URL del certificado de procesador: http://go.microsoft....k/?LinkID=88338

URL del certificado de maquina: http://go.microsoft....k/?LinkID=88339

URL de la licencia de uso: http://go.microsoft....k/?LinkID=88341

URL del certificado de clave de producto: http://go.microsoft....k/?LinkID=88340

Clave de producto parcial: 9YQTR

Estado de la licencia: con licencia

Recuento de rearmado de Windows restante: 3

Hora de confianza: 07/01/2017 08:08:37 a.m.

 

Windows Activation Technologies-->

HrOffline: 0x00000000

HrOnline: N/A

HealthStatus: 0x0000000000000000

Event Time Stamp: N/A

ActiveX: Not Registered - 0x80040154

Admin Service: Not Registered - 0x80040154

HealthStatus Bitmask Output:

 

 

HWID Data-->

HWID Hash Current: MAAAAAEABAABAAEAAAABAAAAAQABAAEA6GFCyxYOPkJyOGI0St0YHrZnzprwfi5z

 

OEM Activation 1.0 Data-->

N/A

 

OEM Activation 2.0 Data-->

BIOS valid for OA 2.0: yes, but no SLIC table

Windows marker version: N/A

OEMID and OEMTableID Consistent: N/A

BIOS Information: 

  ACPI Table Name OEMID Value OEMTableID Value

  APIC GBT    GBTUACPI

  FACP GBT    GBTUACPI

  HPET GBT    GBTUACPI

  MCFG GBT    GBTUACPI

  ASPT GBT    PerfTune

  SSPT GBT    SsptHead

  EUDS GBT    

  TAMG GBT    GBT   B0

  SSDT INTEL PPM RCM 

 

Attached Files

•  ckfiles.txt   188bytes   163 downloads

[Jr0x]

Hi diegofba,

That's alright for now. Let's try to get your machine to a better state for now first.

Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.
Alternate download is here.

Select the executable(.EXE) package as the download.

• Right-click on icon and select Run as Administrator to start the tool. If it won't run please right click on tdskiller.exe and rename it to winlogon.exe and see if that allows you to run it.
• When the main GUI (graphical user interface) window opens, click on Change Parameters.
• Put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
• TDSSKiller will run automatically after reboot. Click on Change parameters.
• Make sure that Verify driver digital signatures & Detect TDLFS File System are checked and click OK.
• Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:

• If a suspicious object is detected, the default action will be Skip, click on Continue.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  > Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  > If Cure is not available, please choose Skip instead.
• Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.

[diegofba]

Ok, here are the logs i found; there were no threats found 

 

 

12:21:00.0662 0x0854  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01

12:21:07.0005 0x0854  ============================================================

12:21:07.0006 0x0854  Current date / time: 2017/01/07 12:21:07.0005

12:21:07.0006 0x0854  SystemInfo:

12:21:07.0006 0x0854  

12:21:07.0006 0x0854  OS Version: 6.1.7600 ServicePack: 0.0

12:21:07.0006 0x0854  Product type: Workstation

12:21:07.0006 0x0854  ComputerName: FELIPE

12:21:07.0006 0x0854  UserName: Felipe

12:21:07.0006 0x0854  Windows directory: C:\Windows

12:21:07.0006 0x0854  System windows directory: C:\Windows

12:21:07.0006 0x0854  Running under WOW64

12:21:07.0006 0x0854  Processor architecture: Intel x64

12:21:07.0006 0x0854  Number of processors: 4

12:21:07.0006 0x0854  Page size: 0x1000

12:21:07.0006 0x0854  Boot type: Normal boot

12:21:07.0006 0x0854  CodeIntegrityOptions = 0x00000001

12:21:07.0006 0x0854  ============================================================

12:21:09.0500 0x0854  KLMD registered as C:\Windows\system32\drivers\23950910.sys

12:21:09.0500 0x0854  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7600.16385, osProperties = 0x1

12:21:09.0802 0x0854  System UUID: {261F46B9-08EA-8B8B-EF13-32391791DF76}

12:21:10.0168 0x0854  Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

12:21:10.0171 0x0854  ============================================================

12:21:10.0171 0x0854  \Device\Harddisk0\DR0:

12:21:10.0172 0x0854  MBR partitions:

12:21:10.0172 0x0854  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

12:21:10.0172 0x0854  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A63800

12:21:10.0183 0x0854  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x1972A391

12:21:10.0183 0x0854  ============================================================

12:21:10.0210 0x0854  C: <-> \Device\Harddisk0\DR0\Partition2

12:21:10.0251 0x0854  D: <-> \Device\Harddisk0\DR0\Partition3

12:21:10.0251 0x0854  ============================================================

12:21:10.0251 0x0854  Initialize success

12:21:10.0251 0x0854  ============================================================

12:22:29.0549 0x09f8  KLMD registered as C:\Windows\system32\drivers\16773039.sys

12:22:30.0601 0x09f8  Deinitialize success

 

 

12:23:34.0247 0x0910  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01

12:23:35.0042 0x0910  ============================================================

12:23:35.0042 0x0910  Current date / time: 2017/01/07 12:23:35.0042

12:23:35.0042 0x0910  SystemInfo:

12:23:35.0042 0x0910  

12:23:35.0042 0x0910  OS Version: 6.1.7600 ServicePack: 0.0

12:23:35.0042 0x0910  Product type: Workstation

12:23:35.0042 0x0910  ComputerName: FELIPE

12:23:35.0042 0x0910  UserName: Felipe

12:23:35.0042 0x0910  Windows directory: C:\Windows

12:23:35.0042 0x0910  System windows directory: C:\Windows

12:23:35.0042 0x0910  Running under WOW64

12:23:35.0042 0x0910  Processor architecture: Intel x64

12:23:35.0042 0x0910  Number of processors: 4

12:23:35.0042 0x0910  Page size: 0x1000

12:23:35.0042 0x0910  Boot type: Normal boot

12:23:35.0042 0x0910  CodeIntegrityOptions = 0x00000001

12:23:35.0042 0x0910  ============================================================

12:23:35.0042 0x0910  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 7600.16385, osProperties = 0x1

12:23:35.0042 0x0910  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 7600.16385, osProperties = 0x1

12:23:35.0042 0x0910  BG loaded

12:23:35.0729 0x0910  System UUID: {261F46B9-08EA-8B8B-EF13-32391791DF76}

12:23:36.0556 0x0910  Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

12:23:36.0571 0x0910  ============================================================

12:23:36.0571 0x0910  \Device\Harddisk0\DR0:

12:23:36.0587 0x0910  MBR partitions:

12:23:36.0587 0x0910  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

12:23:36.0587 0x0910  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A63800

12:23:36.0602 0x0910  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x1972A391

12:23:36.0602 0x0910  ============================================================

12:23:36.0696 0x0910  C: <-> \Device\Harddisk0\DR0\Partition2

12:23:36.0868 0x0910  D: <-> \Device\Harddisk0\DR0\Partition3

12:23:36.0868 0x0910  ============================================================

12:23:36.0868 0x0910  Initialize success

12:23:36.0868 0x0910  ============================================================

12:26:53.0078 0x095c  ============================================================

12:26:53.0078 0x095c  Scan started

12:26:53.0078 0x095c  Mode: Manual; SigCheck; TDLFS; 

12:26:53.0078 0x095c  ============================================================

12:26:53.0078 0x095c  KSN ping started

12:26:55.0839 0x095c  KSN ping finished: true

12:26:58.0645 0x095c  ================ Scan system memory ========================

12:26:58.0645 0x095c  System memory - ok

12:26:58.0645 0x095c  ================ Scan services =============================

12:26:58.0775 0x095c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

12:26:58.0885 0x095c  1394ohci - ok

12:26:58.0925 0x095c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

12:26:58.0945 0x095c  ACPI - ok

12:26:58.0975 0x095c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

12:26:58.0995 0x095c  AcpiPmi - ok

12:26:59.0065 0x095c  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:26:59.0075 0x095c  AdobeARMservice - ok

12:26:59.0135 0x095c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

12:26:59.0165 0x095c  adp94xx - ok

12:26:59.0195 0x095c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

12:26:59.0215 0x095c  adpahci - ok

12:26:59.0235 0x095c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

12:26:59.0245 0x095c  adpu320 - ok

12:26:59.0275 0x095c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

12:26:59.0315 0x095c  AeLookupSvc - ok

12:26:59.0355 0x095c  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys

12:26:59.0405 0x095c  AFD - ok

12:26:59.0425 0x095c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

12:26:59.0435 0x095c  agp440 - ok

12:26:59.0455 0x095c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

12:26:59.0465 0x095c  ALG - ok

12:26:59.0495 0x095c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

12:26:59.0505 0x095c  aliide - ok

12:26:59.0515 0x095c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

12:26:59.0525 0x095c  amdide - ok

12:26:59.0545 0x095c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

12:26:59.0555 0x095c  AmdK8 - ok

12:26:59.0565 0x095c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

12:26:59.0585 0x095c  AmdPPM - ok

12:26:59.0605 0x095c  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys

12:26:59.0615 0x095c  amdsata - ok

12:26:59.0635 0x095c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

12:26:59.0645 0x095c  amdsbs - ok

12:26:59.0665 0x095c  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys

12:26:59.0665 0x095c  amdxata - ok

12:26:59.0695 0x095c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys

12:26:59.0715 0x095c  AppID - ok

12:26:59.0735 0x095c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

12:26:59.0775 0x095c  AppIDSvc - ok

12:26:59.0805 0x095c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll

12:26:59.0835 0x095c  Appinfo - ok

12:26:59.0875 0x095c  [ CC19A6452BA688EA32D14D8DBEC190F4, 6D52B63926E1766DB8BD00CC5CC0AD9EA3B68FC1E6C66FAF4E899606437468A3 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys

12:26:59.0885 0x095c  AppleCharger - ok

12:26:59.0925 0x095c  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe

12:26:59.0928 0x095c  AppleChargerSrv - ok

12:26:59.0958 0x095c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

12:26:59.0968 0x095c  arc - ok

12:26:59.0978 0x095c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

12:26:59.0988 0x095c  arcsas - ok

12:27:00.0118 0x095c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

12:27:00.0118 0x095c  aspnet_state - ok

12:27:00.0158 0x095c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

12:27:00.0188 0x095c  AsyncMac - ok

12:27:00.0198 0x095c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

12:27:00.0208 0x095c  atapi - ok

12:27:00.0258 0x095c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:27:00.0308 0x095c  AudioEndpointBuilder - ok

12:27:00.0338 0x095c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

12:27:00.0378 0x095c  AudioSrv - ok

12:27:00.0408 0x095c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

12:27:00.0428 0x095c  AxInstSV - ok

12:27:00.0478 0x095c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

12:27:00.0508 0x095c  b06bdrv - ok

12:27:00.0548 0x095c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

12:27:00.0588 0x095c  b57nd60a - ok

12:27:00.0638 0x095c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

12:27:00.0668 0x095c  BDESVC - ok

12:27:00.0698 0x095c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

12:27:00.0748 0x095c  Beep - ok

12:27:00.0788 0x095c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll

12:27:00.0838 0x095c  BFE - ok

12:27:00.0878 0x095c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll

12:27:00.0938 0x095c  BITS - ok

12:27:00.0968 0x095c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

12:27:00.0998 0x095c  blbdrive - ok

12:27:01.0028 0x095c  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

12:27:01.0078 0x095c  bowser - ok

12:27:01.0108 0x095c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:27:01.0128 0x095c  BrFiltLo - ok

12:27:01.0148 0x095c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:27:01.0158 0x095c  BrFiltUp - ok

12:27:01.0208 0x095c  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll

12:27:01.0248 0x095c  Browser - ok

12:27:01.0258 0x095c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

12:27:01.0298 0x095c  Brserid - ok

12:27:01.0308 0x095c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

12:27:01.0338 0x095c  BrSerWdm - ok

12:27:01.0348 0x095c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

12:27:01.0378 0x095c  BrUsbMdm - ok

12:27:01.0388 0x095c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

12:27:01.0418 0x095c  BrUsbSer - ok

12:27:01.0458 0x095c  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe

12:27:01.0468 0x095c  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )

12:27:04.0365 0x095c  Detect skipped due to KSN trusted

12:27:04.0365 0x095c  BrYNSvc - ok

12:27:04.0385 0x095c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

12:27:04.0405 0x095c  BTHMODEM - ok

12:27:04.0435 0x095c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

12:27:04.0495 0x095c  bthserv - ok

12:27:04.0515 0x095c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

12:27:04.0555 0x095c  cdfs - ok

12:27:04.0585 0x095c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

12:27:04.0595 0x095c  cdrom - ok

12:27:04.0625 0x095c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll

12:27:04.0675 0x095c  CertPropSvc - ok

12:27:04.0705 0x095c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

12:27:04.0725 0x095c  circlass - ok

12:27:04.0765 0x095c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

12:27:04.0775 0x095c  CLFS - ok

12:27:04.0835 0x095c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:27:04.0845 0x095c  clr_optimization_v2.0.50727_32 - ok

12:27:04.0885 0x095c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:27:04.0895 0x095c  clr_optimization_v2.0.50727_64 - ok

12:27:04.0955 0x095c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:27:04.0995 0x095c  clr_optimization_v4.0.30319_32 - ok

12:27:05.0015 0x095c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:27:05.0035 0x095c  clr_optimization_v4.0.30319_64 - ok

12:27:05.0065 0x095c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

12:27:05.0095 0x095c  CmBatt - ok

12:27:05.0105 0x095c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

12:27:05.0115 0x095c  cmdide - ok

12:27:05.0155 0x095c  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys

12:27:05.0185 0x095c  CNG - ok

12:27:05.0195 0x095c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

12:27:05.0205 0x095c  Compbatt - ok

12:27:05.0225 0x095c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

12:27:05.0255 0x095c  CompositeBus - ok

12:27:05.0265 0x095c  COMSysApp - ok

12:27:05.0285 0x095c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

12:27:05.0285 0x095c  crcdisk - ok

12:27:05.0325 0x095c  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

12:27:05.0375 0x095c  CryptSvc - ok

12:27:05.0405 0x095c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll

12:27:05.0455 0x095c  DcomLaunch - ok

12:27:05.0495 0x095c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

12:27:05.0525 0x095c  defragsvc - ok

12:27:05.0605 0x095c  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

12:27:05.0685 0x095c  DfsC - ok

12:27:05.0735 0x095c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

12:27:05.0765 0x095c  Dhcp - ok

12:27:05.0785 0x095c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

12:27:05.0825 0x095c  discache - ok

12:27:05.0855 0x095c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

12:27:05.0865 0x095c  Disk - ok

12:27:05.0895 0x095c  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll

12:27:05.0925 0x095c  Dnscache - ok

12:27:05.0976 0x095c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll

12:27:06.0026 0x095c  dot3svc - ok

12:27:06.0046 0x095c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll

12:27:06.0076 0x095c  DPS - ok

12:27:06.0106 0x095c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

12:27:06.0116 0x095c  drmkaud - ok

12:27:06.0156 0x095c  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

12:27:06.0196 0x095c  DXGKrnl - ok

12:27:06.0216 0x095c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

12:27:06.0256 0x095c  EapHost - ok

12:27:06.0376 0x095c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

12:27:06.0556 0x095c  ebdrv - ok

12:27:06.0586 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe

12:27:06.0596 0x095c  EFS - ok

12:27:06.0676 0x095c  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

12:27:06.0716 0x095c  ehRecvr - ok

12:27:06.0746 0x095c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

12:27:06.0766 0x095c  ehSched - ok

12:27:06.0826 0x095c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

12:27:06.0866 0x095c  elxstor - ok

12:27:06.0876 0x095c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

12:27:06.0896 0x095c  ErrDev - ok

12:27:06.0936 0x095c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

12:27:06.0976 0x095c  EventSystem - ok

12:27:06.0996 0x095c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

12:27:07.0046 0x095c  exfat - ok

12:27:07.0066 0x095c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

12:27:07.0106 0x095c  fastfat - ok

12:27:07.0156 0x095c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe

12:27:07.0186 0x095c  Fax - ok

12:27:07.0196 0x095c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

12:27:07.0206 0x095c  fdc - ok

12:27:07.0226 0x095c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

12:27:07.0286 0x095c  fdPHost - ok

12:27:07.0316 0x095c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

12:27:07.0336 0x095c  FDResPub - ok

12:27:07.0386 0x095c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

12:27:07.0396 0x095c  FileInfo - ok

12:27:07.0406 0x095c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

12:27:07.0456 0x095c  Filetrace - ok

12:27:07.0466 0x095c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

12:27:07.0476 0x095c  flpydisk - ok

12:27:07.0486 0x095c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

12:27:07.0496 0x095c  FltMgr - ok

12:27:07.0576 0x095c  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll

12:27:07.0636 0x095c  FontCache - ok

12:27:07.0676 0x095c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:27:07.0676 0x095c  FontCache3.0.0.0 - ok

12:27:07.0696 0x095c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

12:27:07.0706 0x095c  FsDepends - ok

12:27:07.0726 0x095c  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

12:27:07.0736 0x095c  Fs_Rec - ok

12:27:07.0766 0x095c  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

12:27:07.0776 0x095c  fvevol - ok

12:27:07.0806 0x095c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

12:27:07.0806 0x095c  gagp30kx - ok

12:27:07.0816 0x095c  gdrv - ok

12:27:07.0856 0x095c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll

12:27:07.0906 0x095c  gpsvc - ok

12:27:07.0959 0x095c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:27:07.0979 0x095c  gupdate - ok

12:27:08.0019 0x095c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:27:08.0029 0x095c  gupdatem - ok

12:27:08.0129 0x095c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

12:27:08.0149 0x095c  gusvc - ok

12:27:08.0169 0x095c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

12:27:08.0199 0x095c  hcw85cir - ok

12:27:08.0249 0x095c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

12:27:08.0279 0x095c  HdAudAddService - ok

12:27:08.0299 0x095c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

12:27:08.0329 0x095c  HDAudBus - ok

12:27:08.0369 0x095c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

12:27:08.0399 0x095c  HidBatt - ok

12:27:08.0439 0x095c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

12:27:08.0459 0x095c  HidBth - ok

12:27:08.0469 0x095c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

12:27:08.0499 0x095c  HidIr - ok

12:27:08.0519 0x095c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

12:27:08.0569 0x095c  hidserv - ok

12:27:08.0589 0x095c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

12:27:08.0599 0x095c  HidUsb - ok

12:27:08.0629 0x095c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll

12:27:08.0659 0x095c  hkmsvc - ok

12:27:08.0689 0x095c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll

12:27:08.0729 0x095c  HomeGroupListener - ok

12:27:08.0769 0x095c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

12:27:08.0799 0x095c  HomeGroupProvider - ok

12:27:08.0829 0x095c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

12:27:08.0839 0x095c  HpSAMD - ok

12:27:08.0869 0x095c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys

12:27:08.0919 0x095c  HTTP - ok

12:27:08.0939 0x095c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

12:27:08.0939 0x095c  hwpolicy - ok

12:27:08.0989 0x095c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

12:27:08.0999 0x095c  i8042prt - ok

12:27:09.0039 0x095c  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys

12:27:09.0079 0x095c  iaStorV - ok

12:27:09.0139 0x095c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:27:09.0179 0x095c  idsvc - ok

12:27:09.0189 0x095c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

12:27:09.0199 0x095c  iirsp - ok

12:27:09.0239 0x095c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll

12:27:09.0279 0x095c  IKEEXT - ok

12:27:09.0449 0x095c  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

12:27:09.0529 0x095c  IntcAzAudAddService - ok

12:27:09.0629 0x095c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

12:27:09.0649 0x095c  Intel® Capability Licensing Service Interface - ok

12:27:09.0659 0x095c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

12:27:09.0669 0x095c  intelide - ok

12:27:09.0689 0x095c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

12:27:09.0709 0x095c  intelppm - ok

12:27:09.0739 0x095c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

12:27:09.0779 0x095c  IPBusEnum - ok

12:27:09.0789 0x095c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:27:09.0819 0x095c  IpFilterDriver - ok

12:27:09.0849 0x095c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

12:27:09.0889 0x095c  iphlpsvc - ok

12:27:09.0919 0x095c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

12:27:09.0929 0x095c  IPMIDRV - ok

12:27:09.0939 0x095c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

12:27:09.0972 0x095c  IPNAT - ok

12:27:10.0002 0x095c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

12:27:10.0012 0x095c  IRENUM - ok

12:27:10.0012 0x095c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

12:27:10.0022 0x095c  isapnp - ok

12:27:10.0052 0x095c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

12:27:10.0062 0x095c  iScsiPrt - ok

12:27:10.0082 0x095c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

12:27:10.0092 0x095c  kbdclass - ok

12:27:10.0112 0x095c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

12:27:10.0142 0x095c  kbdhid - ok

12:27:10.0162 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe

12:27:10.0172 0x095c  KeyIso - ok

12:27:10.0202 0x095c  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

12:27:10.0222 0x095c  KSecDD - ok

12:27:10.0242 0x095c  [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

12:27:10.0262 0x095c  KSecPkg - ok

12:27:10.0282 0x095c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

12:27:10.0322 0x095c  ksthunk - ok

12:27:10.0362 0x095c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

12:27:10.0402 0x095c  KtmRm - ok

12:27:10.0442 0x095c  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll

12:27:10.0472 0x095c  LanmanServer - ok

12:27:10.0492 0x095c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:27:10.0532 0x095c  LanmanWorkstation - ok

12:27:10.0562 0x095c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

12:27:10.0592 0x095c  lltdio - ok

12:27:10.0632 0x095c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

12:27:10.0662 0x095c  lltdsvc - ok

12:27:10.0672 0x095c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

12:27:10.0702 0x095c  lmhosts - ok

12:27:10.0762 0x095c  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:27:10.0782 0x095c  LMS - ok

12:27:10.0812 0x095c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

12:27:10.0822 0x095c  LSI_FC - ok

12:27:10.0822 0x095c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

12:27:10.0832 0x095c  LSI_SAS - ok

12:27:10.0852 0x095c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:27:10.0862 0x095c  LSI_SAS2 - ok

12:27:10.0872 0x095c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:27:10.0872 0x095c  LSI_SCSI - ok

12:27:10.0892 0x095c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

12:27:10.0932 0x095c  luafv - ok

12:27:10.0962 0x095c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

12:27:10.0982 0x095c  Mcx2Svc - ok

12:27:11.0002 0x095c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

12:27:11.0012 0x095c  megasas - ok

12:27:11.0042 0x095c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

12:27:11.0052 0x095c  MegaSR - ok

12:27:11.0072 0x095c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

12:27:11.0082 0x095c  MEIx64 - ok

12:27:11.0122 0x095c  Microsoft SharePoint Workspace Audit Service - ok

12:27:11.0152 0x095c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

12:27:11.0182 0x095c  MMCSS - ok

12:27:11.0192 0x095c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

12:27:11.0232 0x095c  Modem - ok

12:27:11.0272 0x095c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

12:27:11.0292 0x095c  monitor - ok

12:27:11.0322 0x095c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

12:27:11.0322 0x095c  mouclass - ok

12:27:11.0342 0x095c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

12:27:11.0352 0x095c  mouhid - ok

12:27:11.0372 0x095c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

12:27:11.0372 0x095c  mountmgr - ok

12:27:11.0422 0x095c  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

12:27:11.0432 0x095c  MozillaMaintenance - ok

12:27:11.0452 0x095c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

12:27:11.0462 0x095c  mpio - ok

12:27:11.0472 0x095c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

12:27:11.0492 0x095c  mpsdrv - ok

12:27:11.0532 0x095c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll

12:27:11.0572 0x095c  MpsSvc - ok

12:27:11.0592 0x095c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

12:27:11.0612 0x095c  MRxDAV - ok

12:27:11.0632 0x095c  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

12:27:11.0662 0x095c  mrxsmb - ok

12:27:11.0682 0x095c  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:27:11.0722 0x095c  mrxsmb10 - ok

12:27:11.0762 0x095c  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:27:11.0792 0x095c  mrxsmb20 - ok

12:27:11.0802 0x095c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

12:27:11.0802 0x095c  msahci - ok

12:27:11.0812 0x095c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

12:27:11.0822 0x095c  msdsm - ok

12:27:11.0832 0x095c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

12:27:11.0842 0x095c  MSDTC - ok

12:27:11.0862 0x095c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

12:27:11.0882 0x095c  Msfs - ok

12:27:11.0902 0x095c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

12:27:11.0932 0x095c  mshidkmdf - ok

12:27:11.0942 0x095c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

12:27:11.0953 0x095c  msisadrv - ok

12:27:12.0008 0x095c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

12:27:12.0068 0x095c  MSiSCSI - ok

12:27:12.0078 0x095c  msiserver - ok

12:27:12.0108 0x095c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

12:27:12.0128 0x095c  MSKSSRV - ok

12:27:12.0148 0x095c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

12:27:12.0178 0x095c  MSPCLOCK - ok

12:27:12.0198 0x095c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

12:27:12.0228 0x095c  MSPQM - ok

12:27:12.0248 0x095c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

12:27:12.0258 0x095c  MsRPC - ok

12:27:12.0268 0x095c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

12:27:12.0278 0x095c  mssmbios - ok

12:27:12.0298 0x095c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

12:27:12.0318 0x095c  MSTEE - ok

12:27:12.0328 0x095c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

12:27:12.0338 0x095c  MTConfig - ok

12:27:12.0348 0x095c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

12:27:12.0358 0x095c  Mup - ok

12:27:12.0388 0x095c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll

12:27:12.0438 0x095c  napagent - ok

12:27:12.0478 0x095c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

12:27:12.0508 0x095c  NativeWifiP - ok

12:27:12.0538 0x095c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys

12:27:12.0568 0x095c  NDIS - ok

12:27:12.0588 0x095c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

12:27:12.0628 0x095c  NdisCap - ok

12:27:12.0658 0x095c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

12:27:12.0678 0x095c  NdisTapi - ok

12:27:12.0688 0x095c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

12:27:12.0718 0x095c  Ndisuio - ok

12:27:12.0738 0x095c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

12:27:12.0758 0x095c  NdisWan - ok

12:27:12.0778 0x095c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

12:27:12.0808 0x095c  NDProxy - ok

12:27:12.0828 0x095c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

12:27:12.0858 0x095c  NetBIOS - ok

12:27:12.0878 0x095c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

12:27:12.0918 0x095c  NetBT - ok

12:27:12.0938 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe

12:27:12.0948 0x095c  Netlogon - ok

12:27:12.0978 0x095c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

12:27:13.0028 0x095c  Netman - ok

12:27:13.0058 0x095c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:27:13.0088 0x095c  NetMsmqActivator - ok

12:27:13.0108 0x095c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:27:13.0118 0x095c  NetPipeActivator - ok

12:27:13.0148 0x095c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

12:27:13.0198 0x095c  netprofm - ok

12:27:13.0228 0x095c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:27:13.0238 0x095c  NetTcpActivator - ok

12:27:13.0248 0x095c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:27:13.0248 0x095c  NetTcpPortSharing - ok

12:27:13.0278 0x095c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

12:27:13.0288 0x095c  nfrd960 - ok

12:27:13.0318 0x095c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll

12:27:13.0348 0x095c  NlaSvc - ok

12:27:13.0368 0x095c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

12:27:13.0388 0x095c  Npfs - ok

12:27:13.0428 0x095c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

12:27:13.0448 0x095c  nsi - ok

12:27:13.0468 0x095c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

12:27:13.0498 0x095c  nsiproxy - ok

12:27:13.0578 0x095c  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

12:27:13.0648 0x095c  Ntfs - ok

12:27:13.0658 0x095c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

12:27:13.0688 0x095c  Null - ok

12:27:14.0050 0x095c  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:27:14.0280 0x095c  nvlddmkm - ok

12:27:14.0320 0x095c  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys

12:27:14.0320 0x095c  nvraid - ok

12:27:14.0350 0x095c  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys

12:27:14.0370 0x095c  nvstor - ok

12:27:14.0390 0x095c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

12:27:14.0400 0x095c  nv_agp - ok

12:27:14.0400 0x095c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

12:27:14.0420 0x095c  ohci1394 - ok

12:27:14.0470 0x095c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:27:14.0480 0x095c  ose - ok

12:27:14.0710 0x095c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

12:27:14.0810 0x095c  osppsvc - ok

12:27:14.0840 0x095c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

12:27:14.0870 0x095c  p2pimsvc - ok

12:27:14.0890 0x095c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

12:27:14.0910 0x095c  p2psvc - ok

12:27:14.0950 0x095c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

12:27:14.0970 0x095c  Parport - ok

12:27:14.0980 0x095c  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys

12:27:15.0000 0x095c  partmgr - ok

12:27:15.0027 0x095c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

12:27:15.0058 0x095c  PcaSvc - ok

12:27:15.0068 0x095c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys

12:27:15.0088 0x095c  pci - ok

12:27:15.0108 0x095c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

12:27:15.0118 0x095c  pciide - ok

12:27:15.0138 0x095c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

12:27:15.0148 0x095c  pcmcia - ok

12:27:15.0158 0x095c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

12:27:15.0168 0x095c  pcw - ok

12:27:15.0198 0x095c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

12:27:15.0248 0x095c  PEAUTH - ok

12:27:15.0298 0x095c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

12:27:15.0318 0x095c  PerfHost - ok

12:27:15.0408 0x095c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll

12:27:15.0508 0x095c  pla - ok

12:27:15.0548 0x095c  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

12:27:15.0588 0x095c  PlugPlay - ok

12:27:15.0608 0x095c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

12:27:15.0628 0x095c  PNRPAutoReg - ok

12:27:15.0648 0x095c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

12:27:15.0658 0x095c  PNRPsvc - ok

12:27:15.0708 0x095c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

12:27:15.0758 0x095c  PolicyAgent - ok

12:27:15.0778 0x095c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

12:27:15.0818 0x095c  Power - ok

12:27:15.0848 0x095c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

12:27:15.0888 0x095c  PptpMiniport - ok

12:27:15.0898 0x095c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

12:27:15.0908 0x095c  Processor - ok

12:27:15.0928 0x095c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll

12:27:15.0972 0x095c  ProfSvc - ok

12:27:16.0003 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe

12:27:16.0003 0x095c  ProtectedStorage - ok

12:27:16.0033 0x095c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

12:27:16.0063 0x095c  Psched - ok

12:27:16.0133 0x095c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

12:27:16.0193 0x095c  ql2300 - ok

12:27:16.0223 0x095c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

12:27:16.0223 0x095c  ql40xx - ok

12:27:16.0253 0x095c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

12:27:16.0273 0x095c  QWAVE - ok

12:27:16.0283 0x095c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

12:27:16.0293 0x095c  QWAVEdrv - ok

12:27:16.0293 0x095c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

12:27:16.0333 0x095c  RasAcd - ok

12:27:16.0363 0x095c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

12:27:16.0383 0x095c  RasAgileVpn - ok

12:27:16.0403 0x095c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

12:27:16.0443 0x095c  RasAuto - ok

12:27:16.0463 0x095c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

12:27:16.0503 0x095c  Rasl2tp - ok

12:27:16.0533 0x095c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll

12:27:16.0573 0x095c  RasMan - ok

12:27:16.0603 0x095c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

12:27:16.0623 0x095c  RasPppoe - ok

12:27:16.0633 0x095c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

12:27:16.0663 0x095c  RasSstp - ok

12:27:16.0683 0x095c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

12:27:16.0723 0x095c  rdbss - ok

12:27:16.0743 0x095c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

12:27:16.0753 0x095c  rdpbus - ok

12:27:16.0773 0x095c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

12:27:16.0803 0x095c  RDPCDD - ok

12:27:16.0813 0x095c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

12:27:16.0853 0x095c  RDPENCDD - ok

12:27:16.0863 0x095c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

12:27:16.0883 0x095c  RDPREFMP - ok

12:27:16.0903 0x095c  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

12:27:16.0933 0x095c  RDPWD - ok

12:27:16.0963 0x095c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

12:27:16.0973 0x095c  rdyboost - ok

12:27:17.0023 0x095c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

12:27:17.0053 0x095c  RemoteAccess - ok

12:27:17.0073 0x095c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

12:27:17.0103 0x095c  RemoteRegistry - ok

12:27:17.0123 0x095c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

12:27:17.0143 0x095c  RpcEptMapper - ok

12:27:17.0163 0x095c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

12:27:17.0183 0x095c  RpcLocator - ok

12:27:17.0223 0x095c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll

12:27:17.0263 0x095c  RpcSs - ok

12:27:17.0303 0x095c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

12:27:17.0343 0x095c  rspndr - ok

12:27:17.0393 0x095c  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

12:27:17.0403 0x095c  RTL8167 - ok

12:27:17.0413 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe

12:27:17.0423 0x095c  SamSs - ok

12:27:17.0453 0x095c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

12:27:17.0453 0x095c  sbp2port - ok

12:27:17.0483 0x095c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

12:27:17.0523 0x095c  SCardSvr - ok

12:27:17.0533 0x095c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

12:27:17.0553 0x095c  scfilter - ok

12:27:17.0603 0x095c  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll

12:27:17.0643 0x095c  Schedule - ok

12:27:17.0673 0x095c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll

12:27:17.0693 0x095c  SCPolicySvc - ok

12:27:17.0723 0x095c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

12:27:17.0743 0x095c  SDRSVC - ok

12:27:17.0783 0x095c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

12:27:17.0813 0x095c  secdrv - ok

12:27:17.0843 0x095c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll

12:27:17.0883 0x095c  seclogon - ok

12:27:17.0893 0x095c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

12:27:17.0933 0x095c  SENS - ok

12:27:17.0933 0x095c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

12:27:17.0943 0x095c  SensrSvc - ok

12:27:17.0986 0x095c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

12:27:17.0996 0x095c  Serenum - ok

12:27:18.0016 0x095c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

12:27:18.0026 0x095c  Serial - ok

12:27:18.0046 0x095c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

12:27:18.0076 0x095c  sermouse - ok

12:27:18.0096 0x095c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll

12:27:18.0136 0x095c  SessionEnv - ok

12:27:18.0146 0x095c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

12:27:18.0166 0x095c  sffdisk - ok

12:27:18.0166 0x095c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

12:27:18.0186 0x095c  sffp_mmc - ok

12:27:18.0196 0x095c  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

12:27:18.0206 0x095c  sffp_sd - ok

12:27:18.0206 0x095c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

12:27:18.0216 0x095c  sfloppy - ok

12:27:18.0236 0x095c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

12:27:18.0296 0x095c  SharedAccess - ok

12:27:18.0316 0x095c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

12:27:18.0356 0x095c  ShellHWDetection - ok

12:27:18.0386 0x095c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

12:27:18.0386 0x095c  SiSRaid2 - ok

12:27:18.0406 0x095c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

12:27:18.0416 0x095c  SiSRaid4 - ok

12:27:18.0506 0x095c  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

12:27:18.0526 0x095c  SkypeUpdate - ok

12:27:18.0556 0x095c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

12:27:18.0596 0x095c  Smb - ok

12:27:18.0636 0x095c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

12:27:18.0636 0x095c  SNMPTRAP - ok

12:27:18.0656 0x095c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

12:27:18.0656 0x095c  spldr - ok

12:27:18.0686 0x095c  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe

12:27:18.0706 0x095c  Spooler - ok

12:27:18.0856 0x095c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe

12:27:18.0946 0x095c  sppsvc - ok

12:27:18.0956 0x095c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

12:27:18.0986 0x095c  sppuinotify - ok

12:27:19.0036 0x095c  [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv             C:\Windows\system32\DRIVERS\srv.sys

12:27:19.0076 0x095c  srv - ok

12:27:19.0106 0x095c  [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

12:27:19.0146 0x095c  srv2 - ok

12:27:19.0166 0x095c  [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

12:27:19.0196 0x095c  srvnet - ok

12:27:19.0226 0x095c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

12:27:19.0266 0x095c  SSDPSRV - ok

12:27:19.0286 0x095c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

12:27:19.0316 0x095c  SstpSvc - ok

12:27:19.0326 0x095c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

12:27:19.0336 0x095c  stexstor - ok

12:27:19.0366 0x095c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll

12:27:19.0386 0x095c  stisvc - ok

12:27:19.0406 0x095c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

12:27:19.0406 0x095c  swenum - ok

12:27:19.0446 0x095c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

12:27:19.0486 0x095c  swprv - ok

12:27:19.0556 0x095c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll

12:27:19.0606 0x095c  SysMain - ok

12:27:19.0636 0x095c  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll

12:27:19.0656 0x095c  TabletInputService - ok

12:27:19.0836 0x095c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll

12:27:19.0906 0x095c  TapiSrv - ok

12:27:19.0926 0x095c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

12:27:19.0956 0x095c  TBS - ok

12:27:20.0059 0x095c  [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

12:27:20.0179 0x095c  Tcpip - ok

12:27:20.0289 0x095c  [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

12:27:20.0329 0x095c  TCPIP6 - ok

12:27:20.0349 0x095c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

12:27:20.0369 0x095c  tcpipreg - ok

12:27:20.0379 0x095c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

12:27:20.0419 0x095c  TDPIPE - ok

12:27:20.0429 0x095c  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

12:27:20.0449 0x095c  TDTCP - ok

12:27:20.0469 0x095c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

12:27:20.0499 0x095c  tdx - ok

12:27:20.0809 0x095c  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

12:27:20.0959 0x095c  TeamViewer - ok

12:27:20.0979 0x095c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

12:27:20.0989 0x095c  TermDD - ok

12:27:21.0029 0x095c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll

12:27:21.0079 0x095c  TermService - ok

12:27:21.0099 0x095c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

12:27:21.0109 0x095c  Themes - ok

12:27:21.0119 0x095c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

12:27:21.0149 0x095c  THREADORDER - ok

12:27:21.0159 0x095c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

12:27:21.0199 0x095c  TrkWks - ok

12:27:21.0249 0x095c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

12:27:21.0279 0x095c  TrustedInstaller - ok

12:27:21.0289 0x095c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

12:27:21.0319 0x095c  tssecsrv - ok

12:27:21.0349 0x095c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

12:27:21.0389 0x095c  tunnel - ok

12:27:21.0399 0x095c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

12:27:21.0399 0x095c  uagp35 - ok

12:27:21.0419 0x095c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

12:27:21.0449 0x095c  udfs - ok

12:27:21.0469 0x095c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

12:27:21.0479 0x095c  UI0Detect - ok

12:27:21.0489 0x095c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

12:27:21.0499 0x095c  uliagpkx - ok

12:27:21.0519 0x095c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

12:27:21.0529 0x095c  umbus - ok

12:27:21.0539 0x095c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

12:27:21.0549 0x095c  UmPass - ok

12:27:21.0589 0x095c  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:27:21.0599 0x095c  UNS - ok

12:27:21.0639 0x095c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

12:27:21.0669 0x095c  upnphost - ok

12:27:21.0689 0x095c  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

12:27:21.0709 0x095c  usbccgp - ok

12:27:21.0719 0x095c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

12:27:21.0739 0x095c  usbcir - ok

12:27:21.0749 0x095c  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

12:27:21.0779 0x095c  usbehci - ok

12:27:21.0809 0x095c  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

12:27:21.0849 0x095c  usbhub - ok

12:27:21.0869 0x095c  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

12:27:21.0879 0x095c  usbohci - ok

12:27:21.0909 0x095c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

12:27:21.0909 0x095c  usbprint - ok

12:27:21.0939 0x095c  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

12:27:21.0959 0x095c  usbscan - ok

12:27:21.0969 0x095c  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:27:21.0982 0x095c  USBSTOR - ok

12:27:21.0992 0x095c  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

12:27:22.0002 0x095c  usbuhci - ok

12:27:22.0062 0x095c  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys

12:27:22.0082 0x095c  usb_rndisx - ok

12:27:22.0102 0x095c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

12:27:22.0132 0x095c  UxSms - ok

12:27:22.0142 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe

12:27:22.0152 0x095c  VaultSvc - ok

12:27:22.0172 0x095c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

12:27:22.0182 0x095c  vdrvroot - ok

12:27:22.0212 0x095c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe

12:27:22.0242 0x095c  vds - ok

12:27:22.0272 0x095c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

12:27:22.0282 0x095c  vga - ok

12:27:22.0302 0x095c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

12:27:22.0362 0x095c  VgaSave - ok

12:27:22.0382 0x095c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

12:27:22.0392 0x095c  vhdmp - ok

12:27:22.0402 0x095c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

12:27:22.0412 0x095c  viaide - ok

12:27:22.0422 0x095c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

12:27:22.0432 0x095c  volmgr - ok

12:27:22.0452 0x095c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

12:27:22.0472 0x095c  volmgrx - ok

12:27:22.0492 0x095c  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys

12:27:22.0502 0x095c  volsnap - ok

12:27:22.0532 0x095c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

12:27:22.0532 0x095c  vsmraid - ok

12:27:22.0622 0x095c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe

12:27:22.0692 0x095c  VSS - ok

12:27:22.0722 0x095c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

12:27:22.0742 0x095c  vwifibus - ok

12:27:22.0792 0x095c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

12:27:22.0852 0x095c  W32Time - ok

12:27:22.0882 0x095c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

12:27:22.0892 0x095c  WacomPen - ok

12:27:22.0912 0x095c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

12:27:22.0942 0x095c  WANARP - ok

12:27:22.0942 0x095c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

12:27:22.0962 0x095c  Wanarpv6 - ok

12:27:23.0052 0x095c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe

12:27:23.0152 0x095c  wbengine - ok

12:27:23.0172 0x095c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

12:27:23.0192 0x095c  WbioSrvc - ok

12:27:23.0212 0x095c  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll

12:27:23.0232 0x095c  wcncsvc - ok

12:27:23.0252 0x095c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:27:23.0252 0x095c  WcsPlugInService - ok

12:27:23.0272 0x095c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

12:27:23.0282 0x095c  Wd - ok

12:27:23.0312 0x095c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

12:27:23.0332 0x095c  Wdf01000 - ok

12:27:23.0342 0x095c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

12:27:23.0362 0x095c  WdiServiceHost - ok

12:27:23.0362 0x095c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

12:27:23.0382 0x095c  WdiSystemHost - ok

12:27:23.0412 0x095c  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll

12:27:23.0452 0x095c  WebClient - ok

12:27:23.0472 0x095c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

12:27:23.0542 0x095c  Wecsvc - ok

12:27:23.0552 0x095c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

12:27:23.0582 0x095c  wercplsupport - ok

12:27:23.0612 0x095c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

12:27:23.0642 0x095c  WerSvc - ok

12:27:23.0662 0x095c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

12:27:23.0682 0x095c  WfpLwf - ok

12:27:23.0712 0x095c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

12:27:23.0722 0x095c  WIMMount - ok

12:27:23.0752 0x095c  WinDefend - ok

12:27:23.0762 0x095c  WinHttpAutoProxySvc - ok

12:27:23.0822 0x095c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

12:27:23.0872 0x095c  Winmgmt - ok

12:27:23.0972 0x095c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll

12:27:24.0073 0x095c  WinRM - ok

12:27:24.0123 0x095c  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

12:27:24.0133 0x095c  WinUsb - ok

12:27:24.0193 0x095c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

12:27:24.0253 0x095c  Wlansvc - ok

12:27:24.0273 0x095c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

12:27:24.0273 0x095c  WmiAcpi - ok

12:27:24.0303 0x095c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

12:27:24.0323 0x095c  wmiApSrv - ok

12:27:24.0343 0x095c  WMPNetworkSvc - ok

12:27:24.0363 0x095c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

12:27:24.0383 0x095c  WPCSvc - ok

12:27:24.0393 0x095c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

12:27:24.0423 0x095c  WPDBusEnum - ok

12:27:24.0443 0x095c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

12:27:24.0473 0x095c  ws2ifsl - ok

12:27:24.0493 0x095c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

12:27:24.0503 0x095c  wscsvc - ok

12:27:24.0503 0x095c  WSearch - ok

12:27:24.0633 0x095c  [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv        C:\Windows\system32\wuaueng.dll

12:27:24.0713 0x095c  wuauserv - ok

12:27:24.0753 0x095c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

12:27:24.0803 0x095c  WudfPf - ok

12:27:24.0833 0x095c  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

12:27:24.0873 0x095c  WUDFRd - ok

12:27:24.0893 0x095c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

12:27:24.0913 0x095c  wudfsvc - ok

12:27:24.0933 0x095c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll

12:27:24.0963 0x095c  WwanSvc - ok

12:27:24.0983 0x095c  ================ Scan global ===============================

12:27:25.0003 0x095c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

12:27:25.0023 0x095c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll

12:27:25.0043 0x095c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll

12:27:25.0073 0x095c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

12:27:25.0093 0x095c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

12:27:25.0103 0x095c  [ Global ] - ok

12:27:25.0103 0x095c  ================ Scan MBR ==================================

12:27:25.0113 0x095c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

12:27:25.0363 0x095c  \Device\Harddisk0\DR0 - ok

12:27:25.0363 0x095c  ================ Scan VBR ==================================

12:27:25.0373 0x095c  [ 5440AB7B76155E2BD692C6D12B753F92 ] \Device\Harddisk0\DR0\Partition1

12:27:25.0373 0x095c  \Device\Harddisk0\DR0\Partition1 - ok

12:27:25.0383 0x095c  [ A6BDA37385CDEE45169BDAD078DD6579 ] \Device\Harddisk0\DR0\Partition2

12:27:25.0383 0x095c  \Device\Harddisk0\DR0\Partition2 - ok

12:27:25.0393 0x095c  [ 790828EE0E9EC50ED9E5C7C062C9442F ] \Device\Harddisk0\DR0\Partition3

12:27:25.0393 0x095c  \Device\Harddisk0\DR0\Partition3 - ok

12:27:25.0393 0x095c  ================ Scan active images ========================

12:27:25.0393 0x095c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] C:\Windows\System32\drivers\atapi.sys

12:27:25.0393 0x095c  C:\Windows\System32\drivers\atapi.sys - ok

12:27:25.0403 0x095c  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys

12:27:25.0403 0x095c  C:\Windows\System32\drivers\crashdmp.sys - ok

12:27:25.0403 0x095c  [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys

12:27:25.0403 0x095c  C:\Windows\System32\drivers\Dumpata.sys - ok

12:27:25.0413 0x095c  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys

12:27:25.0413 0x095c  C:\Windows\System32\drivers\dumpfve.sys - ok

12:27:25.0413 0x095c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys

12:27:25.0413 0x095c  C:\Windows\System32\drivers\beep.sys - ok

12:27:25.0413 0x095c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] C:\Windows\System32\drivers\cdrom.sys

12:27:25.0413 0x095c  C:\Windows\System32\drivers\cdrom.sys - ok

12:27:25.0423 0x095c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys

12:27:25.0423 0x095c  C:\Windows\System32\drivers\null.sys - ok

12:27:25.0423 0x095c  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys

12:27:25.0423 0x095c  C:\Windows\System32\drivers\watchdog.sys - ok

12:27:25.0433 0x095c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys

12:27:25.0433 0x095c  C:\Windows\System32\drivers\msfs.sys - ok

12:27:25.0433 0x095c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys

12:27:25.0433 0x095c  C:\Windows\System32\drivers\npfs.sys - ok

12:27:25.0433 0x095c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys

12:27:25.0433 0x095c  C:\Windows\System32\drivers\RDPCDD.sys - ok

12:27:25.0433 0x095c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys

12:27:25.0433 0x095c  C:\Windows\System32\drivers\RDPENCDD.sys - ok

12:27:25.0443 0x095c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys

12:27:25.0443 0x095c  C:\Windows\System32\drivers\RDPREFMP.sys - ok

12:27:25.0443 0x095c  [ 0CA6FE26ACC7FFEE1BD0463F40835F32, 22D29762CED22BBDA3D89D9AFFDEA2F3DAF91524D7A7524BE45578F17781F376 ] C:\Windows\System32\drivers\tdi.sys

12:27:25.0443 0x095c  C:\Windows\System32\drivers\tdi.sys - ok

12:27:25.0443 0x095c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] C:\Windows\System32\drivers\tdx.sys

12:27:25.0443 0x095c  C:\Windows\System32\drivers\tdx.sys - ok

12:27:25.0443 0x095c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys

12:27:25.0443 0x095c  C:\Windows\System32\drivers\vga.sys - ok

12:27:25.0453 0x095c  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys

12:27:25.0453 0x095c  C:\Windows\System32\drivers\videoprt.sys - ok

12:27:25.0453 0x095c  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] C:\Windows\System32\drivers\afd.sys

12:27:25.0453 0x095c  C:\Windows\System32\drivers\afd.sys - ok

12:27:25.0453 0x095c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] C:\Windows\System32\drivers\netbt.sys

12:27:25.0453 0x095c  C:\Windows\System32\drivers\netbt.sys - ok

12:27:25.0453 0x095c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys

12:27:25.0453 0x095c  C:\Windows\System32\drivers\wfplwf.sys - ok

12:27:25.0463 0x095c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] C:\Windows\System32\drivers\pacer.sys

12:27:25.0463 0x095c  C:\Windows\System32\drivers\pacer.sys - ok

12:27:25.0463 0x095c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys

12:27:25.0463 0x095c  C:\Windows\System32\drivers\netbios.sys - ok

12:27:25.0463 0x095c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] C:\Windows\System32\drivers\serial.sys

12:27:25.0463 0x095c  C:\Windows\System32\drivers\serial.sys - ok

12:27:25.0463 0x095c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] C:\Windows\System32\drivers\termdd.sys

12:27:25.0463 0x095c  C:\Windows\System32\drivers\termdd.sys - ok

12:27:25.0473 0x095c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] C:\Windows\System32\drivers\wanarp.sys

12:27:25.0473 0x095c  C:\Windows\System32\drivers\wanarp.sys - ok

12:27:25.0473 0x095c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys

12:27:25.0473 0x095c  C:\Windows\System32\drivers\mssmbios.sys - ok

12:27:25.0473 0x095c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys

12:27:25.0473 0x095c  C:\Windows\System32\drivers\nsiproxy.sys - ok

12:27:25.0473 0x095c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] C:\Windows\System32\drivers\rdbss.sys

12:27:25.0473 0x095c  C:\Windows\System32\drivers\rdbss.sys - ok

12:27:25.0483 0x095c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys

12:27:25.0483 0x095c  C:\Windows\System32\drivers\blbdrive.sys - ok

12:27:25.0483 0x095c  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] C:\Windows\System32\drivers\dfsc.sys

12:27:25.0483 0x095c  C:\Windows\System32\drivers\dfsc.sys - ok

12:27:25.0483 0x095c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys

12:27:25.0483 0x095c  C:\Windows\System32\drivers\discache.sys - ok

12:27:25.0483 0x095c  [ CC19A6452BA688EA32D14D8DBEC190F4, 6D52B63926E1766DB8BD00CC5CC0AD9EA3B68FC1E6C66FAF4E899606437468A3 ] C:\Windows\System32\drivers\AppleCharger.sys

12:27:25.0483 0x095c  C:\Windows\System32\drivers\AppleCharger.sys - ok

12:27:25.0493 0x095c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys

12:27:25.0493 0x095c  C:\Windows\System32\drivers\intelppm.sys - ok

12:27:25.0493 0x095c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] C:\Windows\System32\drivers\tunnel.sys

12:27:25.0493 0x095c  C:\Windows\System32\drivers\tunnel.sys - ok

12:27:25.0493 0x095c  [ 1911A3356FA3F77CCC825CCBAC038C2A, 6ED135B792C81D78B33A57F0F4770DB6105C9ED3E2193629CB3EC38BFD5B7E1B ] C:\Windows\System32\smss.exe

12:27:25.0493 0x095c  C:\Windows\System32\smss.exe - ok

12:27:25.0503 0x095c  [ BC8E5D3038E2CA27AFE8B692907BFD9A, 9B0189298D69DED3220574F6C57C0DEB39EF081E0DA9D7891820F2F834561955 ] C:\Windows\System32\ntdll.dll

12:27:25.0503 0x095c  C:\Windows\System32\ntdll.dll - ok

12:27:25.0503 0x095c  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] C:\Windows\System32\drivers\nvlddmkm.sys

12:27:25.0503 0x095c  C:\Windows\System32\drivers\nvlddmkm.sys - ok

12:27:25.0503 0x095c  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] C:\Windows\System32\drivers\dxgkrnl.sys

12:27:25.0503 0x095c  C:\Windows\System32\drivers\dxgkrnl.sys - ok

12:27:25.0513 0x095c  [ DDB7AD1BA01005521010DB3E30ADC972, F1B7376F1A348D7073AB3E7C4629F13E10AAF2B37E68F01D145C8C01CA1BFDCB ] C:\Windows\System32\drivers\dxgmms1.sys

12:27:25.0513 0x095c  C:\Windows\System32\drivers\dxgmms1.sys - ok

12:27:25.0513 0x095c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] C:\Windows\System32\drivers\HECIx64.sys

12:27:25.0513 0x095c  C:\Windows\System32\drivers\HECIx64.sys - ok

12:27:25.0513 0x095c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] C:\Windows\System32\drivers\hdaudbus.sys

12:27:25.0513 0x095c  C:\Windows\System32\drivers\hdaudbus.sys - ok

12:27:25.0523 0x095c  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] C:\Windows\System32\drivers\usbehci.sys

12:27:25.0523 0x095c  C:\Windows\System32\drivers\usbehci.sys - ok

12:27:25.0523 0x095c  [ A91291136D1E70966645252F6B828711, 4BED45CBE78748A81F1EAAE8C7446207414EF1FC79F13E24EF426531AD8BD836 ] C:\Windows\System32\drivers\usbport.sys

12:27:25.0523 0x095c  C:\Windows\System32\drivers\usbport.sys - ok

12:27:25.0523 0x095c  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] C:\Windows\System32\drivers\Rt64win7.sys

12:27:25.0523 0x095c  C:\Windows\System32\drivers\Rt64win7.sys - ok

12:27:25.0533 0x095c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys

12:27:25.0533 0x095c  C:\Windows\System32\drivers\agilevpn.sys - ok

12:27:25.0533 0x095c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] C:\Windows\System32\drivers\CompositeBus.sys

12:27:25.0533 0x095c  C:\Windows\System32\drivers\CompositeBus.sys - ok

12:27:25.0533 0x095c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys

12:27:25.0533 0x095c  C:\Windows\System32\drivers\i8042prt.sys - ok

12:27:25.0543 0x095c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys

12:27:25.0543 0x095c  C:\Windows\System32\drivers\kbdclass.sys - ok

12:27:25.0543 0x095c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] C:\Windows\System32\drivers\parport.sys

12:27:25.0543 0x095c  C:\Windows\System32\drivers\parport.sys - ok

12:27:25.0543 0x095c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] C:\Windows\System32\drivers\rasl2tp.sys

12:27:25.0543 0x095c  C:\Windows\System32\drivers\rasl2tp.sys - ok

12:27:25.0543 0x095c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] C:\Windows\System32\drivers\serenum.sys

12:27:25.0543 0x095c  C:\Windows\System32\drivers\serenum.sys - ok

12:27:25.0553 0x095c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys

12:27:25.0553 0x095c  C:\Windows\System32\drivers\ndistapi.sys - ok

12:27:25.0553 0x095c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] C:\Windows\System32\drivers\ndiswan.sys

12:27:25.0553 0x095c  C:\Windows\System32\drivers\ndiswan.sys - ok

12:27:25.0553 0x095c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys

12:27:25.0553 0x095c  C:\Windows\System32\drivers\raspppoe.sys - ok

12:27:25.0553 0x095c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] C:\Windows\System32\drivers\raspptp.sys

12:27:25.0553 0x095c  C:\Windows\System32\drivers\raspptp.sys - ok

12:27:25.0563 0x095c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys

12:27:25.0563 0x095c  C:\Windows\System32\drivers\rassstp.sys - ok

12:27:25.0563 0x095c  [ 3E099CC843C4233E5AF147C8EA8BA32B, 238EEFDB5B98A15439BC2192BCD36F46A976D1CB56C51B9B9D9D2E010C61A5DA ] C:\Windows\System32\drivers\ks.sys

12:27:25.0563 0x095c  C:\Windows\System32\drivers\ks.sys - ok

12:27:25.0563 0x095c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys

12:27:25.0563 0x095c  C:\Windows\System32\drivers\mouclass.sys - ok

12:27:25.0563 0x095c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys

12:27:25.0563 0x095c  C:\Windows\System32\drivers\swenum.sys - ok

12:27:25.0573 0x095c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] C:\Windows\System32\drivers\umbus.sys

12:27:25.0573 0x095c  C:\Windows\System32\drivers\umbus.sys - ok

12:27:25.0573 0x095c  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] C:\Windows\System32\drivers\usbhub.sys

12:27:25.0573 0x095c  C:\Windows\System32\drivers\usbhub.sys - ok

12:27:25.0573 0x095c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] C:\Windows\System32\drivers\ndproxy.sys

12:27:25.0573 0x095c  C:\Windows\System32\drivers\ndproxy.sys - ok

12:27:25.0573 0x095c  [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys

12:27:25.0573 0x095c  C:\Windows\System32\drivers\drmk.sys - ok

12:27:25.0583 0x095c  [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys

12:27:25.0583 0x095c  C:\Windows\System32\drivers\portcls.sys - ok

12:27:25.0583 0x095c  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] C:\Windows\System32\drivers\RTKVHD64.sys

12:27:25.0583 0x095c  C:\Windows\System32\drivers\RTKVHD64.sys - ok

12:27:25.0583 0x095c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys

12:27:25.0583 0x095c  C:\Windows\System32\drivers\ksthunk.sys - ok

12:27:25.0583 0x095c  [ 8B7F8E882A649D81CEA1EDE9BBB68FFF, 3BDA2C1F922EC672353CB2F296720FC75F3D573A6FCF879B220EB793611CF82E ] C:\Windows\System32\autochk.exe

12:27:25.0583 0x095c  C:\Windows\System32\autochk.exe - ok

12:27:25.0593 0x095c  [ 7319BB10FA1F86E49E3DCF4136F6C957, 60DE43AB267FD41C9804369B569139ADD30ED4E295C425F44FC04D3FCC95FCA2 ] C:\Windows\System32\msvcrt.dll

12:27:25.0593 0x095c  C:\Windows\System32\msvcrt.dll - ok

12:27:25.0593 0x095c  [ E5CBF5F8623BBD1DB7B8148A66F6EBA4, 533021C8FAB7C6FA34F57350308F30B55620AFFABCBA9A624039A1B07AD3E94F ] C:\Windows\System32\Wldap32.dll

12:27:25.0593 0x095c  C:\Windows\System32\Wldap32.dll - ok

12:27:25.0593 0x095c  [ 4B25DDE615AC2CABAB73169CA7DA96E6, 1A6694D99AED32D8F9629294E7DC6885C2B148249E0358AABCFE34590996E0BF ] C:\Windows\System32\ole32.dll

12:27:25.0593 0x095c  C:\Windows\System32\ole32.dll - ok

12:27:25.0593 0x095c  [ 2EC1645863B2C0598227D99C13E231DB, 408734C69913DDC48C2413E76E602863C26A64FE315329AC6FE42B21CDBECA81 ] C:\Windows\System32\oleaut32.dll

12:27:25.0593 0x095c  C:\Windows\System32\oleaut32.dll - ok

12:27:25.0593 0x095c  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll

12:27:25.0593 0x095c  C:\Windows\System32\psapi.dll - ok

12:27:25.0603 0x095c  [ 7083F463788CB34FCC42F565D56F89E8, 43876B0BD4D8E94D9234D9726B0B492C9EB0F66A6951861DF7148C16AF7EA09D ] C:\Windows\System32\ws2_32.dll

12:27:25.0603 0x095c  C:\Windows\System32\ws2_32.dll - ok

12:27:25.0603 0x095c  [ 48C903068B6BDAB5EF650B9CBEE85295, 69FF82F689ABBDD66E48D27F40DEE69F96C4E1E8193F78A12911C8DB5D0D1939 ] C:\Windows\System32\rpcrt4.dll

12:27:25.0603 0x095c  C:\Windows\System32\rpcrt4.dll - ok

12:27:25.0603 0x095c  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll

12:27:25.0603 0x095c  C:\Windows\System32\normaliz.dll - ok

12:27:25.0603 0x095c  [ 5F2BDCA5FA0F20A6F452CF0EE2A2B18C, 91523F6E2227847A0BFDE7265C704602DF4D9455FC02AC5C7409450FE46720E2 ] C:\Windows\System32\usp10.dll

12:27:25.0603 0x095c  C:\Windows\System32\usp10.dll - ok

12:27:25.0613 0x095c  [ 6A4EA4C29FBF78112AE20013FB71E9C1, 2FA53B8F98F2E8AEF50880AF1C64664A4FD1F38F47779DC6476F50907B685FF2 ] C:\Windows\System32\setupapi.dll

12:27:25.0613 0x095c  C:\Windows\System32\setupapi.dll - ok

12:27:25.0613 0x095c  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll

12:27:25.0613 0x095c  C:\Windows\System32\imm32.dll - ok

12:27:25.0613 0x095c  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll

12:27:25.0613 0x095c  C:\Windows\System32\clbcatq.dll - ok

12:27:25.0613 0x095c  [ A655878D5E5F1D14B006313CBB58A041, B984CEF944140322952985CD6E79F92383D328BB5483CA779E526E54BEA4FD2A ] C:\Windows\System32\imagehlp.dll

12:27:25.0613 0x095c  C:\Windows\System32\imagehlp.dll - ok

12:27:25.0623 0x095c  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll

12:27:25.0623 0x095c  C:\Windows\System32\nsi.dll - ok

12:27:25.0623 0x095c  [ F94B8644F3AFE040EC6E1B6FBC9EFAA9, 5BEC7DBD63AA8AC19FCA7AF6AD751C683911964FE5268D2C73DF42C3C48147A7 ] C:\Windows\System32\comdlg32.dll

12:27:25.0623 0x095c  C:\Windows\System32\comdlg32.dll - ok

12:27:25.0623 0x095c  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll

12:27:25.0623 0x095c  C:\Windows\System32\msctf.dll - ok

12:27:25.0623 0x095c  [ 15BDC173EB5FA4F92B67D9FFB269A6EA, 3AD223CEA07093E42D37FDB81D0E045FFD724D7DEDDCC5A70631481A49D3D7A0 ] C:\Windows\System32\shlwapi.dll

12:27:25.0623 0x095c  C:\Windows\System32\shlwapi.dll - ok

12:27:25.0633 0x095c  [ 39570395292A4702FDE94C345DF0C39E, B75C8AE52B1A22E6FEEAE392B77506500AA0DFE86167941AAA1E68F262CE7106 ] C:\Windows\System32\iertutil.dll

12:27:25.0633 0x095c  C:\Windows\System32\iertutil.dll - ok

12:27:25.0633 0x095c  [ D202223587518B13D72D68937B7E3F70, 9DB971B866D058ADBB518DD99B87C5DB8DD1E7C9073755B989AE7E9FB62901E8 ] C:\Windows\System32\lpk.dll

12:27:25.0633 0x095c  C:\Windows\System32\lpk.dll - ok

12:27:25.0633 0x095c  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll

12:27:25.0633 0x095c  C:\Windows\System32\sechost.dll - ok

12:27:25.0633 0x095c  [ 5B4B379AD10DEDA4EDA01B8C6961B193, 48EEBACBC5C8E1C12B72D0D5698BC33AE5F49D80C0E9C437AC6B0FCA4FBD7231 ] C:\Windows\System32\kernel32.dll

12:27:25.0633 0x095c  C:\Windows\System32\kernel32.dll - ok

12:27:25.0633 0x095c  [ 685FEC2407FC121EB937CB658B3C0F35, 9357476FB5722A15B109FAC45F8110BD17BEBFB941BB2770808882805935B9C1 ] C:\Windows\System32\drivers\hidclass.sys

12:27:25.0633 0x095c  C:\Windows\System32\drivers\hidclass.sys - ok

12:27:25.0643 0x095c  [ 49EE2E52E6CD03947DAD72F65367BE06, 933097B903B13767DD49192E7BF8EAABC5BADFDAF8B31B806AA65C533F24B686 ] C:\Windows\System32\drivers\hidparse.sys

12:27:25.0643 0x095c  C:\Windows\System32\drivers\hidparse.sys - ok

12:27:25.0643 0x095c  [ 63C8D74BED9F80F4DD0AA7A3101EB639, EA2CE29025259E9DE945CE52C80A41C33024D7C2907AA1928480EC11FC852B08 ] C:\Windows\System32\drivers\usbd.sys

12:27:25.0643 0x095c  C:\Windows\System32\drivers\usbd.sys - ok

12:27:25.0643 0x095c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] C:\Windows\System32\drivers\hidusb.sys

12:27:25.0643 0x095c  C:\Windows\System32\drivers\hidusb.sys - ok

12:27:25.0643 0x095c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys

12:27:25.0643 0x095c  C:\Windows\System32\drivers\mouhid.sys - ok

12:27:25.0653 0x095c  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll

12:27:25.0653 0x095c  C:\Windows\System32\difxapi.dll - ok

12:27:25.0653 0x095c  [ 6DF46D2BD74E3DA1B45F08F10D172732, 2DC945F6F2C4A82189BC7DA2FCBB7D9A0E2588A909539249E55BA82468E0C677 ] C:\Windows\System32\advapi32.dll

12:27:25.0653 0x095c  C:\Windows\System32\advapi32.dll - ok

12:27:25.0653 0x095c  [ B1037F0131C9A010D611F6914E03CD92, E0FC5DBFBDE4FDEEEE9FE24AF05A0DCE1BD83B091F4C252FD0F2DF6890977E05 ] C:\Windows\System32\wininet.dll

12:27:25.0653 0x095c  C:\Windows\System32\wininet.dll - ok

12:27:25.0653 0x095c  [ E1B1255D3A4B3367FE4E9C71E62E3B5A, DBFE4268D8365D97ED948BC56EBC886B4BF2684F6A31FAC7ECEA3B289F13906D ] C:\Windows\System32\gdi32.dll

12:27:25.0653 0x095c  C:\Windows\System32\gdi32.dll - ok

12:27:25.0663 0x095c  [ 690637129A0DD2DB8DED8B6B17EED0AB, D0B85C3674FC83964E97B0352D4F30A49D89F2BD1C76B7FAEC4991EDD94227FF ] C:\Windows\System32\urlmon.dll

12:27:25.0663 0x095c  C:\Windows\System32\urlmon.dll - ok

12:27:25.0663 0x095c  [ 4EE609BFBD4D5316F662832680828FA6, 21E1DAEC14E1AE657B7C66E29F84C67C1DB56BEFF17ED1758C2BA22C4F637B16 ] C:\Windows\System32\shell32.dll

12:27:25.0663 0x095c  C:\Windows\System32\shell32.dll - ok

12:27:25.0663 0x095c  [ 0B864E15A0BADFF0E7BB8B59009FDDCF, 4FD9A85DE35BFE8E74FFD3B96E779EA1C5D8660784041B2EC475DA2BAA1EE3A0 ] C:\Windows\System32\user32.dll

12:27:25.0663 0x095c  C:\Windows\System32\user32.dll - ok

12:27:25.0663 0x095c  [ 4D7D93115F537B2E2814AC8E7F1F06B4, E88D9B56B7D3D7242636AD47A28981D106782C80A8689215375D1A8DA1AC2C8B ] C:\Windows\System32\wintrust.dll

12:27:25.0663 0x095c  C:\Windows\System32\wintrust.dll - ok

12:27:25.0673 0x095c  [ 15B740D94BAD25467A297E75124D7EE2, 7535F154267573CEC7C5ADCF101F2F42F258B202E7D0FE71660E8516478B258B ] C:\Windows\System32\crypt32.dll

12:27:25.0673 0x095c  C:\Windows\System32\crypt32.dll - ok

12:27:25.0673 0x095c  [ D05E03C1B2824236531F5E37334B6A8A, 4C79F02AA9F4C36B5A463B71A715523B5D4860B28A40840E54C1C4C5685018C6 ] C:\Windows\System32\cfgmgr32.dll

12:27:25.0673 0x095c  C:\Windows\System32\cfgmgr32.dll - ok

12:27:25.0673 0x095c  [ 7E8AB50AB7F2F81F30DCC8A98025B73A, EA684B86B6C268D95FDB775E4E42EA00BB253F75F44477F6D7761EF6DA315AF4 ] C:\Windows\System32\comctl32.dll

12:27:25.0673 0x095c  C:\Windows\System32\comctl32.dll - ok

12:27:25.0673 0x095c  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll

12:27:25.0673 0x095c  C:\Windows\System32\devobj.dll - ok

12:27:25.0683 0x095c  [ D1598B80C58017A7DCABCF7F0787289D, 2B8126DADD7CAAD0CA951700CF1F1E62E5468F4456EB092CBEF5D53F875ED2A6 ] C:\Windows\System32\KernelBase.dll

12:27:25.0683 0x095c  C:\Windows\System32\KernelBase.dll - ok

12:27:25.0683 0x095c  [ E53F0B4AEF9C87A7EBEB9D380CA148FD, 581FDAECA43EED2FC72272710E65EECB59FD0B85960DE92BBE95720D2B494112 ] C:\Windows\System32\msasn1.dll

12:27:25.0683 0x095c  C:\Windows\System32\msasn1.dll - ok

12:27:25.0683 0x095c  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll

12:27:25.0683 0x095c  C:\Windows\SysWOW64\normaliz.dll - ok

12:27:25.0683 0x095c  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys

12:27:25.0683 0x095c  C:\Windows\System32\drivers\dxapi.sys - ok

12:27:25.0693 0x095c  [ CBEF2EB83438ED9FC39411CC8378B0E7, C96B771D75A971301275496185E3E6CF7F68240CC78925631F72B78252F0FDB6 ] C:\Windows\System32\win32k.sys

12:27:25.0693 0x095c  C:\Windows\System32\win32k.sys - ok

12:27:25.0693 0x095c  [ 0D7598360DF6C8637E6D678C20B5C47C, 0EC86D578C0B1703B89C24AE0FEE2CD91DD869BD4A97949A4B29AE57D490F890 ] C:\Windows\System32\csrsrv.dll

12:27:25.0693 0x095c  C:\Windows\System32\csrsrv.dll - ok

12:27:25.0693 0x095c  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe

12:27:25.0693 0x095c  C:\Windows\System32\csrss.exe - ok

12:27:25.0703 0x095c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll

12:27:25.0703 0x095c  C:\Windows\System32\basesrv.dll - ok

12:27:25.0703 0x095c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\System32\winsrv.dll

12:27:25.0703 0x095c  C:\Windows\System32\winsrv.dll - ok

12:27:25.0703 0x095c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys

12:27:25.0703 0x095c  C:\Windows\System32\drivers\monitor.sys - ok

12:27:25.0703 0x095c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll

12:27:25.0703 0x095c  C:\Windows\System32\sxssrv.dll - ok

12:27:25.0703 0x095c  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll

12:27:25.0703 0x095c  C:\Windows\System32\tsddd.dll - ok

12:27:25.0713 0x095c  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe

12:27:25.0713 0x095c  C:\Windows\System32\wininit.exe - ok

12:27:25.0713 0x095c  [ C03E117AA19C7D59B9783C06DB9DE79C, 07C8F607B677557A6F197D406CE8B2AE9D69FE4716AE7071C3A56ECE101DDB66 ] C:\Windows\System32\cdd.dll

12:27:25.0713 0x095c  C:\Windows\System32\cdd.dll - ok

12:27:25.0713 0x095c  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll

12:27:25.0713 0x095c  C:\Windows\System32\profapi.dll - ok

12:27:25.0713 0x095c  [ F4389DA7DBDA2E7D292D360CF8E400C7, EBB50703FA573932727FBDCB407D9D5945BDC052CEFADED8237185063DD3A4AE ] C:\Windows\System32\RpcRtRemote.dll

12:27:25.0713 0x095c  C:\Windows\System32\RpcRtRemote.dll - ok

12:27:25.0723 0x095c  [ B9A047D231D32FDF5AF2F281E4326A9D, 814DC543DBBA137D478C51248A99ACC2485744F7BDC7A382B03B8912C0EB73EE ] C:\Windows\System32\KBDUS.DLL

12:27:25.0723 0x095c  C:\Windows\System32\KBDUS.DLL - ok

12:27:25.0723 0x095c  [ 6D45BA32FF5F8FB8A716B344335C8C3F, 507DC07752B7A673F34EC6869A9A6EA792E1A1068685A9C3C6B339BEC82E2FD6 ] C:\Windows\System32\KBDLA.DLL

12:27:25.0723 0x095c  C:\Windows\System32\KBDLA.DLL - ok

12:27:25.0723 0x095c  [ 331EFB5B729C3DB265F985D857B6F574, F83A806604B963E0A4F0E36D94C4BF802E0E26410C6C70B2DF97F6DE9C4CB896 ] C:\Windows\System32\KBDUSX.DLL

12:27:25.0723 0x095c  C:\Windows\System32\KBDUSX.DLL - ok

12:27:25.0723 0x095c  [ 456C92A9D8DB51B9938A6234BBC65FC9, A20EF19E25384B34D3FE997099DD71EA595F3ACDA0F7C56695DC48ADFA54F5B8 ] C:\Windows\System32\sxs.dll

12:27:25.0723 0x095c  C:\Windows\System32\sxs.dll - ok

12:27:25.0733 0x095c  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll

12:27:25.0733 0x095c  C:\Windows\System32\WlS0WndH.dll - ok

12:27:25.0733 0x095c  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll

12:27:25.0733 0x095c  C:\Windows\System32\cryptbase.dll - ok

12:27:25.0733 0x095c  [ 01A465AC251BCCF6037DF2EF28AA4292, 49C0E1B5B0B7FAACF226C8DA15F518BEAE6B868AB079023B9181A5039DD5E456 ] C:\Windows\System32\apphelp.dll

12:27:25.0733 0x095c  C:\Windows\System32\apphelp.dll - ok

12:27:25.0733 0x095c  [ DC4350DBB5307A503ED3858938A1B1EE, A0C02BC9413AACEEFA1583643FA823C3DD9AE720828E8B67F9AA707D897956A3 ] C:\Windows\System32\lsasrv.dll

12:27:25.0733 0x095c  C:\Windows\System32\lsasrv.dll - ok

12:27:25.0743 0x095c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] C:\Windows\System32\lsass.exe

12:27:25.0743 0x095c  C:\Windows\System32\lsass.exe - ok

12:27:25.0743 0x095c  [ 04FCA22B77A2E37332CC8226187AF87B, 6B085DB5C2EC21D2ED7BE842E7842FCC3530D1828FBE28C16E61F7E12B27833B ] C:\Windows\System32\lsm.exe

12:27:25.0743 0x095c  C:\Windows\System32\lsm.exe - ok

12:27:25.0743 0x095c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe

12:27:25.0743 0x095c  C:\Windows\System32\services.exe - ok

12:27:25.0743 0x095c  [ 18367866684A72C5188D50AC1174F1B7, C51505160876F1D7D7004CB5CE8FBB74E21E4675933629BD7C2B8D6F361A2D97 ] C:\Windows\System32\sspisrv.dll

12:27:25.0743 0x095c  C:\Windows\System32\sspisrv.dll - ok

12:27:25.0753 0x095c  [ 2A0EA951A326C2E78AF86E2F9704327E, 2224C1A97F2FAE0B307DFDAFC5BB2BB051A747939A2EA7AB19820D6537F9555F ] C:\Windows\System32\sspicli.dll

12:27:25.0753 0x095c  C:\Windows\System32\sspicli.dll - ok

12:27:25.0753 0x095c  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll

12:27:25.0753 0x095c  C:\Windows\System32\sysntfy.dll - ok

12:27:25.0753 0x095c  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll

12:27:25.0753 0x095c  C:\Windows\System32\wmsgapi.dll - ok

12:27:25.0753 0x095c  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll

12:27:25.0753 0x095c  C:\Windows\System32\scext.dll - ok

12:27:25.0763 0x095c  [ 941AF3C8B0DE1B359BE22DD3288A8C8E, 8D1081C58097C68939955E3C700B1B9764212A6A70BEEE353985512F39DE2EBF ] C:\Windows\System32\scesrv.dll

12:27:25.0763 0x095c  C:\Windows\System32\scesrv.dll - ok

12:27:25.0763 0x095c  [ 9F5225F41D5474A651384C088D9FF502, 75EC20BFB470EA1F1ECC6111E4893C0C34CCA859AEBAC8B3A88F4CEF53E11C99 ] C:\Windows\System32\secur32.dll

12:27:25.0763 0x095c  C:\Windows\System32\secur32.dll - ok

12:27:25.0763 0x095c  [ D23371AB9607651937C7641A38CD52BC, 00ED1F9EC0B57A3E970F707C3B91CC68F874C0F0073CEA9FAD09EA2515B751C0 ] C:\Windows\System32\srvcli.dll

12:27:25.0763 0x095c  C:\Windows\System32\srvcli.dll - ok

12:27:25.0763 0x095c  [ B160ADAEFC76031D92C4FBAC0918B033, A3A0D5AE3F15D6275005EA104D992A3A84B0AC0CA2E629716065DB715CCA856B ] C:\Windows\System32\samsrv.dll

12:27:25.0763 0x095c  C:\Windows\System32\samsrv.dll - ok

12:27:25.0763 0x095c  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll

12:27:25.0763 0x095c  C:\Windows\System32\cryptdll.dll - ok

12:27:25.0773 0x095c  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll

12:27:25.0773 0x095c  C:\Windows\System32\wevtapi.dll - ok

12:27:25.0773 0x095c  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll

12:27:25.0773 0x095c  C:\Windows\System32\authz.dll - ok

12:27:25.0773 0x095c  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll

12:27:25.0773 0x095c  C:\Windows\System32\cngaudit.dll - ok

12:27:25.0773 0x095c  [ 2E8C52A0EC788D90FA35D9507D828771, DD5AAA10E075F209D9827C7A192AD5645D1156C149DB9B5AC1EF7B5E0B5F11DE ] C:\Windows\System32\ncrypt.dll

12:27:25.0773 0x095c  C:\Windows\System32\ncrypt.dll - ok

12:27:25.0783 0x095c  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll

12:27:25.0783 0x095c  C:\Windows\System32\bcrypt.dll - ok

12:27:25.0783 0x095c  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll

12:27:25.0783 0x095c  C:\Windows\System32\msprivs.dll - ok

12:27:25.0783 0x095c  [ B561B451320B0B40908A8BFD81705262, D9E6B0C33B03D7648A8229FB5FE06332141F1F8E9F73790D4D7D621DC53EF9D3 ] C:\Windows\System32\netjoin.dll

12:27:25.0783 0x095c  C:\Windows\System32\netjoin.dll - ok

12:27:25.0783 0x095c  [ 34380AD96D390D129CE771D25D2AE9B2, E1BAD98E872EE6AFDAF2ED2D9527EF29C405DCCA3C9608771B4090731B328140 ] C:\Windows\System32\atmfd.dll

12:27:25.0783 0x095c  C:\Windows\System32\atmfd.dll - ok

12:27:25.0793 0x095c  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll

12:27:25.0793 0x095c  C:\Windows\System32\negoexts.dll - ok

12:27:25.0793 0x095c  [ F5D06621DF3311120C778935D3219021, FCB711351F7795A2541C82F20285C1D11A576641EB8C5E31D125C2EB929992D0 ] C:\Windows\System32\kerberos.dll

12:27:25.0793 0x095c  C:\Windows\System32\kerberos.dll - ok

12:27:25.0793 0x095c  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll

12:27:25.0793 0x095c  C:\Windows\System32\cryptsp.dll - ok

12:27:25.0793 0x095c  [ FC76FE3C1E1FDB761244D4F74EF560FD, 85D7BD8887E53F7E1C37D2EC3964D714C0939ED5D45F95332F425341AA181C19 ] C:\Windows\System32\mswsock.dll

12:27:25.0793 0x095c  C:\Windows\System32\mswsock.dll - ok

12:27:25.0803 0x095c  [ B2A020ADF96AB10EF3EF269849A726C8, 0F1B0027FA118A51891952D8ED1C0A8BEDBA3E2E18BCFC267A4402FD051FA942 ] C:\Windows\System32\msv1_0.dll

12:27:25.0803 0x095c  C:\Windows\System32\msv1_0.dll - ok

12:27:25.0803 0x095c  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll

12:27:25.0803 0x095c  C:\Windows\System32\wship6.dll - ok

12:27:25.0803 0x095c  [ 956D030D375F207B22FB111E06EF9C35, D2C6B0C0C9E951F6715252C54A620CF6AF1A3845014035334C92B3DDDEFD52E5 ] C:\Windows\System32\netlogon.dll

12:27:25.0803 0x095c  C:\Windows\System32\netlogon.dll - ok

12:27:25.0803 0x095c  [ 05A2D26ACF0939A4E97160315F1FA12E, 0F387E5719020F7E25EF58E71576397CBF61A3712093AD433E58BBB905577EAD ] C:\Windows\System32\dnsapi.dll

12:27:25.0803 0x095c  C:\Windows\System32\dnsapi.dll - ok

12:27:25.0813 0x095c  [ 8CE22E63F08613036DF8C7B00FBDF36B, 442DDE1C1F1073BFB1730D3B258D249DD6FFAED7D2452493C2E1D4CF48F5376C ] C:\Windows\System32\logoncli.dll

12:27:25.0813 0x095c  C:\Windows\System32\logoncli.dll - ok

12:27:25.0813 0x095c  [ 5A148B1574BE77742D337EC81C23FC7A, 12FFD0093228C39999A1A360CD2B743660D254AF4423E2884BDEC814EBB7783B ] C:\Windows\System32\schannel.dll

12:27:25.0813 0x095c  C:\Windows\System32\schannel.dll - ok

12:27:25.0813 0x095c  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll

12:27:25.0813 0x095c  C:\Windows\System32\wdigest.dll - ok

12:27:25.0813 0x095c  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll

12:27:25.0813 0x095c  C:\Windows\System32\rsaenh.dll - ok

12:27:25.0823 0x095c  [ 0DEFD5FBF801DD8F83BC0ED09861A8EC, A00E0CCDE4270452139C37E1599F3ED3ACCF02BEE371F5534E17E93DB46ED082 ] C:\Windows\System32\TSpkg.dll

12:27:25.0823 0x095c  C:\Windows\System32\TSpkg.dll - ok

12:27:25.0823 0x095c  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll

12:27:25.0823 0x095c  C:\Windows\System32\pku2u.dll - ok

12:27:25.0823 0x095c  [ DA090E97E57DCB48888015B5D3C749CD, 9C351013A7791CB0998E3E2519A460CBC6EED5E595EEA7A3394DA74738A7132E ] C:\Windows\System32\bcryptprimitives.dll

12:27:25.0823 0x095c  C:\Windows\System32\bcryptprimitives.dll - ok

12:27:25.0823 0x095c  [ 9301B8810B2DA4EB6AD55DB75FC1E339, 765D23BD3D5D8768550D82CFDBD26365E2AE896DE9E5F123CE4045BDF8E838BB ] C:\Windows\System32\credssp.dll

12:27:25.0823 0x095c  C:\Windows\System32\credssp.dll - ok

12:27:25.0823 0x095c  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll

12:27:25.0823 0x095c  C:\Windows\System32\efslsaext.dll - ok

12:27:25.0833 0x095c  [ 398712DDDAEFB85EDF61DF6A07B65C79, 08732BF5C5FFAF953FF4065AA5D35CFF797590E1C2CD12E4E923E932B5722A20 ] C:\Windows\System32\scecli.dll

12:27:25.0833 0x095c  C:\Windows\System32\scecli.dll - ok

12:27:25.0833 0x095c  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll

12:27:25.0833 0x095c  C:\Windows\System32\ubpm.dll - ok

12:27:25.0833 0x095c  [ D8C88512BA9544AE1CC2034F50ECFA12, 99CFB478DF31214E98CAB81EFF7346500579AE262100BD418F3C9D47437F4413 ] C:\Windows\System32\winsta.dll

12:27:25.0833 0x095c  C:\Windows\System32\winsta.dll - ok

12:27:25.0833 0x095c  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe

12:27:25.0833 0x095c  C:\Windows\System32\svchost.exe - ok

12:27:25.0843 0x095c  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] C:\Windows\System32\umpnpmgr.dll

12:27:25.0843 0x095c  C:\Windows\System32\umpnpmgr.dll - ok

12:27:25.0843 0x095c  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll

12:27:25.0843 0x095c  C:\Windows\System32\devrtl.dll - ok

12:27:25.0843 0x095c  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll

12:27:25.0843 0x095c  C:\Windows\System32\SPInf.dll - ok

12:27:25.0843 0x095c  [ 0776CF79590BDEF0A2728B0B9A813B96, 8205E0F3CC3DD8605769EC4DD85E6ACE89B219F62379C8FD74C62047BD339F22 ] C:\Windows\System32\userenv.dll

12:27:25.0843 0x095c  C:\Windows\System32\userenv.dll - ok

12:27:25.0853 0x095c  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll

12:27:25.0853 0x095c  C:\Windows\System32\gpapi.dll - ok

12:27:25.0853 0x095c  [ 81257415084B84F3C0D95C381A8D4C8F, 2C361196D0B06D8E361F1D68F708EEB02CB72BA204A1A2865041BD8C0C5D2A00 ] C:\Windows\System32\winlogon.exe

12:27:25.0853 0x095c  C:\Windows\System32\winlogon.exe - ok

12:27:25.0853 0x095c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll

12:27:25.0853 0x095c  C:\Windows\System32\umpo.dll - ok

12:27:25.0853 0x095c  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll

12:27:25.0853 0x095c  C:\Windows\System32\pcwum.dll - ok

12:27:25.0863 0x095c  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll

12:27:25.0863 0x095c  C:\Windows\System32\powrprof.dll - ok

12:27:25.0863 0x095c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys

12:27:25.0863 0x095c  C:\Windows\System32\drivers\luafv.sys - ok

12:27:25.0863 0x095c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] C:\Windows\System32\drivers\WUDFPf.sys

12:27:25.0863 0x095c  C:\Windows\System32\drivers\WUDFPf.sys - ok

12:27:25.0863 0x095c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] C:\Windows\System32\rpcss.dll

12:27:25.0863 0x095c  C:\Windows\System32\rpcss.dll - ok

12:27:25.0873 0x095c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll

12:27:25.0873 0x095c  C:\Windows\System32\RpcEpMap.dll - ok

12:27:25.0873 0x095c  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll

12:27:25.0873 0x095c  C:\Windows\System32\wshqos.dll - ok

12:27:25.0873 0x095c  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL

12:27:25.0873 0x095c  C:\Windows\System32\WSHTCPIP.DLL - ok

12:27:25.0873 0x095c  [ 93E6A39B1DB898F7C949FA5567E774CF, 914F12718CEF019DE2AB18776DD23C669F218B4FA2292BECFE34A95872040789 ] C:\Windows\System32\LogonUI.exe

12:27:25.0873 0x095c  C:\Windows\System32\LogonUI.exe - ok

12:27:25.0883 0x095c  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll

12:27:25.0883 0x095c  C:\Windows\System32\FirewallAPI.dll - ok

12:27:25.0883 0x095c  [ BCF0A980D21711E47D0803BDB0E99CAD, CBC125C6F043584416BC20CB1F12B2BFDC6D99DAC942EDDA90754779C947E31A ] C:\Windows\System32\authui.dll

12:27:25.0883 0x095c  C:\Windows\System32\authui.dll - ok

12:27:25.0883 0x095c  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll

12:27:25.0883 0x095c  C:\Windows\System32\version.dll - ok

12:27:25.0883 0x095c  [ 99ABDA9C92EC76CBAF52F00239D909C9, 2959EFBF1C597BABD5D934667255E7B8E098C4C7FEE9DED65C9D04ECA852D7A3 ] C:\Windows\System32\wevtsvc.dll

12:27:25.0883 0x095c  C:\Windows\System32\wevtsvc.dll - ok

12:27:25.0893 0x095c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] C:\Windows\System32\audiosrv.dll

12:27:25.0893 0x095c  C:\Windows\System32\audiosrv.dll - ok

12:27:25.0893 0x095c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll

12:27:25.0893 0x095c  C:\Windows\System32\mmcss.dll - ok

12:27:25.0893 0x095c  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll

12:27:25.0893 0x095c  C:\Windows\System32\avrt.dll - ok

12:27:25.0893 0x095c  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll

12:27:25.0893 0x095c  C:\Windows\System32\ntmarta.dll - ok

12:27:25.0903 0x095c  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll

12:27:25.0903 0x095c  C:\Windows\System32\MMDevAPI.dll - ok

12:27:25.0903 0x095c  [ B27EA141A7E748B607600A8551A44D5A, 551636B1E4A4D6CB21E243E2C01DDEA7CF5BACDD290B3A618DDD0055729F0F5E ] C:\Windows\System32\propsys.dll

12:27:25.0903 0x095c  C:\Windows\System32\propsys.dll - ok

12:27:25.0903 0x095c  [ D152EBC32A23069F8AA1D1F24B15E3F9, B032CC7CBD715196BEC3B0B7C2DFD1D6169B66CC1770DD4B708951CC87DD871B ] C:\Windows\System32\audiodg.exe

12:27:25.0903 0x095c  C:\Windows\System32\audiodg.exe - ok

12:27:25.0903 0x095c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] C:\Windows\System32\profsvc.dll

12:27:25.0903 0x095c  C:\Windows\System32\profsvc.dll - ok

12:27:25.0913 0x095c  [ EDF4DEC1041EEAF78A0B1E16C1BB4CC4, 72AB0E5499505AC25F4CACAB0C7581979100FAB552A253BB08DCD4643888702F ] C:\Windows\System32\fthsvc.dll

12:27:25.0913 0x095c  C:\Windows\System32\fthsvc.dll - ok

12:27:25.0913 0x095c  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll

12:27:25.0913 0x095c  C:\Windows\System32\adtschema.dll - ok

12:27:25.0913 0x095c  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll

12:27:25.0913 0x095c  C:\Windows\System32\radardt.dll - ok

12:27:25.0913 0x095c  [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll

12:27:25.0913 0x095c  C:\Program Files\Windows Defender\MpEvMsg.dll - ok

12:27:25.0923 0x095c  [ DBA90306A721FB922FDACED9E9728C28, 9D1F36D8A17DABED318B3AC4940FF537FFF9C77F6E8CF0EB799A68F5B7B34EB8 ] C:\Windows\System32\cryptui.dll

12:27:25.0923 0x095c  C:\Windows\System32\cryptui.dll - ok

12:27:25.0923 0x095c  [ C093E7835C1372D6D70A6675EDAA97B5, 644AC8EE600CD6A16BB6EE0C79EE128385E0C55FBD13CA18867D984F91B4ED99 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll

12:27:25.0923 0x095c  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll - ok

12:27:25.0923 0x095c  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll

12:27:25.0923 0x095c  C:\Windows\System32\samlib.dll - ok

12:27:25.0923 0x095c  [ 84F8C8B9FB1F12532999D25F5DD7E77C, D3442C2091D35A1483D3C317ED45B77F64BFE882992105DA97A6BF67E265B0D9 ] C:\Windows\System32\shacct.dll

12:27:25.0923 0x095c  C:\Windows\System32\shacct.dll - ok

12:27:25.0933 0x095c  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll

12:27:25.0933 0x095c  C:\Windows\System32\uxtheme.dll - ok

12:27:25.0933 0x095c  [ 01F92AA50D03D67A88579D496311B4B6, 8548A90EE2F755485A39F019641FA837335D536655442FEDAAA99EF0F20553C9 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\GdiPlus.dll

12:27:25.0933 0x095c  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\GdiPlus.dll - ok

12:27:25.0933 0x095c  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll

12:27:25.0933 0x095c  C:\Windows\System32\dui70.dll - ok

12:27:25.0943 0x095c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] C:\Windows\System32\drivers\fltMgr.sys

12:27:25.0943 0x095c  C:\Windows\System32\drivers\fltMgr.sys - ok

12:27:25.0943 0x095c  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

12:27:25.0943 0x095c  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

12:27:25.0943 0x095c  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL

12:27:25.0943 0x095c  C:\Windows\System32\PSHED.DLL - ok

12:27:25.0953 0x095c  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

12:27:25.0953 0x095c  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

12:27:25.0953 0x095c  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll

12:27:25.0953 0x095c  C:\Windows\System32\duser.dll - ok

12:27:25.0953 0x095c  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll

12:27:25.0953 0x095c  C:\Windows\System32\hid.dll - ok

12:27:25.0963 0x095c  [ B2E3D4BB3389817FB5E4CD9378BC8791, 827432B830552DE87D44B0B3D298CC9E17A81C352803D439753135B35F7AAD67 ] C:\Windows\System32\SndVolSSO.dll

12:27:25.0963 0x095c  C:\Windows\System32\SndVolSSO.dll - ok

12:27:25.0963 0x095c  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll

12:27:25.0963 0x095c  C:\Windows\System32\dwmapi.dll - ok

12:27:25.0963 0x095c  [ D6F630C1FD7F436316093AE500363B19, 73A94B4938430396EA4240B1A6676B4E6C19CFAF8C52EFB9A69B4B2175A86307 ] C:\Windows\System32\xmllite.dll

12:27:25.0963 0x095c  C:\Windows\System32\xmllite.dll - ok

12:27:25.0963 0x095c  [ EA99F234843BBDDA1ABD2767111ADE25, EF578F52BB359DA01465A754EAB6289232F80661774E6C0E1E1469573006CD72 ] C:\Windows\System32\WindowsCodecs.dll

12:27:25.0963 0x095c  C:\Windows\System32\WindowsCodecs.dll - ok

12:27:25.0973 0x095c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] C:\Windows\System32\gpsvc.dll

12:27:25.0973 0x095c  C:\Windows\System32\gpsvc.dll - ok

12:27:25.0973 0x095c  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll

12:27:25.0973 0x095c  C:\Windows\System32\atl.dll - ok

12:27:25.0973 0x095c  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll

12:27:25.0973 0x095c  C:\Windows\System32\dsrole.dll - ok

12:27:25.0983 0x095c  [ 86E3822A34D454032D8E88C72AE8CF2D, 3A8DA946AFAC023254E9D260BFB796FF356A3978F28DA1FC6B939B0E234C9A64 ] C:\Windows\System32\nlaapi.dll

12:27:25.0983 0x095c  C:\Windows\System32\nlaapi.dll - ok

12:27:25.0983 0x095c  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll

12:27:25.0983 0x095c  C:\Windows\System32\slc.dll - ok

12:27:25.0983 0x095c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll

12:27:25.0983 0x095c  C:\Windows\System32\themeservice.dll - ok

12:27:25.0983 0x095c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll

12:27:25.0983 0x095c  C:\Windows\System32\es.dll - ok

12:27:25.0994 0x095c  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll

12:27:25.0994 0x095c  C:\Windows\System32\comres.dll - ok

12:27:25.0996 0x095c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll

12:27:25.0996 0x095c  C:\Windows\System32\Sens.dll - ok

12:27:25.0996 0x095c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll

12:27:25.0996 0x095c  C:\Windows\System32\uxsms.dll - ok

12:27:25.0996 0x095c  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll

12:27:25.0996 0x095c  C:\Windows\System32\wtsapi32.dll - ok

12:27:25.0996 0x095c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] C:\Windows\System32\WUDFSvc.dll

12:27:25.0996 0x095c  C:\Windows\System32\WUDFSvc.dll - ok

12:27:26.0006 0x095c  [ 37B68E458C0BC255DF2FB7454D0798D3, ADA50F59137E650E7A7256E5E1A5B5F52273A44CEDD2F7BB5709F1109AA67930 ] C:\Windows\System32\WUDFPlatform.dll

12:27:26.0006 0x095c  C:\Windows\System32\WUDFPlatform.dll - ok

12:27:26.0006 0x095c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys

12:27:26.0006 0x095c  C:\Windows\System32\drivers\lltdio.sys - ok

12:27:26.0006 0x095c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys

12:27:26.0006 0x095c  C:\Windows\System32\drivers\rspndr.sys - ok

12:27:26.0006 0x095c  [ 57FE2CFC2F25C200499D5D934EA24EB5, 4802E9A2AE7849AAF1103113A9DB3647CFD7EA7472E712D3A1E768DA81A24F74 ] C:\Windows\System32\IPHLPAPI.DLL

12:27:26.0006 0x095c  C:\Windows\System32\IPHLPAPI.DLL - ok

12:27:26.0016 0x095c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll

12:27:26.0016 0x095c  C:\Windows\System32\lmhsvc.dll - ok

12:27:26.0016 0x095c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll

12:27:26.0016 0x095c  C:\Windows\System32\nsisvc.dll - ok

12:27:26.0016 0x095c  [ FD5BA198F7190DFE9BE1947EB8710396, DF901E8704FE4EFA7E386D0B432BDAF5129C8BBAF635921CEF16A2E016151B80 ] C:\Windows\System32\nrpsrv.dll

12:27:26.0016 0x095c  C:\Windows\System32\nrpsrv.dll - ok

12:27:26.0016 0x095c  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll

12:27:26.0016 0x095c  C:\Windows\System32\winnsi.dll - ok

12:27:26.0016 0x095c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] C:\Windows\System32\dhcpcore.dll

12:27:26.0016 0x095c  C:\Windows\System32\dhcpcore.dll - ok

12:27:26.0026 0x095c  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] C:\Windows\System32\dnsrslvr.dll

12:27:26.0026 0x095c  C:\Windows\System32\dnsrslvr.dll - ok

12:27:26.0026 0x095c  [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll

12:27:26.0026 0x095c  C:\Windows\System32\dhcpcore6.dll - ok

12:27:26.0026 0x095c  [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL

12:27:26.0026 0x095c  C:\Windows\System32\FWPUCLNT.DLL - ok

12:27:26.0026 0x095c  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll

12:27:26.0026 0x095c  C:\Windows\System32\dnsext.dll - ok

12:27:26.0036 0x095c  [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll

12:27:26.0036 0x095c  C:\Windows\System32\dhcpcsvc6.dll - ok

12:27:26.0036 0x095c  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll

12:27:26.0036 0x095c  C:\Windows\System32\dhcpcsvc.dll - ok

12:27:26.0036 0x095c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] C:\Windows\System32\shsvcs.dll

12:27:26.0036 0x095c  C:\Windows\System32\shsvcs.dll - ok

12:27:26.0036 0x095c  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] C:\Windows\System32\schedsvc.dll

12:27:26.0036 0x095c  C:\Windows\System32\schedsvc.dll - ok

12:27:26.0066 0x095c  [ 1C10772935D67F74ABDFE542ECE7551D, A42095C09C1827203DD2A271B116010E8DCBFBB8C21779425018AF92DF4F2C93 ] C:\Windows\System32\netapi32.dll

12:27:26.0066 0x095c  C:\Windows\System32\netapi32.dll - ok

12:27:26.0066 0x095c  [ 4C8C2F987FC397DCE98874D6C9C0736A, 005D2CF9311799E8151B7154469D10D9346AFC2E0BF88358E54A091D5D14B970 ] C:\Windows\System32\netutils.dll

12:27:26.0066 0x095c  C:\Windows\System32\netutils.dll - ok

12:27:26.0066 0x095c  [ B33CBD1A8C2A33121321D0FEBD7DD870, 248E01B3E88D0243AF4771A18AFCDE3DB04475EFB7D0E426CA1D00358C84A465 ] C:\Windows\System32\wkscli.dll

12:27:26.0066 0x095c  C:\Windows\System32\wkscli.dll - ok

12:27:26.0066 0x095c  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll

12:27:26.0066 0x095c  C:\Windows\System32\ktmw32.dll - ok

12:27:26.0076 0x095c  [ 1B38A0F123FCF1546FACEAF1EFAFAA00, CC3972B3011078568E548D97202973F374F7BA5BD23B4A52786D23D881281E10 ] C:\Windows\System32\fveapi.dll

12:27:26.0076 0x095c  C:\Windows\System32\fveapi.dll - ok

12:27:26.0076 0x095c  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll

12:27:26.0076 0x095c  C:\Windows\System32\fvecerts.dll - ok

12:27:26.0076 0x095c  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll

12:27:26.0076 0x095c  C:\Windows\System32\tbs.dll - ok

12:27:26.0076 0x095c  [ AEFBD8D2C9CE363F84AE0F89036412A6, 9C6749E8827E74E58BEC64092F8F686B83F768CBAC6171F574D5687BC0857F3C ] C:\Windows\System32\taskcomp.dll

12:27:26.0076 0x095c  C:\Windows\System32\taskcomp.dll - ok

12:27:26.0086 0x095c  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll

12:27:26.0086 0x095c  C:\Windows\System32\wiarpc.dll - ok

12:27:26.0086 0x095c  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll

12:27:26.0086 0x095c  C:\Windows\System32\VaultCredProvider.dll - ok

12:27:26.0086 0x095c  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll

12:27:26.0086 0x095c  C:\Windows\System32\winbrand.dll - ok

12:27:26.0086 0x095c  [ 2A381A9740165D7A1405148B6DFB3E38, 885241B9ED8A6074D428FDE0B326B2E1A59254CE779B884EE61716F45CDF2712 ] C:\Windows\System32\SmartcardCredentialProvider.dll

12:27:26.0086 0x095c  C:\Windows\System32\SmartcardCredentialProvider.dll - ok

12:27:26.0096 0x095c  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll

12:27:26.0096 0x095c  C:\Windows\System32\BioCredProv.dll - ok

12:27:26.0096 0x095c  [ 97D38371502AA797DB14EB1FA5FCE4CD, 6F71EF6DE07C2A34339726775FF8D8A64254A287B5D1972B55D9874EC9E6912F ] C:\Windows\System32\credui.dll

12:27:26.0096 0x095c  C:\Windows\System32\credui.dll - ok

12:27:26.0096 0x095c  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll

12:27:26.0096 0x095c  C:\Windows\System32\winbio.dll - ok

12:27:26.0096 0x095c  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll

12:27:26.0096 0x095c  C:\Windows\System32\certCredProvider.dll - ok

12:27:26.0106 0x095c  [ A87205FE194B239D8D96E4972B779CC1, F392004842E291097385A0C1DC9143356CA195B18638E58E552BA20F386489AC ] C:\Windows\System32\samcli.dll

12:27:26.0106 0x095c  C:\Windows\System32\samcli.dll - ok

12:27:26.0106 0x095c  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll

12:27:26.0106 0x095c  C:\Windows\System32\vaultcli.dll - ok

12:27:26.0106 0x095c  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll

12:27:26.0106 0x095c  C:\Windows\System32\rasplap.dll - ok

12:27:26.0106 0x095c  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll

12:27:26.0106 0x095c  C:\Windows\System32\rasapi32.dll - ok

12:27:26.0106 0x095c  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll

12:27:26.0106 0x095c  C:\Windows\System32\rasman.dll - ok

12:27:26.0116 0x095c  [ C1F1090BC239590DF6CAE1807A373DAB, B52D14840CB473EBB12031BE36D62841DB67C07558ECFD556631A4CDA7657D5C ] C:\Windows\System32\rtutils.dll

12:27:26.0116 0x095c  C:\Windows\System32\rtutils.dll - ok

12:27:26.0116 0x095c  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll

12:27:26.0116 0x095c  C:\Windows\System32\UXInit.dll - ok

12:27:26.0116 0x095c  [ 9869A4A10B90546DBD56947839FB4B87, 66C84DCF39D9F6896D55B1623184A028891A0A98ABE6044DE1D4BAD60C3C8D72 ] C:\Windows\System32\oleacc.dll

12:27:26.0116 0x095c  C:\Windows\System32\oleacc.dll - ok

12:27:26.0116 0x095c  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll

12:27:26.0116 0x095c  C:\Windows\System32\UIAutomationCore.dll - ok

12:27:26.0126 0x095c  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll

12:27:26.0126 0x095c  C:\Windows\System32\msimg32.dll - ok

12:27:26.0126 0x095c  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll

12:27:26.0126 0x095c  C:\Windows\System32\imageres.dll - ok

12:27:26.0126 0x095c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] C:\Windows\System32\drivers\http.sys

12:27:26.0126 0x095c  C:\Windows\System32\drivers\http.sys - ok

12:27:26.0126 0x095c  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] C:\Windows\System32\spoolsv.exe

12:27:26.0126 0x095c  C:\Windows\System32\spoolsv.exe - ok

12:27:26.0136 0x095c  [ C1BDC97E8C9404245DE87F1EF08D1764, 537043D7EF12C518198B70012A01D323A192F4416C6A37F490123DF0BE4CD18B ] C:\Windows\System32\taskeng.exe

12:27:26.0136 0x095c  C:\Windows\System32\taskeng.exe - ok

12:27:26.0136 0x095c  [ 02F31439AF6499B530AC285C0863BB9E, C705C67E8B46EA822E91966AB381ABDA6AC947FEBA48A554C250108EEB607C7D ] C:\Windows\System32\ci.dll

12:27:26.0136 0x095c  C:\Windows\System32\ci.dll - ok

12:27:26.0136 0x095c  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll

12:27:26.0136 0x095c  C:\Windows\System32\TSChannel.dll - ok

12:27:26.0136 0x095c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] C:\Windows\System32\BFE.DLL

12:27:26.0136 0x095c  C:\Windows\System32\BFE.DLL - ok

12:27:26.0146 0x095c  [ C746CD166372F3C6F364B62F2C2C8B20, 3D1D4CE1DB1EA2563C361CBD66A5471F10D84D344C057D753459F311A187AC2F ] C:\Windows\AutoKMS\AutoKMS.exe

12:27:26.0146 0x095c  C:\Windows\AutoKMS\AutoKMS.exe - ok

12:27:26.0146 0x095c  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] C:\Windows\System32\drivers\bowser.sys

12:27:26.0146 0x095c  C:\Windows\System32\drivers\bowser.sys - ok

12:27:26.0146 0x095c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys

12:27:26.0146 0x095c  C:\Windows\System32\drivers\mpsdrv.sys - ok

12:27:26.0146 0x095c  [ 72AB6633E9B39EC7FEBEDF083A9061E5, 758E5BA89665C574456A2A826EF5A7DC2487C8379893010EB57BC40127AC918F ] C:\Windows\System32\mscoree.dll

12:27:26.0146 0x095c  C:\Windows\System32\mscoree.dll - ok

12:27:26.0156 0x095c  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] C:\Windows\System32\drivers\mrxsmb.sys

12:27:26.0156 0x095c  C:\Windows\System32\drivers\mrxsmb.sys - ok

12:27:26.0156 0x095c  [ F64E8258351E501AA065AC499530367C, BE33C8A82E6EC9A65EAFEF72420EEB2C81ED7F2B217B3C6DED5CEA042E832487 ] C:\Windows\System32\conhost.exe

12:27:26.0156 0x095c  C:\Windows\System32\conhost.exe - ok

12:27:26.0156 0x095c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] C:\Windows\System32\MPSSVC.dll

12:27:26.0156 0x095c  C:\Windows\System32\MPSSVC.dll - ok

12:27:26.0156 0x095c  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] C:\Windows\System32\drivers\mrxsmb10.sys

12:27:26.0156 0x095c  C:\Windows\System32\drivers\mrxsmb10.sys - ok

12:27:26.0156 0x095c  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] C:\Windows\System32\drivers\mrxsmb20.sys

12:27:26.0156 0x095c  C:\Windows\System32\drivers\mrxsmb20.sys - ok

12:27:26.0166 0x095c  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll

12:27:26.0166 0x095c  C:\Windows\System32\wfapigp.dll - ok

12:27:26.0166 0x095c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] C:\Windows\System32\wkssvc.dll

12:27:26.0166 0x095c  C:\Windows\System32\wkssvc.dll - ok

12:27:26.0166 0x095c  [ 961036B3C6282C646B9ADBC8BB32C983, 47757F19EB8F6E23602A1E2FF34C4BAC2DC1D28B0D63588C5056FE655116F9EB ] C:\Windows\System32\mscms.dll

12:27:26.0166 0x095c  C:\Windows\System32\mscms.dll - ok

12:27:26.0166 0x095c  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe

12:27:26.0166 0x095c  C:\Windows\System32\dllhost.exe - ok

12:27:26.0176 0x095c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll

12:27:26.0176 0x095c  C:\Windows\System32\pcasvc.dll - ok

12:27:26.0176 0x095c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe

12:27:26.0176 0x095c  C:\Windows\System32\snmptrap.exe - ok

12:27:26.0176 0x095c  [ 32AD6B4D813643E339EB8EA7AB18670B, 4A97F2E303ED16AED9EBB948DC76562558292B1DC934664C7406D1E066FA34D3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

12:27:26.0176 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

12:27:26.0176 0x095c  [ F071761F49982BA98C47CF610D3FD4C6, 5E4A31AAD6356759A17E8060DA1DF0C306594E8043DA60C8750557B175AB75E4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll

12:27:26.0176 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok

12:27:26.0186 0x095c  [ 836B35C5C8C5E6DE6CB0035D075755C7, C1522217DF4AACEA708C6D156765EBA9646D335A86644E3787B81FC0FB06E80E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll

12:27:26.0186 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok

12:27:26.0186 0x095c  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll

12:27:26.0186 0x095c  C:\Windows\System32\IDStore.dll - ok

12:27:26.0186 0x095c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] C:\Windows\System32\provsvc.dll

12:27:26.0186 0x095c  C:\Windows\System32\provsvc.dll - ok

12:27:26.0186 0x095c  [ F3244E8AE8B1CA3448468EF565226303, DC7C712BDAAC9B3F9D480C15D6CF801F8084BE8D1535D0F926E72BFC4BF6367F ] C:\Windows Activation Technologies\wat.exe

12:27:26.0186 0x095c  C:\Windows Activation Technologies\wat.exe - ok

12:27:26.0196 0x095c  [ 3EEFB971D61EF9638FD21F14C703CA11, A01BCD7E884E407C82DEB84D5B31F517F32A4FA2CF143372BAC896CC9478BE0E ] C:\Windows\System32\taskhost.exe

12:27:26.0196 0x095c  C:\Windows\System32\taskhost.exe - ok

12:27:26.0196 0x095c  [ D0B2C365CAB344F1BED8A0DADD507D96, 5963088A25A0B980148CFDED7718F342E5C1CAD6CDBC40BF2186A90437AE5211 ] C:\Windows\SysWOW64\ntdll.dll

12:27:26.0196 0x095c  C:\Windows\SysWOW64\ntdll.dll - ok

12:27:26.0196 0x095c  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll

12:27:26.0196 0x095c  C:\Windows\System32\rasadhlp.dll - ok

12:27:26.0196 0x095c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll

12:27:26.0196 0x095c  C:\Windows\System32\sstpsvc.dll - ok

12:27:26.0206 0x095c  [ 13F03B7C59D28C82F6B689FF90003471, 1C7BDFED01DDE526580E0F97149C4B045C52B52FBD9E6F0682459296B521AE6D ] C:\Windows\System32\localspl.dll

12:27:26.0206 0x095c  C:\Windows\System32\localspl.dll - ok

12:27:26.0206 0x095c  [ 2017BFE87CAB3D7EF632CFD2AA08D3F0, 8A03D1EB5091E1C1DBD909CDC401DA2E876B0EA9893126840B8B87426C211992 ] C:\Windows\System32\umb.dll

12:27:26.0206 0x095c  C:\Windows\System32\umb.dll - ok

12:27:26.0206 0x095c  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll

12:27:26.0206 0x095c  C:\Windows\System32\PlaySndSrv.dll - ok

12:27:26.0206 0x095c  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:27:26.0206 0x095c  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

12:27:26.0216 0x095c  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll

12:27:26.0216 0x095c  C:\Windows\System32\MsCtfMonitor.dll - ok

12:27:26.0216 0x095c  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll

12:27:26.0216 0x095c  C:\Windows\System32\msutb.dll - ok

12:27:26.0216 0x095c  [ 7F37322A489E285CFBCC02F6A53B3F1B, 7A64799611A5A1B251C4136AC486A4D3D9145E3F95D6056ED0FEE24C7E050472 ] C:\Windows\System32\HotStartUserAgent.dll

12:27:26.0216 0x095c  C:\Windows\System32\HotStartUserAgent.dll - ok

12:27:26.0216 0x095c  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll

12:27:26.0216 0x095c  C:\Windows\System32\mpr.dll - ok

12:27:26.0226 0x095c  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe

12:27:26.0226 0x095c  C:\Windows\System32\dwm.exe - ok

12:27:26.0226 0x095c  [ 6F8F1376A13114CC10C0E69274F5A4DE, 8EFD33E1C5A40C231BCB8ED73277F645BE87AE03FCDBA8134FAC053E90290A9C ] C:\Windows\System32\userinit.exe

12:27:26.0226 0x095c  C:\Windows\System32\userinit.exe - ok

12:27:26.0226 0x095c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:27:26.0226 0x095c  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok

12:27:26.0226 0x095c  [ F99A7E8B9DD9E511769C550E2174E4ED, 207773B827EA8FD675E99414D9975B08E828BC0984F464EB62A3F4FF02D49FFF ] C:\Windows\System32\wow64.dll

12:27:26.0226 0x095c  C:\Windows\System32\wow64.dll - ok

12:27:26.0236 0x095c  [ 982A28EE7BADBF30B6BC774035DD318F, F818DC2E6696D6518F4DA1A2AA7A10FFF825733B8C48F72451C9D0411CF6EC5B ] C:\Windows\System32\wow64win.dll

12:27:26.0236 0x095c  C:\Windows\System32\wow64win.dll - ok

12:27:26.0236 0x095c  [ 5E39878945C109AC68AC81A96DF4EC77, A27F6F6AA2A463B4DDC33996F1CE9C9E9F7B7DB09247B11CB401EF9E11F62320 ] C:\Windows\System32\wow64cpu.dll

12:27:26.0236 0x095c  C:\Windows\System32\wow64cpu.dll - ok

12:27:26.0236 0x095c  [ 606ECB76A424CC535407E7A24E2A34BC, 2F579AF0D0F50235CD95DCF4CFA91426F169A75503B1FD5A81D7E0CFC9AA2277 ] C:\Windows\SysWOW64\kernel32.dll

12:27:26.0236 0x095c  C:\Windows\SysWOW64\kernel32.dll - ok

12:27:26.0236 0x095c  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll

12:27:26.0236 0x095c  C:\Windows\System32\winmm.dll - ok

12:27:26.0246 0x095c  [ 9D8AB964CE511AF81207DF0E1205184C, 35DCB9F5DD59F97337B293EC55C5FADAA41806BA050592790338E34D843DA4B1 ] C:\Windows\System32\dwmcore.dll

12:27:26.0246 0x095c  C:\Windows\System32\dwmcore.dll - ok

12:27:26.0246 0x095c  [ EF184066A851E7838D5BF8C8FAE66CC4, 813247114C5AA374585F669ADA5DFD25615D1B15B14518A195995D5BF7A8FA25 ] C:\Windows\System32\dwmredir.dll

12:27:26.0246 0x095c  C:\Windows\System32\dwmredir.dll - ok

12:27:26.0246 0x095c  [ C235A51CB740E45FFA0EBFB9BAFCDA64, 61B1D70635BD5A9AC8AF3F2EBC56B34EE25FC19E4CA48DCB7B49A6BF629548C6 ] C:\Windows\explorer.exe

12:27:26.0246 0x095c  C:\Windows\explorer.exe - ok

12:27:26.0246 0x095c  [ 2DBB169F798F233BC0815A797F5FCE31, A3780732A2BDF4AA821B133BD1482396916BAAC1FD90741832801C65FAA868CD ] C:\Windows\System32\ExplorerFrame.dll

12:27:26.0246 0x095c  C:\Windows\System32\ExplorerFrame.dll - ok

12:27:26.0256 0x095c  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll

12:27:26.0256 0x095c  C:\Windows\System32\EhStorShell.dll - ok

12:27:26.0256 0x095c  [ A71A930E1E61E73DA97423BDB95CE2D8, 80F65CBCF64BF5DE2C957C83AF1A41E9FD624BB88C873A4204CCDE77ED428BE7 ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

12:27:26.0256 0x095c  C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok

12:27:26.0256 0x095c  [ 0C65FA8214D6F8378D1D3BA1CA46AF0A, C8D0226F39A9DE3B871E84BB6B14975CBBE16A34ADAACBC33ACF726EE6E17104 ] C:\Windows\SysWOW64\advapi32.dll

12:27:26.0256 0x095c  C:\Windows\SysWOW64\advapi32.dll - ok

12:27:26.0256 0x095c  [ E553135C97982EDACDECDE48D3E38458, 7F530357C47102EA1E6F33281724C702CB785A72A0F412FFC7238EE9F593E8BB ] C:\Windows\SysWOW64\KernelBase.dll

12:27:26.0256 0x095c  C:\Windows\SysWOW64\KernelBase.dll - ok

12:27:26.0266 0x095c  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll

12:27:26.0266 0x095c  C:\Windows\SysWOW64\user32.dll - ok

12:27:26.0266 0x095c  [ E46D48A7FE961401F1CBF85531CDF05D, 24CA38641020FF9E07E16CE3992212E2BFD2759E902D12744D4989ADF11995BF ] C:\Windows\SysWOW64\msvcrt.dll

12:27:26.0266 0x095c  C:\Windows\SysWOW64\msvcrt.dll - ok

12:27:26.0266 0x095c  [ FBE1E0B9EF53B5BB7C36763AA6A685CF, E999D53365387DCE50BE8A0FBD5E05222636D8CDDB309A529380076BE778729D ] C:\Windows\SysWOW64\gdi32.dll

12:27:26.0266 0x095c  C:\Windows\SysWOW64\gdi32.dll - ok

12:27:26.0266 0x095c  [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll

12:27:26.0266 0x095c  C:\Windows\SysWOW64\lpk.dll - ok

12:27:26.0266 0x095c  [ 0BA19F3198C40AC4E8CC66EE02EDA6C6, 4555FB6ED0F286DF94FEACFEC36BF23E0F586CFA80DEE45C5EA7A0760C967E84 ] C:\Windows\SysWOW64\usp10.dll

12:27:26.0266 0x095c  C:\Windows\SysWOW64\usp10.dll - ok

12:27:26.0276 0x095c  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll

12:27:26.0276 0x095c  C:\Windows\SysWOW64\sechost.dll - ok

12:27:26.0276 0x095c  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll

12:27:26.0276 0x095c  C:\Windows\System32\spoolss.dll - ok

12:27:26.0276 0x095c  [ 02CDEB5D8B3DD5F6770DEFFBBC0CFAD0, A67878B5CC9109AA8513C0307EEDCB17840288509BF80838E2A753C632B47521 ] C:\Windows\System32\winspool.drv

12:27:26.0276 0x095c  C:\Windows\System32\winspool.drv - ok

12:27:26.0276 0x095c  [ 20BEB8C403C6E28C9B13644787F5177D, D3E2DAC2A8BEFC10C1F16FD3B297BF5551254D4DB1C791CA795AA083EADA08F9 ] C:\Windows\System32\FXSMON.dll

12:27:26.0276 0x095c  C:\Windows\System32\FXSMON.dll - ok

12:27:26.0286 0x095c  [ 33CC7FFA41F6157592E1578BD253F30E, 03D3473A02B8A8D9D8EA74D588552FB7972600902188659832FBD2CF91B594FC ] C:\Windows\System32\PrintIsolationProxy.dll

12:27:26.0286 0x095c  C:\Windows\System32\PrintIsolationProxy.dll - ok

12:27:26.0286 0x095c  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll

12:27:26.0286 0x095c  C:\Windows\System32\tcpmon.dll - ok

12:27:26.0286 0x095c  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll

12:27:26.0286 0x095c  C:\Windows\System32\snmpapi.dll - ok

12:27:26.0286 0x095c  [ AD7C70077D4C81558E909D34EF6B995E, 41F3A6166FFC8BBCC952BB06F9639B6B6B016970971E1E249917B305F6DD45C8 ] C:\Windows\System32\wsnmp32.dll

12:27:26.0286 0x095c  C:\Windows\System32\wsnmp32.dll - ok

12:27:26.0296 0x095c  [ 74FFD39A69774524F1FB6A6E7E781494, 31494F12D836704CE039DCAA1A61D78751ADAEFF9B7A1539D0BE1FA576BE7BD4 ] C:\Windows\System32\msxml6.dll

12:27:26.0296 0x095c  C:\Windows\System32\msxml6.dll - ok

12:27:26.0296 0x095c  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll

12:27:26.0296 0x095c  C:\Windows\System32\usbmon.dll - ok

12:27:26.0296 0x095c  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll

12:27:26.0296 0x095c  C:\Windows\System32\WSDMon.dll - ok

12:27:26.0296 0x095c  [ 05FE4A30177E858B51F5E1E970FE9925, 83711861B648EBC744BDC846DBF043C9D6ED8324E5768A40338C6161613C2E70 ] C:\Windows\System32\WSDApi.dll

12:27:26.0296 0x095c  C:\Windows\System32\WSDApi.dll - ok

12:27:26.0306 0x095c  [ A3EA403D2B74C5F71B7E8B3DAE92DE1E, DF91A8D06EA27D4CF7D61A8EF488D4F42DE88629CC2BC9F4A72B66FF2D6CEE4B ] C:\Windows\System32\webservices.dll

12:27:26.0306 0x095c  C:\Windows\System32\webservices.dll - ok

12:27:26.0306 0x095c  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll

12:27:26.0306 0x095c  C:\Windows\System32\fundisc.dll - ok

12:27:26.0306 0x095c  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll

12:27:26.0306 0x095c  C:\Windows\System32\fdPnp.dll - ok

12:27:26.0306 0x095c  [ 7EDB2BF840ECB14D6E6B11C035708719, 42633433A5BB105A18BF2B10F28C9A801B08E4321757530646FBD96227A3AB94 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

12:27:26.0306 0x095c  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

12:27:26.0316 0x095c  [ 79A37AE3806851CB445C475D527CF685, 9B5E374C8C56C492F98068D3F973DFFA46D203AD6799146817753FE4C6765C0F ] C:\Windows\System32\win32spl.dll

12:27:26.0316 0x095c  C:\Windows\System32\win32spl.dll - ok

12:27:26.0316 0x095c  [ 17EAB1AEA937EFFCD107EFBA94FEDB34, 544CE9BFE2291D985FDD3505ADDE42478C8C69D8B116B54F531DD0D2D72D160D ] C:\Windows\System32\inetpp.dll

12:27:26.0316 0x095c  C:\Windows\System32\inetpp.dll - ok

12:27:26.0316 0x095c  [ 90385551B6B3793E949DF310A11D64E7, 11AF8D1723F6C57781B200CD78A93686BF26B645ACEEF336FAC7E7E53C4E0946 ] C:\Windows\SysWOW64\rpcrt4.dll

12:27:26.0316 0x095c  C:\Windows\SysWOW64\rpcrt4.dll - ok

12:27:26.0316 0x095c  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll

12:27:26.0316 0x095c  C:\Windows\SysWOW64\cryptbase.dll - ok

12:27:26.0326 0x095c  [ FADBB267FE9846233ED486DE6EEAAEB9, 7F038884CA763BBEB6E2ACADB4B58DBC5EE9D6A4FDC6C59B5AC8556850E1468E ] C:\Windows\SysWOW64\oleaut32.dll

12:27:26.0326 0x095c  C:\Windows\SysWOW64\oleaut32.dll - ok

12:27:26.0326 0x095c  [ FF5417CED6D8364082E32EFA487A5CE9, 7385D44B6A7283EC555FAA9BCADBAA2D2F85080F9CA6A5198BA1813E9F21362E ] C:\Windows\SysWOW64\sspicli.dll

12:27:26.0326 0x095c  C:\Windows\SysWOW64\sspicli.dll - ok

12:27:26.0326 0x095c  [ 518C6116079414E7074E726925D07A41, 419DB5CB061EAA5DCC4E6C91E02889C3681DA9F69D663A891FBDC3DF591A9247 ] C:\Windows\SysWOW64\shell32.dll

12:27:26.0326 0x095c  C:\Windows\SysWOW64\shell32.dll - ok

12:27:26.0326 0x095c  [ 4ACB903AD1693858A918907358CBD9E4, F7A5F4F958EB9A79C842A35CB4EE3947CC1F4F2DB4FCB5C90F8C99EF386009D3 ] C:\Windows\SysWOW64\ole32.dll

12:27:26.0326 0x095c  C:\Windows\SysWOW64\ole32.dll - ok

12:27:26.0336 0x095c  [ BFEBE1E4B301F44CEA7C1B4021BD0264, F6984FC40F1731A936A1671A422FF750056418199576EDCD5F9373A23D0D0221 ] C:\Windows\System32\cscapi.dll

12:27:26.0336 0x095c  C:\Windows\System32\cscapi.dll - ok

12:27:26.0336 0x095c  [ D63BEE2A8B22482F7080A8D3F2E1A733, 20E2CC793E55548CA8F6EB7F02D51EEA7632E16302C9213705F3A9684AD9F41F ] C:\Windows\System32\d3d10_1.dll

12:27:26.0336 0x095c  C:\Windows\System32\d3d10_1.dll - ok

12:27:26.0336 0x095c  [ 91D8BEFA67DCD56721A02EDEA423EAF8, 7A4E81E1F2DF02409566B51B09B77E31DA61E5B35A4BE65267C6457546A5AC38 ] C:\Windows\System32\d3d10_1core.dll

12:27:26.0336 0x095c  C:\Windows\System32\d3d10_1core.dll - ok

12:27:26.0336 0x095c  [ D95DB5C915C001F78709C17285109BDC, 2A538725F8E2E0A394CA58CD262C5159BCA59B12C591EC59F2E052FDAA21F99F ] C:\Windows\System32\dxgi.dll

12:27:26.0336 0x095c  C:\Windows\System32\dxgi.dll - ok

12:27:26.0336 0x095c  [ 5D11EBF91F2C7D87B9B1B49688965C13, 9D2F57A4EE33EABEC77831386DAD3B6EDA8DA483F4C155C0B0ED4B089AB95067 ] C:\Windows\System32\nvwgf2umx.dll

12:27:26.0336 0x095c  C:\Windows\System32\nvwgf2umx.dll - ok

12:27:26.0346 0x095c  [ E0B08BF5E945ED755080908B5523F575, D724463BCD7140F20F92F6C8460E674348297D133F3D37C4BC611296880840D1 ] C:\Windows\System32\msvcr120_clr0400.dll

12:27:26.0346 0x095c  C:\Windows\System32\msvcr120_clr0400.dll - ok

12:27:26.0346 0x095c  [ B6CA20E9F4D65230214901174EBC77CB, B8CD066EFE05DC75B3C751E9DA71D96469AD9A387C546A21F59AA313D393B1E0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\701f2b79b02a02beba70e50bb2edb212\mscorlib.ni.dll

12:27:26.0346 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\701f2b79b02a02beba70e50bb2edb212\mscorlib.ni.dll - ok

12:27:26.0346 0x095c  [ F037DB14CF6165C62F4A64D12A25B07C, 26CE06C858F59691F6D6D41E0031D9CD1ACB9AF24569FC3A0E869C08AA5225B5 ] C:\Windows\SysWOW64\shlwapi.dll

12:27:26.0346 0x095c  C:\Windows\SysWOW64\shlwapi.dll - ok

12:27:26.0356 0x095c  [ 0DE3069D6E09BA262856EF31C941BEFE, 5F73305B7910B486882AFA838F1A0F0104B8FB1C2EAC14623D2028D23A704CA7 ] C:\Windows\SysWOW64\imm32.dll

12:27:26.0356 0x095c  C:\Windows\SysWOW64\imm32.dll - ok

12:27:26.0356 0x095c  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll

12:27:26.0356 0x095c  C:\Windows\SysWOW64\msctf.dll - ok

12:27:26.0356 0x095c  [ E6B5DE86ABF68D7D67E451C29287B5C5, AFE45D233FFBC190B3F13D357C973D20122B3C08A06BFF1CE70C0D46E44C5532 ] C:\Windows\SysWOW64\crypt32.dll

12:27:26.0356 0x095c  C:\Windows\SysWOW64\crypt32.dll - ok

12:27:26.0356 0x095c  [ 1A6B6EE6B5C17A397D1685FDF7E20E90, 0D0E8F6953A823A315C1DF3DEFA76DC46F422A6E9704DE908D71CBD238FAFDDA ] C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll

12:27:26.0356 0x095c  C:\Program Files (x86)\Google\Update\1.3.32.7\goopdate.dll - ok

12:27:26.0356 0x095c  [ 26EAEE08CAF82AA7F03C5020F51DA541, 5541193DD9A16E27339225E6BA4F2664B0B166E9A13D2FFF267F6E15211B5794 ] C:\Windows\SysWOW64\propsys.dll

12:27:26.0366 0x095c  C:\Windows\SysWOW64\propsys.dll - ok

12:27:26.0366 0x095c  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll

12:27:26.0366 0x095c  C:\Windows\SysWOW64\uxtheme.dll - ok

12:27:26.0366 0x095c  [ F5777C29E38E4BF12C6F93A0B2F1B2D7, 9565A1D3BEDECE70CE711A8A975886F3B0BBD9CFC3CBE6654372942EAF61773E ] C:\Windows\SysWOW64\msasn1.dll

12:27:26.0366 0x095c  C:\Windows\SysWOW64\msasn1.dll - ok

12:27:26.0366 0x095c  [ 27CBC636ABCE09CDB5227A872BE7A79C, 3CB803AAC96DD766843DD6D0F5A0EF37A1447240A24E754049AA645AACCEC5E4 ] C:\Windows\SysWOW64\wintrust.dll

12:27:26.0366 0x095c  C:\Windows\SysWOW64\wintrust.dll - ok

12:27:26.0366 0x095c  [ 93F0FFD46BA1EE3AEECD07678DD8E510, BA32850C79C280479B70E5F18104591F3A3BBCE727FFF981EF39B8A60C0C8572 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll

12:27:26.0366 0x095c  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll - ok

12:27:26.0376 0x095c  [ 0FA436A553408CBEBA070E3182658DE3, 304DA948021759DB08AB37DB9719CAF1BF671AACA1C6497C7CC784FE4EFF9550 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

12:27:26.0376 0x095c  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll - ok

12:27:26.0376 0x095c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] C:\Program Files\Intel\iCLS Client\HeciServer.exe

12:27:26.0376 0x095c  C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok

12:27:26.0376 0x095c  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] C:\Windows\System32\cryptsvc.dll

12:27:26.0376 0x095c  C:\Windows\System32\cryptsvc.dll - ok

12:27:26.0386 0x095c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] C:\Windows\System32\dps.dll

12:27:26.0386 0x095c  C:\Windows\System32\dps.dll - ok

12:27:26.0386 0x095c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] C:\Windows\System32\IKEEXT.DLL

12:27:26.0386 0x095c  C:\Windows\System32\IKEEXT.DLL - ok

12:27:26.0386 0x095c  [ A261AD1FDC6D6A658A82B81AF81B215F, 1E967BD93AEC90A68E1B376A6433F0BAF659E7DFEED39EDA34BAF8E4B88FA2D2 ] C:\Windows\System32\vssapi.dll

12:27:26.0386 0x095c  C:\Windows\System32\vssapi.dll - ok

12:27:26.0386 0x095c  [ 862789547AF9694B48BA0D040BF246BC, 19D12AA135127C56FF431299510AF63E1399A03D2BCC9255AE9F34E60C556F8F ] C:\Windows\System32\taskschd.dll

12:27:26.0386 0x095c  C:\Windows\System32\taskschd.dll - ok

12:27:26.0396 0x095c  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll

12:27:26.0396 0x095c  C:\Windows\SysWOW64\clbcatq.dll - ok

12:27:26.0396 0x095c  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll

12:27:26.0396 0x095c  C:\Windows\SysWOW64\ntmarta.dll - ok

12:27:26.0406 0x095c  [ BFA70A99AD1434263F2DFBBA103BDEF8, 5A0E73D48824C23E2C221EAC369A906FEDECE0E047E8C7E5F012242E74AFAF9E ] C:\Windows\SysWOW64\Wldap32.dll

12:27:26.0406 0x095c  C:\Windows\SysWOW64\Wldap32.dll - ok

12:27:26.0406 0x095c  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll

12:27:26.0406 0x095c  C:\Windows\System32\vsstrace.dll - ok

12:27:26.0406 0x095c  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll

12:27:26.0406 0x095c  C:\Windows\System32\aepic.dll - ok

12:27:26.0406 0x095c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys

12:27:26.0406 0x095c  C:\Windows\System32\drivers\PEAuth.sys - ok

12:27:26.0416 0x095c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] C:\Windows\System32\nlasvc.dll

12:27:26.0416 0x095c  C:\Windows\System32\nlasvc.dll - ok

12:27:26.0416 0x095c  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll

12:27:26.0416 0x095c  C:\Windows\System32\sfc.dll - ok

12:27:26.0416 0x095c  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll

12:27:26.0416 0x095c  C:\Windows\System32\sfc_os.dll - ok

12:27:26.0426 0x095c  [ 107F279517E2A04DB4AC1B1FAF1D573B, 487F505E97288ACA23229D1D421FD62E3A8FE59FA3A504F6C125854DF8BEDE5B ] C:\Windows\System32\ncsi.dll

12:27:26.0426 0x095c  C:\Windows\System32\ncsi.dll - ok

12:27:26.0426 0x095c  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] C:\Program Files (x86)\Skype\Updater\Updater.exe

12:27:26.0426 0x095c  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok

12:27:26.0426 0x095c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys

12:27:26.0426 0x095c  C:\Windows\System32\drivers\secdrv.sys - ok

12:27:26.0436 0x095c  [ 4552F2FF1FF3720A65619F92965E1ACC, 0CAA315B0871DD822BBB5E5896E5C2B8F71D2DA488951C89E8C37A93204C5223 ] C:\Windows\System32\winhttp.dll

12:27:26.0436 0x095c  C:\Windows\System32\winhttp.dll - ok

12:27:26.0436 0x095c  [ FF604B2C8B39E14421C9DF2D1D3887BD, 55F49D32640B3E2363957616422B0818934C01173972ECC57375DD82769C144F ] C:\Windows\System32\webio.dll

12:27:26.0436 0x095c  C:\Windows\System32\webio.dll - ok

12:27:26.0436 0x095c  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll

12:27:26.0436 0x095c  C:\Windows\SysWOW64\profapi.dll - ok

12:27:26.0436 0x095c  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll

12:27:26.0436 0x095c  C:\Windows\SysWOW64\psapi.dll - ok

12:27:26.0436 0x095c  [ 9C0DC1DAAD14D443DD5A0D1EE78D775E, 73BA5BDF50EB78FA8BF479ADE0F1826FBB161CA70AF1405E06B64F4D2254B42C ] C:\Windows\SysWOW64\userenv.dll

12:27:26.0436 0x095c  C:\Windows\SysWOW64\userenv.dll - ok

12:27:26.0446 0x095c  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll

12:27:26.0446 0x095c  C:\Windows\SysWOW64\version.dll - ok

12:27:26.0446 0x095c  [ E30E5BB0DBA49EFE5BBBAFEA440CFBD9, 70D11382A242DB280FC121DBB95D2810E9139DAB6B66BA5FD58F115E3572649B ] C:\Windows\SysWOW64\wtsapi32.dll

12:27:26.0446 0x095c  C:\Windows\SysWOW64\wtsapi32.dll - ok

12:27:26.0446 0x095c  [ 5FF7D057E48DA861BDBB47D314B6DA7D, B4FD5B9F5F241F4EFB1AFB77D3B3744CC1C947521386381DDCB3C91875DA3921 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcr90.dll

12:27:26.0446 0x095c  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcr90.dll - ok

12:27:26.0446 0x095c  [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] C:\Windows\System32\drivers\srvnet.sys

12:27:26.0446 0x095c  C:\Windows\System32\drivers\srvnet.sys - ok

12:27:26.0456 0x095c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] C:\Windows\System32\drivers\tcpipreg.sys

12:27:26.0456 0x095c  C:\Windows\System32\drivers\tcpipreg.sys - ok

12:27:26.0456 0x095c  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll

12:27:26.0456 0x095c  C:\Windows\SysWOW64\cryptsp.dll - ok

12:27:26.0456 0x095c  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll

12:27:26.0456 0x095c  C:\Windows\System32\ssdpapi.dll - ok

12:27:26.0456 0x095c  [ 4AF9FD44342A024B867E1950EE46FCB8, 6A35F91AA62B40D55DBFFF451D68117704066E2990DBD2B654E4B69ED1A305F0 ] C:\Windows\SysWOW64\urlmon.dll

12:27:26.0456 0x095c  C:\Windows\SysWOW64\urlmon.dll - ok

12:27:26.0466 0x095c  [ 13D1F490AF6C7649F51BA29F9CCBB778, 2A389A84E14CE601203CED3283B3345A74B040C670BCDF8C2AE22652E314D17C ] C:\Windows\SysWOW64\iertutil.dll

12:27:26.0466 0x095c  C:\Windows\SysWOW64\iertutil.dll - ok

12:27:26.0466 0x095c  [ 3A387E0E973D45469A08A703407F2E6F, EBFA80B4B1B3916FEDB0D034014E8D03559B7C8F89D72241E31B6C5F9BB95705 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcp90.dll

12:27:26.0466 0x095c  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcp90.dll - ok

12:27:26.0466 0x095c  [ 18E756E0FE2FFCD5DE35F6B9F91244A6, 2B508EEA1F59BE0E627BB87921F88D6C7277609DCCEFCD3618F83503CF871761 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll

12:27:26.0466 0x095c  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll - ok

12:27:26.0466 0x095c  [ C3DA214AB5FB2E66E61FD8F63F72839F, 9F4845358945756D231B58D2BE9DDDD1F436DF1955DAA79AB04149CF1289F4EF ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF

12:27:26.0466 0x095c  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok

12:27:26.0476 0x095c  [ 6B50F6743BE4A4ADC3A7C0B4AF5B20F1, 9A37DFCA66B51AD19326F3F4A265E02C61CA907E8785B4A27B3E394FC2FF8F42 ] C:\PROGRA~1\MICROS~3\Office14\3082\GrooveIntlResource.dll

12:27:26.0476 0x095c  C:\PROGRA~1\MICROS~3\Office14\3082\GrooveIntlResource.dll - ok

12:27:26.0476 0x095c  [ 0DFBB6B13ACFBDEE0E7DF0FD145614AC, C731F0179720DADA521C26CAB0F13FE1E7BA5D86BA390D6015A418DD94FBC4B2 ] C:\Windows\System32\ntshrui.dll

12:27:26.0476 0x095c  C:\Windows\System32\ntshrui.dll - ok

12:27:26.0476 0x095c  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll

12:27:26.0476 0x095c  C:\Windows\System32\IconCodecService.dll - ok

12:27:26.0476 0x095c  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll

12:27:26.0476 0x095c  C:\Windows\SysWOW64\rsaenh.dll - ok

12:27:26.0486 0x095c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] C:\Windows\System32\wiaservc.dll

12:27:26.0486 0x095c  C:\Windows\System32\wiaservc.dll - ok

12:27:26.0486 0x095c  [ 6C0BD9D59C7E97DEE2FB3407D17BF697, C77DF45B0969DC9D99C1B0F14BECF95403679B912B26B66039A408921613499B ] C:\Windows\SysWOW64\RpcRtRemote.dll

12:27:26.0486 0x095c  C:\Windows\SysWOW64\RpcRtRemote.dll - ok

12:27:26.0486 0x095c  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll

12:27:26.0486 0x095c  C:\Windows\System32\wiatrace.dll - ok

12:27:26.0496 0x095c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] C:\Windows\System32\sysmain.dll

12:27:26.0496 0x095c  C:\Windows\System32\sysmain.dll - ok

12:27:26.0496 0x095c  [ 1BE5452611346247CBF39EA4E98698DB, DE6E7867DA3FDC79BF90E11156BF976BAD70B0F5BF310E6A62065CB99FFFC7D0 ] C:\Windows\System32\d3d10level9.dll

12:27:26.0496 0x095c  C:\Windows\System32\d3d10level9.dll - ok

12:27:26.0496 0x095c  [ FF98798DC102EC4C1FC3E9C066D60C62, 591224081FB94273BE92D1518DA3F5D5803FFF6D70890EC942DA31FA065AA0A4 ] C:\Windows\System32\nvd3dumx.dll

12:27:26.0496 0x095c  C:\Windows\System32\nvd3dumx.dll - ok

12:27:26.0496 0x095c  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll

12:27:26.0496 0x095c  C:\Windows\System32\aeevts.dll - ok

12:27:26.0496 0x095c  [ 6095266CAAF5E75F394CFD4844CC4C25, 99C10DDD9F86D6FC10F5417F7FDE7A48909CDEF53F47D8A2DBFB0B656F89FCA6 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

12:27:26.0496 0x095c  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

12:27:26.0506 0x095c  [ C3DBF7DFF5A38136E26BADB7AB4E2972, EA7484034B14F9F1082F8FA802560D61740DD030F008B59CED204ED55B7C437B ] C:\Windows\SysWOW64\netapi32.dll

12:27:26.0506 0x095c  C:\Windows\SysWOW64\netapi32.dll - ok

12:27:26.0506 0x095c  [ C6BB27D9A8AC13D4A44486F528B5C884, 9624D886A3EBA94E61F90F62BD9A823B799C3A3B9C0E4C59E49824FEBBB18D77 ] C:\Windows\SysWOW64\netutils.dll

12:27:26.0506 0x095c  C:\Windows\SysWOW64\netutils.dll - ok

12:27:26.0506 0x095c  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll

12:27:26.0506 0x095c  C:\Windows\SysWOW64\nsi.dll - ok

12:27:26.0506 0x095c  [ 89D840773C9C4358A5031DCC860449EC, F6C241D73E05A95B7C81C12979FF625BFD89C12CDD13193AA137E02A8C0046F2 ] C:\Windows\SysWOW64\srvcli.dll

12:27:26.0506 0x095c  C:\Windows\SysWOW64\srvcli.dll - ok

12:27:26.0516 0x095c  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll

12:27:26.0516 0x095c  C:\Windows\SysWOW64\winnsi.dll - ok

12:27:26.0516 0x095c  [ 7AD12703039056D2A0815F85960E1FA1, 22C9E953D499555F8BD7719786F3450EF5619672F4FF91082758BAB3FD8A288D ] C:\Windows\SysWOW64\wkscli.dll

12:27:26.0516 0x095c  C:\Windows\SysWOW64\wkscli.dll - ok

12:27:26.0516 0x095c  [ AE6AF014B616F53BA762F0BCFD8F7F21, 95C8E3CA3DBEE48621A6A159BEA04A323339A876C8B64EEBC76CBD5872BC32F2 ] C:\Windows\SysWOW64\msi.dll

12:27:26.0516 0x095c  C:\Windows\SysWOW64\msi.dll - ok

12:27:26.0516 0x095c  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll

12:27:26.0516 0x095c  C:\Windows\SysWOW64\msimg32.dll - ok

12:27:26.0526 0x095c  [ 0D874F3BC751CC2198AF2E6783FB8B35, 90528FB50283F4ED8299E2A5203CF204254171A9AC19F50B21B0235BAA042CDF ] C:\Windows\SysWOW64\wininet.dll

12:27:26.0526 0x095c  C:\Windows\SysWOW64\wininet.dll - ok

12:27:26.0526 0x095c  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

12:27:26.0526 0x095c  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe - ok

12:27:26.0526 0x095c  [ ADD9D33D685DFADDFAD5AFB42CF31A70, 8E0D2D0CEFC59548BED08D36D55865D8633E1512AE81D93F728F3D9631A3CC6F ] C:\Windows\SysWOW64\cscapi.dll

12:27:26.0526 0x095c  C:\Windows\SysWOW64\cscapi.dll - ok

12:27:26.0526 0x095c  [ 79C7CFAEA6879A8C1A1E8B5FFE8983AA, BE7B559C8A33E7F8B19D4E7B70ED2257C49CB1FE7B944F63ADBAE1D31E0A1E93 ] C:\Windows\SysWOW64\dbghelp.dll

12:27:26.0526 0x095c  C:\Windows\SysWOW64\dbghelp.dll - ok

12:27:26.0536 0x095c  [ 41323AB614A2B66AD77B1121D24AC895, 3B441E113365F597F5AA18979AFFD5F7F37F75EBFBBA0AE821ACEE550E3EEC05 ] C:\Windows\SysWOW64\setupapi.dll

12:27:26.0536 0x095c  C:\Windows\SysWOW64\setupapi.dll - ok

12:27:26.0536 0x095c  [ FE40EC349D80C0ED24A5808DCFE9A0D2, 7697E2CADD4F9D2F2874DAF6F0AE2FF96AB5452F26F802226461B063320C3D33 ] C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe

12:27:26.0536 0x095c  C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe - ok

12:27:26.0536 0x095c  [ C02E3CE20E7776C922B5C8938350B5F1, 4BA2250230BC496ACF5709AD54E99BAC858C298BF09DBC574F8CA365A33E5FFC ] C:\Windows\SysWOW64\apphelp.dll

12:27:26.0536 0x095c  C:\Windows\SysWOW64\apphelp.dll - ok

12:27:26.0536 0x095c  [ 15B94E4AC75C9295275BDC9A1D7054C3, 1B478C2A60B3CFC066B7FE9A388BC2E29974B4B8A664AFEFA59FD8F18B39DE36 ] C:\Windows\SysWOW64\cfgmgr32.dll

12:27:26.0536 0x095c  C:\Windows\SysWOW64\cfgmgr32.dll - ok

12:27:26.0546 0x095c  [ CC4ED8BEA78B0DCA6F217E014C3291A7, 01104182E4E6FB3CF6397936D30B2CE3486967586D1B94187B59A8232DAE39FF ] C:\Windows\SysWOW64\devobj.dll

12:27:26.0546 0x095c  C:\Windows\SysWOW64\devobj.dll - ok

12:27:26.0546 0x095c  [ B5C7D56B6DB76C66E24B4B735BB66509, B9BE2E48CD6B1D675AB3EC46824C25A8CF16BFD784212EDA118EAB8F9A4BEA26 ] C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe

12:27:26.0546 0x095c  C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe - ok

12:27:26.0546 0x095c  [ DAAE8A9B8C0ACC7F858454132553C30D, 668A2FF7C4774A73D19E06D0E32B070C3B58FA66D273E647A01EE502A0CEE026 ] C:\Windows\SysWOW64\ws2_32.dll

12:27:26.0546 0x095c  C:\Windows\SysWOW64\ws2_32.dll - ok

12:27:26.0546 0x095c  [ 11A41F17527ED75D6B758FDD7F4FD00D, A646BA0BAA992A7B98C813AD8D834D57F27DB6F7F0F3200F68CB8B99F4C5D731 ] C:\Windows\SysWOW64\mswsock.dll

12:27:26.0546 0x095c  C:\Windows\SysWOW64\mswsock.dll - ok

12:27:26.0556 0x095c  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll

12:27:26.0556 0x095c  C:\Windows\SysWOW64\wship6.dll - ok

12:27:26.0556 0x095c  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

12:27:26.0556 0x095c  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

12:27:26.0556 0x095c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll

12:27:26.0556 0x095c  C:\Windows\System32\wbem\WMIsvc.dll - ok

12:27:26.0556 0x095c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll

12:27:26.0556 0x095c  C:\Windows\System32\trkwks.dll - ok

12:27:26.0566 0x095c  [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] C:\Windows\System32\drivers\srv2.sys

12:27:26.0566 0x095c  C:\Windows\System32\drivers\srv2.sys - ok

12:27:26.0566 0x095c  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll

12:27:26.0566 0x095c  C:\Windows\System32\uDWM.dll - ok

12:27:26.0566 0x095c  [ FAF9BA81FB0543CB4B7EFFD24CFA815F, DC876993FDAEE449C228D23942E3CA8C116AEA5F64D55A7C45F5EA0AB61CD62F ] C:\Windows\System32\wbemcomn.dll

12:27:26.0566 0x095c  C:\Windows\System32\wbemcomn.dll - ok

12:27:26.0566 0x095c  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll

12:27:26.0566 0x095c  C:\Windows\System32\wbem\WinMgmtR.dll - ok

12:27:26.0576 0x095c  [ A74316B5C28D94AF0825267D8715549F, C45D33E809FC97AF7334A481F56E878894A8F9127380261A7A4BA6F22A5D19F1 ] C:\Windows\System32\dbghelp.dll

12:27:26.0576 0x095c  C:\Windows\System32\dbghelp.dll - ok

12:27:26.0576 0x095c  [ 128FEE89035D9F09682A396998769B69, 318A2C182B68754DC569CC2C1534A02CE969ED183D4EA492F01975DCDEE8765C ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll

12:27:26.0576 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok

12:27:26.0576 0x095c  [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] C:\Windows\System32\drivers\srv.sys

12:27:26.0576 0x095c  C:\Windows\System32\drivers\srv.sys - ok

12:27:26.0576 0x095c  [ 47D598FB37C2A5CB080AA79971F161D4, C8E816447057CFD13FDA8B31D9BB0CDD9B9C551E215E8DE37A9F12D4730E3419 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\32e6872e37b1f771bbe543748e6e73f0\System.ni.dll

12:27:26.0576 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\32e6872e37b1f771bbe543748e6e73f0\System.ni.dll - ok

12:27:26.0586 0x095c  [ 6D5A49D6479EB753C7879F73A4C35E0F, A6009398E643051A8CC3943EDF9B7974F15867720246EFE52EDB09B5B3A30B83 ] C:\Windows\SysWOW64\dnsapi.dll

12:27:26.0586 0x095c  C:\Windows\SysWOW64\dnsapi.dll - ok

12:27:26.0586 0x095c  [ 9F758BF982DE530C8C77C9F03334DEEB, 8A49E6716C00BE94C62DB25AAAD3C70BDD49792EB205D94B47AB9B30D6566BB8 ] C:\Windows\SysWOW64\taskschd.dll

12:27:26.0586 0x095c  C:\Windows\SysWOW64\taskschd.dll - ok

12:27:26.0586 0x095c  [ 158117F3CF278F01C6F24E89E2141E81, F8178F093F09A6DB981019D2D0D514145B170D1377FE3C2479028D915663E28F ] C:\Windows\SysWOW64\FWPUCLNT.DLL

12:27:26.0586 0x095c  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

12:27:26.0586 0x095c  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll

12:27:26.0586 0x095c  C:\Windows\SysWOW64\rasadhlp.dll - ok

12:27:26.0596 0x095c  [ 8AE6DD9A6D246004DA047F704F0CC487, 8DEAB32F7297BCBC22CAA7BAEB2DDB6BF36E73D9A7F68B6737C1E4C75E213CB9 ] C:\Windows\SysWOW64\cmd.exe

12:27:26.0596 0x095c  C:\Windows\SysWOW64\cmd.exe - ok

12:27:26.0596 0x095c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] C:\Windows\System32\iphlpsvc.dll

12:27:26.0596 0x095c  C:\Windows\System32\iphlpsvc.dll - ok

12:27:26.0596 0x095c  [ 61DA1DD85F7A9A8F8DEA8771931FAAF6, 0712A1EDD6F20FA4C52189A721D4A78B67FA4B7F1BD3AC70C7BA6689CB2D376F ] C:\Windows\SysWOW64\imagehlp.dll

12:27:26.0596 0x095c  C:\Windows\SysWOW64\imagehlp.dll - ok

12:27:26.0596 0x095c  [ A7582A70802D5B9F28ED3940F6A3E9ED, 18BA69BF8386610F5EDA4430991C22D895477EA8911B855C951F70AE03CEA8AB ] C:\Windows\System32\wbem\WmiDcPrv.dll

12:27:26.0596 0x095c  C:\Windows\System32\wbem\WmiDcPrv.dll - ok

12:27:26.0606 0x095c  [ 48A6CA43A5C921C465F70D9B42B3EF1A, A618BCB175D46C0C088CEA98DC4DA8CB255F1D3B0ED72BBCC168AECD07B9F03F ] C:\Windows\System32\sqmapi.dll

12:27:26.0606 0x095c  C:\Windows\System32\sqmapi.dll - ok

12:27:26.0606 0x095c  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll

12:27:26.0606 0x095c  C:\Windows\System32\wbem\fastprox.dll - ok

12:27:26.0606 0x095c  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll

12:27:26.0606 0x095c  C:\Windows\System32\wdscore.dll - ok

12:27:26.0606 0x095c  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll

12:27:26.0606 0x095c  C:\Windows\System32\ntdsapi.dll - ok

12:27:26.0606 0x095c  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll

12:27:26.0616 0x095c  C:\Windows\System32\wbem\wbemprox.dll - ok

12:27:26.0616 0x095c  [ C20FF1A17726C357461A7AC5B3BFC3AD, 970558642CC14837B77B48257E3171ACC84466888875927314ACD6D79176F967 ] C:\Windows\SysWOW64\ncrypt.dll

12:27:26.0616 0x095c  C:\Windows\SysWOW64\ncrypt.dll - ok

12:27:26.0616 0x095c  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll

12:27:26.0616 0x095c  C:\Windows\SysWOW64\bcrypt.dll - ok

12:27:26.0616 0x095c  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll

12:27:26.0616 0x095c  C:\Windows\SysWOW64\bcryptprimitives.dll - ok

12:27:26.0616 0x095c  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] C:\Windows\System32\srvsvc.dll

12:27:26.0616 0x095c  C:\Windows\System32\srvsvc.dll - ok

12:27:26.0626 0x095c  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] C:\Windows\System32\browser.dll

12:27:26.0626 0x095c  C:\Windows\System32\browser.dll - ok

12:27:26.0626 0x095c  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll

12:27:26.0626 0x095c  C:\Windows\System32\netmsg.dll - ok

12:27:26.0626 0x095c  [ 8F6D9A20F1FB06F0602A7D5A82840DBF, 2BC5D14472205C1593D8153DEC48E42A5B5FD27A710DE091052152E0AE6A850E ] C:\Windows\System32\netcfgx.dll

12:27:26.0626 0x095c  C:\Windows\System32\netcfgx.dll - ok

12:27:26.0626 0x095c  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll

12:27:26.0626 0x095c  C:\Windows\System32\hnetcfg.dll - ok

12:27:26.0636 0x095c  [ 836892094209E5D9CF403B4CF2829B5C, C8CB0FCCBF4C7E5E64E1B4225B559E049A25792F99A880DEEC5C66243B6EC2CA ] C:\Windows\System32\sscore.dll

12:27:26.0636 0x095c  C:\Windows\System32\sscore.dll - ok

12:27:26.0636 0x095c  [ 4EAE37133B78A26A84EA1649D9B21A1E, 832FE4BCF5E3721267E5E30392C29FC96976F2ABFF5B0BED768F8D97606D8D98 ] C:\Windows\System32\clusapi.dll

12:27:26.0636 0x095c  C:\Windows\System32\clusapi.dll - ok

12:27:26.0636 0x095c  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll

12:27:26.0636 0x095c  C:\Windows\System32\resutils.dll - ok

12:27:26.0636 0x095c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll

12:27:26.0636 0x095c  C:\Windows\System32\netprofm.dll - ok

12:27:26.0646 0x095c  [ 6E03C9E362389A768E6C240933352D11, 7A08805635262E0F104DC0E8C3D7CC7E0C941F45EE5C5DC6DD05FC7F2BAD7E91 ] C:\Windows\System32\nci.dll

12:27:26.0646 0x095c  C:\Windows\System32\nci.dll - ok

12:27:26.0646 0x095c  [ 3B9665D4B8C587A6014B9B8DFF5974A0, C616EB39D923954B484CEA863CA840E525366916286962D737D04FCCBD3610B8 ] C:\Windows\System32\wbem\wbemcore.dll

12:27:26.0646 0x095c  C:\Windows\System32\wbem\wbemcore.dll - ok

12:27:26.0646 0x095c  [ 6960D29ABE74341FAB8300DB3E6F883D, 8651E663D5EFFB9022046AB46452A102D1F31F5EDB90AC87D8DB023FE54B92F0 ] C:\Windows\System32\cmd.exe

12:27:26.0646 0x095c  C:\Windows\System32\cmd.exe - ok

12:27:26.0646 0x095c  [ B9A4DAC2192FD78CDA097BFA79F6E7B2, D468E6B1B79555AC8BCE0300942FD479689EB8F159F3A399848D3BF9B9990A56 ] C:\Windows\SysWOW64\net.exe

12:27:26.0646 0x095c  C:\Windows\SysWOW64\net.exe - ok

12:27:26.0656 0x095c  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll

12:27:26.0656 0x095c  C:\Windows\SysWOW64\winbrand.dll - ok

12:27:26.0656 0x095c  [ 2D1830A62EE573E1BFFCBCBEFDE921AF, 469F9CEBE7400F09DC091ED3DC4D78C14B41E412398CC3C6CBF7008E74BE94CB ] C:\Windows\SysWOW64\browcli.dll

12:27:26.0656 0x095c  C:\Windows\SysWOW64\browcli.dll - ok

12:27:26.0656 0x095c  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll

12:27:26.0656 0x095c  C:\Windows\SysWOW64\mpr.dll - ok

12:27:26.0656 0x095c  [ 742AA02BD9FA3492C9E525BBD427D87D, 21BB644D6591F10AC8F0A74950D89F4341781C65B79D28BEF6A67823CB933695 ] C:\Windows\SysWOW64\samcli.dll

12:27:26.0656 0x095c  C:\Windows\SysWOW64\samcli.dll - ok

12:27:26.0666 0x095c  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

12:27:26.0666 0x095c  C:\Windows\SysWOW64\dhcpcsvc.dll - ok

12:27:26.0666 0x095c  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll

12:27:26.0666 0x095c  C:\Windows\SysWOW64\gpapi.dll - ok

12:27:26.0666 0x095c  [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

12:27:26.0666 0x095c  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

12:27:26.0666 0x095c  [ 96F3F676B4D0DF4DA9C4081358C4662F, 99EC65A61B88DFEFB2F02C3E3D01638FCBC41773AB40268F9CB2C72FD288CF62 ] C:\Windows\SysWOW64\wbemcomn.dll

12:27:26.0666 0x095c  C:\Windows\SysWOW64\wbemcomn.dll - ok

12:27:26.0676 0x095c  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll

12:27:26.0676 0x095c  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok

12:27:26.0676 0x095c  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll

12:27:26.0676 0x095c  C:\Windows\System32\wbem\esscli.dll - ok

12:27:26.0676 0x095c  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll

12:27:26.0676 0x095c  C:\Windows\System32\wbem\wbemsvc.dll - ok

12:27:26.0676 0x095c  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll

12:27:26.0676 0x095c  C:\Windows\System32\wbem\wmiutils.dll - ok

12:27:26.0686 0x095c  [ 1CEDFE91F527858CACA1B08B04666BC0, B29D4545DAEBF28C07DF684C9AF0C5EE8DE5C723E81B8832188FA27106F1FC50 ] C:\Windows\SysWOW64\wbem\fastprox.dll

12:27:26.0686 0x095c  C:\Windows\SysWOW64\wbem\fastprox.dll - ok

12:27:26.0686 0x095c  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll

12:27:26.0686 0x095c  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok

12:27:26.0686 0x095c  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll

12:27:26.0686 0x095c  C:\Windows\System32\wbem\repdrvfs.dll - ok

12:27:26.0686 0x095c  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll

12:27:26.0686 0x095c  C:\Windows\SysWOW64\ntdsapi.dll - ok

12:27:26.0696 0x095c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] C:\Windows\System32\wpdbusenum.dll

12:27:26.0696 0x095c  C:\Windows\System32\wpdbusenum.dll - ok

12:27:26.0696 0x095c  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll

12:27:26.0696 0x095c  C:\Windows\System32\dimsjob.dll - ok

12:27:26.0696 0x095c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] C:\Windows\System32\appinfo.dll

12:27:26.0696 0x095c  C:\Windows\System32\appinfo.dll - ok

12:27:26.0706 0x095c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll

12:27:26.0706 0x095c  C:\Windows\System32\aelupsvc.dll - ok

12:27:26.0706 0x095c  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll

12:27:26.0706 0x095c  C:\Windows\System32\Apphlpdm.dll - ok

12:27:26.0706 0x095c  [ D891293880F2F00AB7BA959910300EF7, 2C974D3BE5E762694B5270330211D761C35C25C495EA173FC22DCD8820FDAF0A ] C:\Windows\System32\diagperf.dll

12:27:26.0706 0x095c  C:\Windows\System32\diagperf.dll - ok

12:27:26.0706 0x095c  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll

12:27:26.0706 0x095c  C:\Windows\System32\npmproxy.dll - ok

12:27:26.0716 0x095c  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll

12:27:26.0716 0x095c  C:\Windows\System32\perftrack.dll - ok

12:27:26.0716 0x095c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll

12:27:26.0716 0x095c  C:\Windows\System32\wdi.dll - ok

12:27:26.0716 0x095c  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll

12:27:26.0716 0x095c  C:\Windows\System32\wer.dll - ok

12:27:26.0716 0x095c  [ 82BC97E5793DEF69691AAD5AB953A200, E589D638C8FEAA88EA9149E463C675C36FEA4310923C47C095B1EA50B2DC52F6 ] C:\Windows\System32\wbem\WmiPrvSD.dll

12:27:26.0716 0x095c  C:\Windows\System32\wbem\WmiPrvSD.dll - ok

12:27:26.0716 0x095c  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll

12:27:26.0716 0x095c  C:\Windows\System32\ncobjapi.dll - ok

12:27:26.0726 0x095c  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll

12:27:26.0726 0x095c  C:\Windows\System32\wbem\wbemess.dll - ok

12:27:26.0726 0x095c  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll

12:27:26.0726 0x095c  C:\Windows\System32\pnpts.dll - ok

12:27:26.0726 0x095c  [ 65AF044B5570D355124DCD1E099AA98F, 84165B4C2F7EA6DCC52442C50610F363D319B7768A62A7E8B4920D459A3024CD ] C:\Windows\System32\wdiasqmmodule.dll

12:27:26.0726 0x095c  C:\Windows\System32\wdiasqmmodule.dll - ok

12:27:26.0726 0x095c  [ 6AB6D4DF10EC784CF4A66CBFAF417A11, 7DD59A6A686736D4CCA4D486BD2FE0A0743AFBA838DBCBDBFF3078080BFA1CF3 ] C:\Windows\System32\runonce.exe

12:27:26.0726 0x095c  C:\Windows\System32\runonce.exe - ok

12:27:26.0736 0x095c  [ 169F916EFEAA44487E65305B7D2D754B, E87069D36E05133A58638A1CBD765AE3122917B3E0AFA06C8644C861B3ED5A16 ] C:\Windows\SysWOW64\runonce.exe

12:27:26.0736 0x095c  C:\Windows\SysWOW64\runonce.exe - ok

12:27:26.0736 0x095c  [ 94CA6D847D08514A087E8A4C43D65BF9, 0C3C820C6D9AB5FA847AF99A48B87937F6745ACE81E5F6F3591AA800F3126A47 ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

12:27:26.0736 0x095c  C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok

12:27:26.0736 0x095c  [ 5DA7D8934F7AB0884A6A8FC02E8B2AA7, A0B8795965A10B045A6316FCEB48DF389E35E8739EEE4358789A18A7B8140E7A ] C:\Windows\System32\PortableDeviceApi.dll

12:27:26.0736 0x095c  C:\Windows\System32\PortableDeviceApi.dll - ok

12:27:26.0746 0x095c  [ 105319E3D66D6E1BAD22AADEC1E9E0DA, 51F04F3A71470C586A7511B216E713511062B1DF7037ECD13C30BE13B3B24A20 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll

12:27:26.0746 0x095c  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll - ok

12:27:26.0746 0x095c  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll

12:27:26.0746 0x095c  C:\Windows\System32\PortableDeviceConnectApi.dll - ok

12:27:26.0746 0x095c  [ 78B62E4C13378F737603136975A07E1A, 7CC6C299A20B2DE62B3844417F085FCE7FEA32CC006A10658B3E4815B536329F ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll

12:27:26.0746 0x095c  C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok

12:27:26.0746 0x095c  [ 74624AEE2D3814E91F60619827DAD662, B869E98960B4EE8C420DCDA26C949D35E3CC9F4F947372F4611F14201E5CC31B ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF

12:27:26.0746 0x095c  C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok

12:27:26.0756 0x095c  [ BA57DD1C2C77227930B6FBB93DEB600F, F7E481F0487B9E3041C9D0AFA9B533B090AE51B8B1274E93DAB94761BC8D3454 ] C:\Windows\SysWOW64\net1.exe

12:27:26.0756 0x095c  C:\Windows\SysWOW64\net1.exe - ok

12:27:26.0756 0x095c  [ 672ECBB050F17BF90FE00758596F38CA, 692CA91D62B65E562A931BC1437B639658CE65C5290A013B73F051A948AE17F9 ] C:\Windows\SysWOW64\ieframe.dll

12:27:26.0756 0x095c  C:\Windows\SysWOW64\ieframe.dll - ok

12:27:26.0756 0x095c  [ 64D757051B5B273E55C93E4503EA4F3E, 64DE8773FEF4B1158AF23C9EDCFF22F89A32BC6E47CB833D1CB5C2C9DBE5DD75 ] C:\Windows\System32\wbem\WmiPrvSE.exe

12:27:26.0756 0x095c  C:\Windows\System32\wbem\WmiPrvSE.exe - ok

12:27:26.0756 0x095c  [ EE24C42561D40F7AD7C2A7A460287090, 9E6C22B60EA756FE53BC189412C86F64DF4C5B510C1915A3EBC5A537F0C32256 ] C:\Windows\System32\wbem\cimwin32.dll

12:27:26.0756 0x095c  C:\Windows\System32\wbem\cimwin32.dll - ok

12:27:26.0766 0x095c  [ CBD010BFBED9657C3813400AAD03CF8A, 2DD60A291D8F4A44D7D638C83A46CFA618525A72B9D975FB81F8F403699B9AE6 ] C:\Windows\SysWOW64\oleacc.dll

12:27:26.0766 0x095c  C:\Windows\SysWOW64\oleacc.dll - ok

12:27:26.0766 0x095c  [ E07B77C3BDC82A024E294FB67ABFEDA0, B7ADCD536544F4C59748562504824B252B503E0C6DFF8D94512A88EE4A38B0E0 ] C:\Windows\SysWOW64\shdocvw.dll

12:27:26.0766 0x095c  C:\Windows\SysWOW64\shdocvw.dll - ok

12:27:26.0766 0x095c  [ F1AA5C522EC0054B80B722C7DD31E970, 3A0FB2C9F6566B8C65FACC2D13EFF720BA878F784BA42A621D8FD82A5DD89D53 ] C:\Users\Felipe\AppData\Local\Temp\{85333D0A-B023-440E-82A3-6D746AF799F7}\{7FDED002-CA98-444F-8297-DF77C31F5B6C}.exe

12:27:26.0766 0x095c  C:\Users\Felipe\AppData\Local\Temp\{85333D0A-B023-440E-82A3-6D746AF799F7}\{7FDED002-CA98-444F-8297-DF77C31F5B6C}.exe - ok

12:27:26.0766 0x095c  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll

12:27:26.0766 0x095c  C:\Windows\SysWOW64\sfc.dll - ok

12:27:26.0776 0x095c  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll

12:27:26.0776 0x095c  C:\Windows\SysWOW64\sfc_os.dll - ok

12:27:26.0776 0x095c  [ FD07F21E0A19C27ED4E1EEC2B07452B3, DF54C00B021AF64BB04EDEBCA6F41CCF48F1959DD53ADE545FAFC565F1243392 ] C:\Windows\SysWOW64\devrtl.dll

12:27:26.0776 0x095c  C:\Windows\SysWOW64\devrtl.dll - ok

12:27:26.0776 0x095c  [ 03FDE416C235A3FBF32C196ED62FCF8A, 3FA8D9E7868B92EDC60A6384B9A4F4DDA5636F62B5141A5BB5088656B65F67D8 ] C:\Windows\System32\iedkcs32.dll

12:27:26.0776 0x095c  C:\Windows\System32\iedkcs32.dll - ok

12:27:26.0776 0x095c  [ 6D220604AA4240303DD8DEAEAB428377, 0AC013CFA8F8040017969B3110BBD3B9A4827E0DFC4BE65F334F607248DF9550 ] C:\Windows\System32\ie4uinit.exe

12:27:26.0776 0x095c  C:\Windows\System32\ie4uinit.exe - ok

12:27:26.0786 0x095c  [ C3C32FE6F59BF9863C924C7ED7328834, 98717226EE8D26E952C2FA8E9272D80911B60FBA6C9D20932CC99082D8D9D2C5 ] C:\Windows\System32\timedate.cpl

12:27:26.0786 0x095c  C:\Windows\System32\timedate.cpl - ok

12:27:26.0786 0x095c  [ 1E4BDDBD5A63059A97063339B4F8986F, 0EFBD43CEB83B4D72EDD7CE58F81504DFFB6C8E78A185DE1437CFC39E7EB90C0 ] C:\Windows\System32\actxprxy.dll

12:27:26.0786 0x095c  C:\Windows\System32\actxprxy.dll - ok

12:27:26.0786 0x095c  [ FBE8EBF528DC49B3DEB186CA9545D97E, 9A5BFB1975822B09C453DC62B241A6F4FC1F1F98D67506FB08A136AC4FA904F3 ] C:\Windows\System32\shdocvw.dll

12:27:26.0786 0x095c  C:\Windows\System32\shdocvw.dll - ok

12:27:26.0786 0x095c  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll

12:27:26.0786 0x095c  C:\Windows\System32\linkinfo.dll - ok

12:27:26.0796 0x095c  [ 5D89D063A4CB036C258685C8E057E768, DBCE703710BDB4C0284F36B16D9E80EC36BBAD83E8854EA3DBA580D411F70470 ] C:\Windows\System32\framedynos.dll

12:27:26.0796 0x095c  C:\Windows\System32\framedynos.dll - ok

12:27:26.0796 0x095c  [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll

12:27:26.0796 0x095c  C:\Windows\System32\security.dll - ok

12:27:26.0796 0x095c  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll

12:27:26.0796 0x095c  C:\Windows\System32\dssenh.dll - ok

12:27:26.0796 0x095c  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll

12:27:26.0796 0x095c  C:\Windows\System32\msiltcfg.dll - ok

12:27:26.0796 0x095c  [ EEF4EB5806A9B18F23CF797D9B9ADA8A, 7E0FD00669C6C154422367493CD393310345127BF58AB8D2F614C95D04DF30C2 ] C:\Windows\System32\browcli.dll

12:27:26.0796 0x095c  C:\Windows\System32\browcli.dll - ok

12:27:26.0806 0x095c  [ 28142AAF1565736CE0E5D7EFCE3CC0F8, FEF38AA86683B88D9134D9136847781B2B634F233DCFC469B16A49C597AF1C86 ] C:\Windows\System32\schedcli.dll

12:27:26.0806 0x095c  C:\Windows\System32\schedcli.dll - ok

12:27:26.0806 0x095c  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\SysWOW64\dsrole.dll

12:27:26.0806 0x095c  C:\Windows\SysWOW64\dsrole.dll - ok

12:27:26.0806 0x095c  [ 3C73D865ADA79E04C20484E067B9CB71, C4A165164817EA6818C5D2CCFBCB7A1C1AF28882A14C5CD23372A471F4BE0432 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\515fc762410f9854f174f5a4a48c0859\System.ServiceProcess.ni.dll

12:27:26.0806 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\515fc762410f9854f174f5a4a48c0859\System.ServiceProcess.ni.dll - ok

12:27:26.0816 0x095c  [ 4341A48DA7F07C5E565024857B73539C, 96ABD59CCFCF847ACB44230F82AFF0A25CA1CC3089566F7574ABCDBD892C528A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\9a3766e2de002737feda3ede16e2e5a4\System.Xml.ni.dll

12:27:26.0816 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\9a3766e2de002737feda3ede16e2e5a4\System.Xml.ni.dll - ok

12:27:26.0816 0x095c  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll

12:27:26.0816 0x095c  C:\Windows\System32\winrnr.dll - ok

12:27:26.0816 0x095c  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll

12:27:26.0816 0x095c  C:\Windows\SysWOW64\dwmapi.dll - ok

12:27:26.0826 0x095c  [ D757F59EED634C595727534B60E640B8, 58ECD28FB62DB9F2302E21E00F253542FA6D450D36685A11012C827324D0C00D ] C:\Windows\SysWOW64\winhttp.dll

12:27:26.0826 0x095c  C:\Windows\SysWOW64\winhttp.dll - ok

12:27:26.0826 0x095c  [ 7F739F89F7F60221740DA9DE1B1DABB6, 7FB3E2DF211826B097FEDB8335DB2CC0206823B440897478C1E77169E4033D66 ] C:\Windows\SysWOW64\webio.dll

12:27:26.0826 0x095c  C:\Windows\SysWOW64\webio.dll - ok

12:27:26.0826 0x095c  [ E1CF79243D8262F935366ADFA253A0C1, A594504BB1FBB9B286A447F559BC3F5BC2E28D7D407BE619C66653BDCD7AEFA3 ] C:\Windows\System32\wmi.dll

12:27:26.0826 0x095c  C:\Windows\System32\wmi.dll - ok

12:27:26.0836 0x095c  [ BF591B5C2CC38314518467E883AE37C5, AE87A8812B9836440094558D198B15C1EBD333E1F739295BE80F8D7BA23B05DF ] C:\Windows\SysWOW64\credssp.dll

12:27:26.0836 0x095c  C:\Windows\SysWOW64\credssp.dll - ok

12:27:26.0836 0x095c  [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{EC90790E-9994-4051-9503-0241BA45B6DD}.tmp

12:27:26.0836 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{EC90790E-9994-4051-9503-0241BA45B6DD}.tmp - ok

12:27:26.0846 0x095c  [ 321FF1DF7F4CEF3FA690419110BEE55A, 41243293C9876D8B94F83B28C98F1797CD217140153DDEE631C2EEB8E102C6A0 ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{64D53FB5-7B52-402B-B149-6E28C42E4889}.tmp

12:27:26.0846 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{64D53FB5-7B52-402B-B149-6E28C42E4889}.tmp - ok

12:27:26.0846 0x095c  [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{A1710A51-339F-45FB-BB0C-E5E8F86FC088}.tmp

12:27:26.0846 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{A1710A51-339F-45FB-BB0C-E5E8F86FC088}.tmp - ok

12:27:26.0856 0x095c  [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{69419855-0BE8-4A2A-944C-A211E119ED64}.tmp

12:27:26.0856 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{69419855-0BE8-4A2A-944C-A211E119ED64}.tmp - ok

12:27:26.0856 0x095c  [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{FA7B900B-6848-4A40-A370-339CAA3ECD2D}.tmp

12:27:26.0856 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{FA7B900B-6848-4A40-A370-339CAA3ECD2D}.tmp - ok

12:27:26.0866 0x095c  [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{0BF87729-A4F9-48E9-A188-1BB83B0DBB2D}.tmp

12:27:26.0866 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{0BF87729-A4F9-48E9-A188-1BB83B0DBB2D}.tmp - ok

12:27:26.0866 0x095c  [ 033CA30E335588E243C42D715BF48DDF, 6D40C9D48374D09494CFA04CCF1015CC097457BFA8B460DCD33513F2BC113597 ] C:\Windows\SysWOW64\secur32.dll

12:27:26.0866 0x095c  C:\Windows\SysWOW64\secur32.dll - ok

12:27:26.0866 0x095c  [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{4AF13B67-A793-459F-A04C-C604061BEA05}.tmp

12:27:26.0866 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{4AF13B67-A793-459F-A04C-C604061BEA05}.tmp - ok

12:27:26.0876 0x095c  [ A38A290E27AFE18D7D5F3CFD33FEF47D, BA2FD04D1E180F268C3D519A6B50D705F96CAA68C04E4F09652D92CE6488AD00 ] C:\Windows\System32\msi.dll

12:27:26.0876 0x095c  C:\Windows\System32\msi.dll - ok

12:27:26.0876 0x095c  [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{D337ACA4-EC7F-4033-B4AE-A0488D2152FA}.tmp

12:27:26.0876 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{D337ACA4-EC7F-4033-B4AE-A0488D2152FA}.tmp - ok

12:27:26.0876 0x095c  [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{EE94C3AF-0FD1-4F96-8EA1-D73E64EA1669}.tmp

12:27:26.0876 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{EE94C3AF-0FD1-4F96-8EA1-D73E64EA1669}.tmp - ok

12:27:26.0876 0x095c  [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ] C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{C26E5580-4615-4314-88B9-E19F53370BDA}.tmp

12:27:26.0876 0x095c  C:\Users\Felipe\AppData\Local\Temp\{37AAB74E-E769-43E0-A74E-756AC3C161D4}\{C26E5580-4615-4314-88B9-E19F53370BDA}.tmp - ok

12:27:26.0886 0x095c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll

12:27:26.0886 0x095c  C:\Windows\SysWOW64\netprofm.dll - ok

12:27:26.0886 0x095c  [ 6EC594AB7EFA45EACDE65FD4040F53D9, A2119AFC55B1231A838C9FD98F50DA9AA85E26EAF1991E8EFF27ADB7C7C3D250 ] C:\Windows\SysWOW64\riched20.dll

12:27:26.0886 0x095c  C:\Windows\SysWOW64\riched20.dll - ok

12:27:26.0886 0x095c  [ FD13400115D3D0D70E087AB826DF593A, E36E027D5411CB76057FFE68471C0656D3EE0F27E957C661B655168D8C9D6A79 ] C:\Windows\SysWOW64\ExplorerFrame.dll

12:27:26.0886 0x095c  C:\Windows\SysWOW64\ExplorerFrame.dll - ok

12:27:26.0886 0x095c  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll

12:27:26.0886 0x095c  C:\Windows\SysWOW64\duser.dll - ok

12:27:26.0896 0x095c  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll

12:27:26.0896 0x095c  C:\Windows\SysWOW64\dui70.dll - ok

12:27:26.0896 0x095c  [ D8ECA7A87AAA3AE308B5277411666622, 2F67D5567DC1174B36E67C1009B827E3C48F05551D4B4A39D7B02B8D12041406 ] C:\Windows\SysWOW64\logoncli.dll

12:27:26.0896 0x095c  C:\Windows\SysWOW64\logoncli.dll - ok

12:27:26.0896 0x095c  [ 0CC29BF19B8308F662B705987B0BC248, D66979400DFDDA09A202F0BCF21A8AEE9D476C413147F78B646AE3679C43323F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\4561fc5cf4bb2c5fc4e5f2dfdd708cc5\System.Drawing.ni.dll

12:27:26.0896 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\4561fc5cf4bb2c5fc4e5f2dfdd708cc5\System.Drawing.ni.dll - ok

12:27:26.0896 0x095c  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll

12:27:26.0896 0x095c  C:\Windows\System32\NapiNSP.dll - ok

12:27:26.0906 0x095c  [ C39C53825638E1D68B38A4EB119D8955, 73E9EC561EB4DFB61C464F77FEBA2DEC1060156AF334B31AED556B23697C119E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\31ed5c8de9e5874633d31ed0e933361a\System.Windows.Forms.ni.dll

12:27:26.0906 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\31ed5c8de9e5874633d31ed0e933361a\System.Windows.Forms.ni.dll - ok

12:27:26.0906 0x095c  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll

12:27:26.0906 0x095c  C:\Windows\SysWOW64\samlib.dll - ok

12:27:26.0906 0x095c  [ D1696D5D97A471768170C89AF2290891, 7C59F18B747DA2865BC2B7303A989BBFB81CBE04D3865CFEABF418D78786A333 ] C:\Windows\SysWOW64\findstr.exe

12:27:26.0906 0x095c  C:\Windows\SysWOW64\findstr.exe - ok

12:27:26.0906 0x095c  [ E4B72E71EC37A59FE574A998A0C0EB9B, C17B06C936FC47B6AA5221ABF1DDE283F59E5751BEE9CDBCCBAF25CD4E7232AD ] C:\Windows\SysWOW64\netmsg.dll

12:27:26.0906 0x095c  C:\Windows\SysWOW64\netmsg.dll - ok

12:27:26.0916 0x095c  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll

12:27:26.0916 0x095c  C:\Windows\System32\pnrpnsp.dll - ok

12:27:26.0916 0x095c  [ 14F5C0DB4B2C47874D6C937A5A1B367C, B59C4FB22138F8F0C9B85337D79B8353C9A6722F83CF9DC16F0CDC289379F14A ] C:\Windows\System32\gameux.dll

12:27:26.0916 0x095c  C:\Windows\System32\gameux.dll - ok

12:27:26.0916 0x095c  [ 7945FC22BDCF1609F2DF409832168E05, B63FAEC6F625E228CB982D135708492F05D9FD3D95E4F65DFFF96A1BCE231A6C ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll

12:27:26.0916 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok

12:27:26.0916 0x095c  [ 18A3BD34006BB890DF71303329C7AB67, AEA3107A7F26E9F2E204ECCECDC8D520C0B5DECA440E290B550E20B684BBC2A4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\ad5a04ec60f93380c3fb22752be1a4b9\System.Management.ni.dll

12:27:26.0916 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\ad5a04ec60f93380c3fb22752be1a4b9\System.Management.ni.dll - ok

12:27:26.0926 0x095c  [ 70A2F1FC515AD419DD05AD9F2ED7D367, 759BED313A3A14CE0584618769AD274A8B56CC6CDEBDC0E08AA078E8EA596711 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\9813dd263f886b72f453814fd09909da\System.Configuration.ni.dll

12:27:26.0926 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\9813dd263f886b72f453814fd09909da\System.Configuration.ni.dll - ok

12:27:26.0926 0x095c  [ 53A620A0A07A80933228E3F6B14E7CDA, 55295E8F02C6275EA7800EE0F381C8041C31926ECFE63C53FB0978959E35126A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\56275f052423ae144f155f8a8e1a3818\CustomMarshalers.ni.dll

12:27:26.0926 0x095c  C:\Windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\56275f052423ae144f155f8a8e1a3818\CustomMarshalers.ni.dll - ok

12:27:26.0926 0x095c  [ 92DE29E095FDD1E769242BB3D9D40D33, 09211FD1F90E3371B43358F9C90127F51498DDC2A9D95D235EAD92D8F031A479 ] C:\Windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

12:27:26.0926 0x095c  C:\Windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok

12:27:26.0936 0x095c  [ 46EDD0A6B42BA5D2044FA0909BE4BE95, 0007398C004C9AB40DA086A712AFAF1FB6C8D1D23821628F185ED49B2AD95EF5 ] C:\Windows\System32\msftedit.dll

12:27:26.0936 0x095c  C:\Windows\System32\msftedit.dll - ok

12:27:26.0936 0x095c  [ 7CB3ACB163DE051169095DC6507B8977, 45D4DEB0695440D8B5E959945B3F7A773E02E2AB305E316123A1064FC1905402 ] C:\Windows\System32\msls31.dll

12:27:26.0936 0x095c  C:\Windows\System32\msls31.dll - ok

12:27:26.0936 0x095c  [ 17A7998CB5DA92020A291B85FF7B3681, 239E770C5433E25145DE036BBB23668435E4D1CC49597DB7595141A943EE0499 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

12:27:26.0936 0x095c  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

12:27:26.0936 0x095c  [ 777CC5D91FBD3FF640D0A589D4975FC5, B2C91043952657352FE390F15228F008EA8BB59AA415EC31B12348920630CCD0 ] C:\Windows\System32\ieframe.dll

12:27:26.0936 0x095c  C:\Windows\System32\ieframe.dll - ok

12:27:26.0936 0x095c  [ 045DB4EAB4FBD23210E85ECC3F464A2E, 506D7FAABE12470263502F99D86C81E0EE21C8789132FE1B24774ABDB4484468 ] C:\Windows\SysWOW64\nlaapi.dll

12:27:26.0936 0x095c  C:\Windows\SysWOW64\nlaapi.dll - ok

12:27:26.0946 0x095c  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll

12:27:26.0946 0x095c  C:\Windows\SysWOW64\npmproxy.dll - ok

12:27:26.0946 0x095c  [ AE5FF948400A51B040F999BF04290373, 7D1A0C2C1C2E136DC840979CC3287E6D305E511A8E2E04956A4EC9EBA11E15E5 ] C:\Windows\SysWOW64\winsta.dll

12:27:26.0946 0x095c  C:\Windows\SysWOW64\winsta.dll - ok

12:27:26.0946 0x095c  [ 10E4A1D2132CCB5C6759F038CDB6F3C9, C6A91CBA00BF87CDB064C49ADAAC82255CBEC6FDD48FD21F9B3B96ABF019916B ] C:\Windows\System32\calc.exe

12:27:26.0946 0x095c  C:\Windows\System32\calc.exe - ok

12:27:26.0946 0x095c  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

12:27:26.0946 0x095c  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok

12:27:26.0956 0x095c  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe

12:27:26.0956 0x095c  C:\Program Files\CCleaner\CCleaner64.exe - ok

12:27:26.0956 0x095c  [ 666FEA598D1776C7F8EDD7746F0F7F59, 54E330BCDBAB646B555DACC15F9CFB0AD6A05BF4E273F73C5133259EEE976C21 ] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

12:27:26.0956 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe - ok

12:27:26.0956 0x095c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Felipe\AppData\Local\FluxSoftware\Flux\flux.exe

12:27:26.0956 0x095c  C:\Users\Felipe\AppData\Local\FluxSoftware\Flux\flux.exe - ok

12:27:26.0966 0x095c  [ 4BA6116A63C53A64AAF044BCCA71FEDA, AA144B2A0303A5740F87A24B8A906C0F54828390BC333D146C07AA35F21962BF ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

12:27:26.0966 0x095c  C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok

12:27:26.0966 0x095c  [ 61E02CC3184B63FAFE0B83EAC8B3B8EF, 006E453C901E2D3ED53D359087071145D27AE4CFFEBD5C6EDCFEFB17DFF27F15 ] C:\Windows\SysWOW64\winspool.drv

12:27:26.0966 0x095c  C:\Windows\SysWOW64\winspool.drv - ok

12:27:26.0966 0x095c  [ 3819AD4329303EAC88480CA16A650735, FBE665BEE15A334851AF4BF9969C8BC21B3F0254CAA5E21E67D7843D4171E675 ] C:\Windows\System32\UIAnimation.dll

12:27:26.0966 0x095c  C:\Windows\System32\UIAnimation.dll - ok

12:27:26.0966 0x095c  [ F468C806267D46B68DB7EB32FBF0A103, 6454E84A39E4B6E11BEC99357ADBD1CA039F7BBDDF9036ACD8F3B0AB6608A60B ] C:\Windows\System32\thumbcache.dll

12:27:26.0966 0x095c  C:\Windows\System32\thumbcache.dll - ok

12:27:26.0976 0x095c  [ C7CA74A7F624E8F57F3D62D9B59CC0FB, 1E83C1A2F6F2B7080C7FEFCCFF1FDE4BB14AA8A57E851817C92A6F1C946CA17A ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

12:27:26.0976 0x095c  C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok

12:27:26.0976 0x095c  [ FE3AAA7DADB9469450276217FCDF89A2, 6A020D080B26F5047AAD80F7C3A39FFAF7392833FA39924295F735D615124A07 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll

12:27:26.0976 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll - ok

12:27:26.0976 0x095c  [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe

12:27:26.0976 0x095c  C:\Windows\System32\notepad.exe - ok

12:27:26.0976 0x095c  [ DD76912E8D165C68659D9875256710A3, 0DDD342EBCC2EE2D023FF6E94A2DB2822A5CC38C747A9226B253BF99F8BCF639 ] C:\Windows\System32\DeviceCenter.dll

12:27:26.0976 0x095c  C:\Windows\System32\DeviceCenter.dll - ok

12:27:26.0986 0x095c  [ 8BC7AE7E16458355508ECF5EC3A04E72, 39FE3D8E0D42D51809E33160DEA291E732615DB1C6EA24558B3731349F6F9A2E ] C:\Windows\System32\networkexplorer.dll

12:27:26.0986 0x095c  C:\Windows\System32\networkexplorer.dll - ok

12:27:26.0986 0x095c  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll

12:27:26.0986 0x095c  C:\Windows\System32\drprov.dll - ok

12:27:26.0986 0x095c  [ 7273921B6DDFEFF3A8567B9800C5673A, DBDC60F5BDBB8428537452893A0ED76695D18F98218911B84A37ABE133BBECA2 ] C:\Windows\System32\ntlanman.dll

12:27:26.0986 0x095c  C:\Windows\System32\ntlanman.dll - ok

12:27:26.0986 0x095c  [ 016544B452E6FDB54CD108D0248DB2B1, 1BCF1EA53C875583DD86D0E37CAB97E8385EF3548EC374C6EB215BA75D91AA34 ] C:\Windows\System32\davclnt.dll

12:27:26.0986 0x095c  C:\Windows\System32\davclnt.dll - ok

12:27:26.0996 0x095c  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll

12:27:26.0996 0x095c  C:\Windows\System32\davhlpr.dll - ok

12:27:26.0996 0x095c  [ 60CC15392FF14DCB9C29C69B3233741B, 458FB3DCDC4828D5C5625517D074795A706A545FB8D0FF46C5981A118D846A66 ] C:\Windows\System32\stobject.dll

12:27:26.0996 0x095c  C:\Windows\System32\stobject.dll - ok

12:27:26.0996 0x095c  [ 86B6AC0FD2881B3D20B80F51C7152AE0, BF1A04E0B00159925E716CD3A72CD40FD4BDD7D05684932A91629373CE524186 ] C:\Windows\System32\batmeter.dll

12:27:26.0996 0x095c  C:\Windows\System32\batmeter.dll - ok

12:27:27.0006 0x095c  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll

12:27:27.0006 0x095c  C:\Windows\System32\dsound.dll - ok

12:27:27.0006 0x095c  [ 30F9BACA07F8251D7DD1805A9E919CE0, 7B6569B744EA9700957510CDDC8F02E7F47B99564B03E4784AA44EA89B750288 ] C:\Windows\System32\wdmaud.drv

12:27:27.0006 0x095c  C:\Windows\System32\wdmaud.drv - ok

12:27:27.0006 0x095c  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll

12:27:27.0006 0x095c  C:\Windows\System32\ksuser.dll - ok

12:27:27.0016 0x095c  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll

12:27:27.0016 0x095c  C:\Windows\System32\oledlg.dll - ok

12:27:27.0016 0x095c  [ 198552AEFECA69D646867EC8D792DE95, 6978D5205387391748EE7E9FACF1AE607C37FBFD83B77CB632DD772F8D71A165 ] C:\Windows\SysWOW64\ddraw.dll

12:27:27.0016 0x095c  C:\Windows\SysWOW64\ddraw.dll - ok

12:27:27.0016 0x095c  [ 55E5B32AE8D1F51A63C82919656FD275, 1E32D9471902F0743BF234466E44A7ECCF7B55618A2D42F9B0902AD591133700 ] C:\Windows\SysWOW64\dciman32.dll

12:27:27.0016 0x095c  C:\Windows\SysWOW64\dciman32.dll - ok

12:27:27.0016 0x095c  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll

12:27:27.0016 0x095c  C:\Windows\SysWOW64\wsock32.dll - ok

12:27:27.0026 0x095c  [ B62AA1BB1F63839051441D2C6DD7B775, 24151B24FC959830A454B7B59850E3F88AEBB3289AA1113C590FA7662122C8DF ] C:\Windows\SysWOW64\comctl32.dll

12:27:27.0026 0x095c  C:\Windows\SysWOW64\comctl32.dll - ok

12:27:27.0026 0x095c  [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll

12:27:27.0026 0x095c  C:\Windows\SysWOW64\dxva2.dll - ok

12:27:27.0026 0x095c  [ D6692338B985D4A0CA52B828314D897D, CB0B7C84C1E2782A95489E2F4D2AF4CFDAC02676B76F49FF7D6A7091739EA25D ] C:\Windows\SysWOW64\drprov.dll

12:27:27.0026 0x095c  C:\Windows\SysWOW64\drprov.dll - ok

12:27:27.0026 0x095c  [ 06018B349666595970E15397E78A0D77, 67B988C20BFACF38BC75BF666CF063D685057DF20C8132138CCB26118C9CDDF7 ] C:\Windows\SysWOW64\ntlanman.dll

12:27:27.0026 0x095c  C:\Windows\SysWOW64\ntlanman.dll - ok

12:27:27.0036 0x095c  [ 44F7AC99B73AF64884A67F17D9E0A773, 06E668381BF3B9EE473C3E1C50556E522DE7BC3358376C01AE24C72D64632CC0 ] C:\Windows\SysWOW64\davclnt.dll

12:27:27.0036 0x095c  C:\Windows\SysWOW64\davclnt.dll - ok

12:27:27.0036 0x095c  [ 179BECE8D1A4C488DDB7191FF9BE3FB0, F91ABCB67A2AFD471A9B94AA2B9C46AAEF606266DC2276E81A6D0832566162A5 ] C:\Windows\SysWOW64\davhlpr.dll

12:27:27.0036 0x095c  C:\Windows\SysWOW64\davhlpr.dll - ok

12:27:27.0036 0x095c  [ ACCBA604D34842844133A731F8045B32, F4F7987A7A06823B8D34BD1D54390F33A4523C934F289ED2A5EBB457B16329F2 ] C:\Windows\SysWOW64\sxs.dll

12:27:27.0036 0x095c  C:\Windows\SysWOW64\sxs.dll - ok

12:27:27.0036 0x095c  [ FE130D15D71AC16EFFDF1397F2AF1653, 36E051C55BF2DDD18E04F75B06A24A68F36C3C24F7DF551A654ABC55595781E4 ] C:\Windows\System32\esent.dll

12:27:27.0036 0x095c  C:\Windows\System32\esent.dll - ok

12:27:27.0046 0x095c  [ 81D64E8D70E5FBF9F7ABF2D41154F54D, 878E5A32AF0E7633830FE313CF9319DE3EBE0A9AA78DCDD525C0A3500A698CB6 ] C:\Windows\System32\AudioSes.dll

12:27:27.0046 0x095c  C:\Windows\System32\AudioSes.dll - ok

12:27:27.0046 0x095c  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll

12:27:27.0046 0x095c  C:\Windows\System32\msacm32.dll - ok

12:27:27.0046 0x095c  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv

12:27:27.0046 0x095c  C:\Windows\System32\msacm32.drv - ok

12:27:27.0046 0x095c  [ 651F169718CC46C8A9264880C538D5FF, D93EB53F909EA1120D647BA672481E0150CD3EC3C86D4B80BDC0E4670D34D2D9 ] C:\Windows\System32\prnfldr.dll

12:27:27.0046 0x095c  C:\Windows\System32\prnfldr.dll - ok

12:27:27.0056 0x095c  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll

12:27:27.0056 0x095c  C:\Windows\System32\midimap.dll - ok

12:27:27.0056 0x095c  [ DB8BF64BE3932ADC407505D21C4F2C2C, 416DB653C86C9808FE8903B8A861E16AC38DF9239FF5382059421DBB48632924 ] C:\Windows\System32\fdProxy.dll

12:27:27.0056 0x095c  C:\Windows\System32\fdProxy.dll - ok

12:27:27.0056 0x095c  [ 8886E0697B0A93C521F99099EF643450, D73F7EE4E6E992A618D02580BDBF4FD6BA7C683D110928001092F4073341E95F ] C:\Windows\System32\wscript.exe

12:27:27.0056 0x095c  C:\Windows\System32\wscript.exe - ok

12:27:27.0056 0x095c  [ BEF8BE93965EC65C51D70030B9B6B058, 93609F1C460FB778E4AE7809455FEBBA3476DCCA7C14A461066767442E166F8A ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe

12:27:27.0056 0x095c  C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok

12:27:27.0066 0x095c  [ 7DBB5FCBADF03AEAE39031AC365089CF, 67B019EAC629C35D40445FF63E720C5438AD5382CBFE2A1E63575A156FADC6B2 ] C:\Windows\SysWOW64\nvd3dum.dll

12:27:27.0066 0x095c  C:\Windows\SysWOW64\nvd3dum.dll - ok

12:27:27.0106 0x095c  [ 913C2E4A03201644FC986EDEB5F8A390, C635EE4A2A309EB8C550F6F0B1A0723AA7317C9B3396641D9EA9231255944C6F ] C:\Windows\System32\DXP.dll

12:27:27.0106 0x095c  C:\Windows\System32\DXP.dll - ok

12:27:27.0106 0x095c  [ FFECCD3CB8BC0821A43A372D85E4B63C, 7598F4A28131E0EEB1F1D09660DA8772002B27D969E92B3E377771A1D5534239 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll

12:27:27.0106 0x095c  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok

12:27:27.0116 0x095c  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll

12:27:27.0116 0x095c  C:\Windows\System32\mlang.dll - ok

12:27:27.0116 0x095c  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll

12:27:27.0116 0x095c  C:\Windows\System32\AltTab.dll - ok

12:27:27.0126 0x095c  [ FD4F95ABDE5603478C929B6CB0BDCFFF, 9CDF8BD864CB5714CC2CF7F7A5612FEEDDAE6B92DD14F794946E565F235AA59F ] C:\Windows\System32\pnidui.dll

12:27:27.0126 0x095c  C:\Windows\System32\pnidui.dll - ok

12:27:27.0126 0x095c  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll

12:27:27.0126 0x095c  C:\Windows\System32\RtkCfg64.dll - ok

12:27:27.0136 0x095c  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll

12:27:27.0136 0x095c  C:\Windows\System32\AudioEng.dll - ok

12:27:27.0136 0x095c  [ 5BACFD51D926774C8DD8028BEC9B4374, FD8A8FCF5C1D869864145FBBED7C2DABADD368E4E5B755821FFC4812C0EACF9F ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe

12:27:27.0136 0x095c  C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok

12:27:27.0136 0x095c  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll

12:27:27.0136 0x095c  C:\Windows\SysWOW64\powrprof.dll - ok

12:27:27.0136 0x095c  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll

12:27:27.0136 0x095c  C:\Windows\SysWOW64\rasapi32.dll - ok

12:27:27.0146 0x095c  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll

12:27:27.0146 0x095c  C:\Windows\SysWOW64\rasman.dll - ok

12:27:27.0146 0x095c  [ 2DD44566FF92EC81726C5FAFEFA3FE8B, A8F49AF8B443A8FCF10B6A7C2A52154760A2A8370028E89073E740E000B95D1F ] C:\Windows\SysWOW64\rtutils.dll

12:27:27.0146 0x095c  C:\Windows\SysWOW64\rtutils.dll - ok

12:27:27.0146 0x095c  [ 0A53FD4EBBD92002CCC362A9B8087885, C6392C7B557C096A9E98D791D85869DE45636DBA99BF6ECFE7A2CE235BA56396 ] C:\Windows\SysWOW64\schannel.dll

12:27:27.0146 0x095c  C:\Windows\SysWOW64\schannel.dll - ok

12:27:27.0146 0x095c  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll

12:27:27.0146 0x095c  C:\Windows\SysWOW64\SensApi.dll - ok

12:27:27.0156 0x095c  [ 61DC2C38CEC0B2DF22B09F1A6E0B00DD, F9985D872A3A93C937C63AD489DAB3D4A81926289F5E42A39DFB9D04222E5745 ] C:\Windows\SysWOW64\mscat32.dll

12:27:27.0156 0x095c  C:\Windows\SysWOW64\mscat32.dll - ok

12:27:27.0156 0x095c  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll

12:27:27.0156 0x095c  C:\Windows\SysWOW64\winrnr.dll - ok

12:27:27.0156 0x095c  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll

12:27:27.0156 0x095c  C:\Windows\SysWOW64\NapiNSP.dll - ok

12:27:27.0156 0x095c  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll

12:27:27.0156 0x095c  C:\Windows\SysWOW64\pnrpnsp.dll - ok

12:27:27.0156 0x095c  [ BC34B8831FAE17E5E7BD8318EDDC90BB, E74E785D24AF719DBB1FA578081B044DEA3D08197FBBC1215AAE965AD304176B ] C:\Windows\System32\RtkAPO64.dll

12:27:27.0156 0x095c  C:\Windows\System32\RtkAPO64.dll - ok

12:27:27.0166 0x095c  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll

12:27:27.0166 0x095c  C:\Windows\System32\AUDIOKSE.dll - ok

12:27:27.0166 0x095c  [ 2E5B4A993514375DC6092DD211262757, 70D0AB3C281F62BC69997F0445B2DFED56429F6371A58487107A2A70EA1DB187 ] C:\Windows\System32\MBWrp64.dll

12:27:27.0166 0x095c  C:\Windows\System32\MBWrp64.dll - ok

12:27:27.0166 0x095c  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll

12:27:27.0166 0x095c  C:\Windows\System32\WMALFXGFXDSP.dll - ok

12:27:27.0166 0x095c  [ BD03C64C4B1F34D1F330BF6C4AC8113D, CA229A40A8073BFB067F8110E4FF9ECF398131FB5AE225F9477E79049817B3DD ] C:\Windows\System32\QUTIL.DLL

12:27:27.0166 0x095c  C:\Windows\System32\QUTIL.DLL - ok

12:27:27.0176 0x095c  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll

12:27:27.0176 0x095c  C:\Windows\System32\Syncreg.dll - ok

12:27:27.0176 0x095c  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll

12:27:27.0176 0x095c  C:\Windows\ehome\ehSSO.dll - ok

12:27:27.0176 0x095c  [ 04D16553664796613FE98D441A0C35D7, EC9D4B3B8F8B0C3EE01D18CDF5BE9EF216AC9BBB1FB64A63D5013BD9AFB2A606 ] C:\Windows\SysWOW64\cryptnet.dll

12:27:27.0176 0x095c  C:\Windows\SysWOW64\cryptnet.dll - ok

12:27:27.0176 0x095c  [ 8BC00C736E67A75D936E5B440917359B, 66809F59D064113763DA75F68F5BD0874CB3A954BD4FF6E28BBF0BF311984E89 ] C:\Windows\System32\ActionCenter.dll

12:27:27.0176 0x095c  C:\Windows\System32\ActionCenter.dll - ok

12:27:27.0186 0x095c  [ DEF30CBEA881149C2AFFDF9A059FB759, F0F4DFBD8B6B80FFE3F019380E44EFD276FBD1A99E6135088E042E78EC2C6515 ] C:\Windows\SysWOW64\cabinet.dll

12:27:27.0186 0x095c  C:\Windows\SysWOW64\cabinet.dll - ok

12:27:27.0186 0x095c  [ 458F4590F80563EB2A0A72709BFC2BD9, FF923C051AE380BF30D749EBE9CF310CCAB6572D84EB81B76FB1012BCBDF557F ] C:\Windows\System32\mspaint.exe

12:27:27.0186 0x095c  C:\Windows\System32\mspaint.exe - ok

12:27:27.0186 0x095c  [ 15993E1B59155396D0C7A715E01B6794, 917BB8642DC742D18E78872A39A3550950338B3FB60DF90F85E5CF789999834C ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll

12:27:27.0186 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll - ok

12:27:27.0186 0x095c  [ AFC249D4D5FA80D6EF217273D06AD40E, 0F0DDBCF269DE35E716855B93017B90B8B38C0A4397B58578691E56B6AC89388 ] C:\Program Files (x86)\TeamViewer\TeamViewer.exe

12:27:27.0186 0x095c  C:\Program Files (x86)\TeamViewer\TeamViewer.exe - ok

12:27:27.0196 0x095c  [ A279A2F156FCF9DFFE97AFFBCCBCC3B9, 6EBA9D08595FB75E612952E99DCCA8B2307D8DEFA2967B3718510C7D2B915FE3 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll

12:27:27.0196 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll - ok

12:27:27.0196 0x095c  [ 88159DE43F8FE73BA24FAB57BCC89A5D, 94B59730EF880C06CB63F70CC3F2DEB5A0294EF391DB0C61D758FCCA2D94D0D9 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll

12:27:27.0196 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll - ok

12:27:27.0196 0x095c  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll

12:27:27.0196 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll - ok

12:27:27.0206 0x095c  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll

12:27:27.0206 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll - ok

12:27:27.0206 0x095c  [ 6D63411859DB49FB65EEE95A6691F6DB, 96F34CDA2214CBD73FAA91990497A90B2F2F5F54CA9BC1254531F4A6EAA92FE9 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll

12:27:27.0206 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll - ok

12:27:27.0206 0x095c  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll

12:27:27.0206 0x095c  C:\Windows\System32\mfplat.dll - ok

12:27:27.0206 0x095c  [ 66920354B984D4A3848A84B4E66745EA, 3F98352A38512C81FAF2C3FE6F00D766B33111A0EA5F7B43B0DBF5A2952B5F79 ] C:\Windows\System32\netshell.dll

12:27:27.0206 0x095c  C:\Windows\System32\netshell.dll - ok

12:27:27.0216 0x095c  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll

12:27:27.0216 0x095c  C:\Windows\System32\FXSST.dll - ok

12:27:27.0216 0x095c  [ 34E6D8C67E7FD7C917BECFECA326B168, 23A0BD68C969E795DA55041982672550DC1557BC64D3C42D76AFD6A3F83AD33F ] C:\Windows\System32\FXSAPI.dll

12:27:27.0216 0x095c  C:\Windows\System32\FXSAPI.dll - ok

12:27:27.0216 0x095c  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll

12:27:27.0216 0x095c  C:\Windows\System32\FXSRESM.dll - ok

12:27:27.0216 0x095c  [ 205B7034B64DE5A68DEB96B47B7E889B, 7D1330631B6802F4DB7E60324C18015C4E414DC73EC6AFC7EC576B30E3902AE7 ] C:\Windows\SysWOW64\mscms.dll

12:27:27.0216 0x095c  C:\Windows\SysWOW64\mscms.dll - ok

12:27:27.0226 0x095c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe

12:27:27.0226 0x095c  C:\Windows\System32\rundll32.exe - ok

12:27:27.0226 0x095c  [ 88781403D232AF2BE781AC12856BC533, 10F77F6E0D50F0869BB4A9904BC2B6CF440F8603BAB9DB6E987B87CE2D0BB345 ] C:\Windows\System32\Wpc.dll

12:27:27.0226 0x095c  C:\Windows\System32\Wpc.dll - ok

12:27:27.0226 0x095c  [ 92AAF75C3EB344A098DC026BC9DDF42A, 1E47DCB47C9543452013E98B457E6A4DA21FF6F38BA551A87D8A42C5645F35CA ] C:\Windows\System32\bthprops.cpl

12:27:27.0226 0x095c  C:\Windows\System32\bthprops.cpl - ok

12:27:27.0226 0x095c  [ D04812703886D98EF66CEEDCAEC12A71, B567E86FF0753CE99FE6C1746EA13958324F0DD4B05E0FF4604CA21F904DD9B5 ] C:\Windows\System32\url.dll

12:27:27.0226 0x095c  C:\Windows\System32\url.dll - ok

12:27:27.0226 0x095c  [ D558E09CFB4E933F66B8D24178519300, 7ED49CCFD214FA975B8A390187A76D02B79937CFB0685695EBD4F02548B223EE ] C:\Windows\Branding\ShellBrd\shellbrd.dll

12:27:27.0226 0x095c  C:\Windows\Branding\ShellBrd\shellbrd.dll - ok

12:27:27.0236 0x095c  [ AB01C36BCC34CCFE5B0BB5FFB2605135, 214D133CE85504AF924D1CE00FC10DD80E8397C6E1994841EAE78008FAAAE661 ] C:\Windows\System32\WPDShServiceObj.dll

12:27:27.0236 0x095c  C:\Windows\System32\WPDShServiceObj.dll - ok

12:27:27.0236 0x095c  [ BD4C1D83353BFB80F6BA019F6D0BA95B, D1B59736645DDE0FF52C26C9D27CE704AE1C8E40928193F6CB8495762E94C3D0 ] C:\Windows\ehome\ehshell.exe

12:27:27.0236 0x095c  C:\Windows\ehome\ehshell.exe - ok

12:27:27.0236 0x095c  [ A94F27898365A15C2AD064F2B7120A2E, 716432B309BDA8358C700B3E7680C1FE051908BF546786DB3B2912C73937C95A ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe

12:27:27.0236 0x095c  C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe - ok

12:27:27.0236 0x095c  [ DE9F102F38A2B9AC6E9DAEED30B276E6, 98BB414CA262693345E64EAEA25B940D7AD02B24BEBAC4AD1CD5A63DABA5EE0C ] C:\Program Files (x86)\Skype\Phone\Skype.exe

12:27:27.0236 0x095c  C:\Program Files (x86)\Skype\Phone\Skype.exe - ok

12:27:27.0246 0x095c  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

12:27:27.0246 0x095c  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

12:27:27.0246 0x095c  [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

12:27:27.0246 0x095c  C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok

12:27:27.0246 0x095c  [ 128DD9AF8640DBCC711940903C8B554F, 46E9715F3CD09F32FBEAA5379991E9E7DACCBD2407C2D061FDA3A04F05108133 ] C:\Windows\SysWOW64\mscoree.dll

12:27:27.0246 0x095c  C:\Windows\SysWOW64\mscoree.dll - ok

12:27:27.0256 0x095c  [ 40754D93AEB60577897FADEE6941B2B1, 150D74C7EFE5C06CDE603E1A9C6DBA89FC83B86F2E94BBEA92C3D9CEC9373142 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe

12:27:27.0256 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe - ok

12:27:27.0256 0x095c  [ A223CF703E28CBD7E9E7982141FA403C, EF6D32CD7EACE2F67B2819000D1A7D7127DBCE36BAE76541B6B2D7C075502F93 ] C:\Windows\SysWOW64\comdlg32.dll

12:27:27.0256 0x095c  C:\Windows\SysWOW64\comdlg32.dll - ok

12:27:27.0256 0x095c  [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2, 1E2084BB76072596AB2E846DB45318453E1C82C1141385B7D73A1AD5EB30E8BD ] C:\Windows\SysWOW64\sti.dll

12:27:27.0256 0x095c  C:\Windows\SysWOW64\sti.dll - ok

12:27:27.0256 0x095c  [ 79EA94E7A55E673B1E5202E666B61EC2, EA3842A12007730551C981D8C28149515B23B822697FD883E4387A0CAE1809BB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

12:27:27.0256 0x095c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

12:27:27.0256 0x095c  [ 7A97AA40D8A3DA4A9095873C72D524C5, 00D2CE2C35E8F2D31C2A8778C6E8846BE3D1467CD1E66AA494571A14DEA0E4D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

12:27:27.0256 0x095c  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok

12:27:27.0266 0x095c  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe

12:27:27.0266 0x095c  C:\Windows\System32\StikyNot.exe - ok

12:27:27.0266 0x095c  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll

12:27:27.0266 0x095c  C:\Windows\System32\PortableDeviceTypes.dll - ok

12:27:27.0266 0x095c  [ 2C5B8A680A90E96B1EC0D6DA0505E685, 7E81B078A0BB75B1345FF6164D1EA6F6F6784435B92124C99318D6BAB29B3F8B ] C:\Windows\System32\srchadmin.dll

12:27:27.0266 0x095c  C:\Windows\System32\srchadmin.dll - ok

12:27:27.0266 0x095c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll

12:27:27.0266 0x095c  C:\Windows\System32\netman.dll - ok

12:27:27.0276 0x095c  [ 7633F554EEAFDE7F144B41C2FCAF5F63, 890884C7FE7D037E6DEBD21D1877E9C9C5E7790CDBA007DDB219AE6A55667F78 ] C:\Windows\System32\SnippingTool.exe

12:27:27.0276 0x095c  C:\Windows\System32\SnippingTool.exe - ok

12:27:27.0276 0x095c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] C:\Windows\System32\FXSSVC.exe

12:27:27.0276 0x095c  C:\Windows\System32\FXSSVC.exe - ok

12:27:27.0286 0x095c  [ 8886E0697B0A93C521F99099EF643450, D73F7EE4E6E992A618D02580BDBF4FD6BA7C683D110928001092F4073341E95F ] C:\Users\Felipe\AppData\Roaming\dfenqkn\qmpvisv64.exe

12:27:27.0286 0x095c  C:\Users\Felipe\AppData\Roaming\dfenqkn\qmpvisv64.exe - ok

12:27:27.0286 0x095c  [ AD31942BDF3D594C404874613BC2FE4D, 704F4A48FA91B8A22604FF740B506C3B28766F8DFADB9D11814602FAA00EDFAB ] C:\Windows\System32\SearchIndexer.exe

12:27:27.0286 0x095c  C:\Windows\System32\SearchIndexer.exe - ok

12:27:27.0286 0x095c  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll

12:27:27.0286 0x095c  C:\Windows\System32\rasdlg.dll - ok

12:27:27.0286 0x095c  [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] C:\Program Files\CCleaner\CCleaner.exe

12:27:27.0286 0x095c  C:\Program Files\CCleaner\CCleaner.exe - ok

12:27:27.0296 0x095c  [ B11F7DB91E12BBCA71BE88BFB2120FAF, 5A5359127E002726D276BBA885212E9EDC4FACFA8C1F57471E31E2020A8BF88E ] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

12:27:27.0296 0x095c  C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll - ok

12:27:27.0296 0x095c  [ 114429A77D935053E13A9BF98A8B8CA1, 6120CF8EC6D2F262A3FCB0C0BB185DA8BE5F4D5FF6A114D8F54CC13535C31EE5 ] C:\Windows\System32\mprapi.dll

12:27:27.0296 0x095c  C:\Windows\System32\mprapi.dll - ok

12:27:27.0296 0x095c  [ F87A7BB428E4AC68D348DF600F1EA1A2, 83A4A7871F9D314348CFFA0DF73ADCD77C2CA8F8D227D75604AC23AD339B5A34 ] C:\Windows\System32\tquery.dll

12:27:27.0296 0x095c  C:\Windows\System32\tquery.dll - ok

12:27:27.0306 0x095c  [ 26A634B2E0FD87F23541AD13A503CA72, B4D6CA0EADA9862493C449A8532C4033F11CE835E048857BF604DB9D893C0943 ] C:\Windows\SysWOW64\winmm.dll

12:27:27.0306 0x095c  C:\Windows\SysWOW64\winmm.dll - ok

12:27:27.0306 0x095c  [ BB68579E181956E37EB11F9083C01CF3, 969920A2137BAC81810A7F635A0C486892D66E95C49E7EC54ABB93FC52071788 ] C:\Windows\System32\dot3api.dll

12:27:27.0306 0x095c  C:\Windows\System32\dot3api.dll - ok

12:27:27.0306 0x095c  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll

12:27:27.0306 0x095c  C:\Windows\System32\wlanhlp.dll - ok

12:27:27.0306 0x095c  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll

12:27:27.0306 0x095c  C:\Windows\System32\wlanapi.dll - ok

12:27:27.0316 0x095c  [ D2B0D1C2BE5ECA80387F7CB8626DCAFE, 14A269EB190CCF290BECEAC4A7B63B1312ED208F839A6C7B8E4BF74A786CE271 ] C:\Windows\System32\onex.dll

12:27:27.0316 0x095c  C:\Windows\System32\onex.dll - ok

12:27:27.0316 0x095c  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll

12:27:27.0316 0x095c  C:\Windows\System32\wlanutil.dll - ok

12:27:27.0316 0x095c  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll

12:27:27.0316 0x095c  C:\Windows\System32\eappcfg.dll - ok

12:27:27.0326 0x095c  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll

12:27:27.0326 0x095c  C:\Windows\System32\eappprxy.dll - ok

12:27:27.0326 0x095c  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll

12:27:27.0326 0x095c  C:\Windows\System32\WWanAPI.dll - ok

12:27:27.0326 0x095c  [ 78A6501E4E37118C568A606623A275BB, 4A3E9FB21F848FF9B679973499A9B2080FBBF1E551A8FD56FC3B777FDD46B999 ] C:\Windows\System32\mssrch.dll

12:27:27.0326 0x095c  C:\Windows\System32\mssrch.dll - ok

12:27:27.0326 0x095c  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll

12:27:27.0326 0x095c  C:\Windows\System32\wwapi.dll - ok

12:27:27.0336 0x095c  [ 0B9F7D42D745038437FAE70D97F9AD5A, D690FC5DC287D29A2FA4C2AA820E09D57B5B513C2B1FB07BFBC7E59577887DB0 ] C:\Windows\System32\QAGENT.DLL

12:27:27.0336 0x095c  C:\Windows\System32\QAGENT.DLL - ok

12:27:27.0336 0x095c  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll

12:27:27.0336 0x095c  C:\Windows\System32\msidle.dll - ok

12:27:27.0336 0x095c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] C:\Windows\System32\qmgr.dll

12:27:27.0336 0x095c  C:\Windows\System32\qmgr.dll - ok

12:27:27.0336 0x095c  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll

12:27:27.0336 0x095c  C:\Windows\System32\mssprxy.dll - ok

12:27:27.0346 0x095c  [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll

12:27:27.0346 0x095c  C:\Windows\System32\bitsigd.dll - ok

12:27:27.0346 0x095c  [ 4E75477E8BFA55C6F1F2688FB553F0C5, DE9880626EBC13AB07609567060A11316BA4532FB316BBCC6A6E8086E3843D62 ] C:\Windows\System32\bitsperf.dll

12:27:27.0346 0x095c  C:\Windows\System32\bitsperf.dll - ok

12:27:27.0346 0x095c  [ 46EA507EE79269C0272F10BFBE9316C9, EC56301725056F70AE146189EE72191150D5F5FFBA7FA7E1EFC4745AA73DE32A ] C:\Windows\System32\upnp.dll

12:27:27.0346 0x095c  C:\Windows\System32\upnp.dll - ok

12:27:27.0346 0x095c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll

12:27:27.0346 0x095c  C:\Windows\System32\ssdpsrv.dll - ok

12:27:27.0346 0x095c  [ 4DE53F972F6C234BE770D771D7C3BF4B, 7B1EAFF262CB947F39609AA61124E60FD28DCD3CCD592DA5826588D3ECDA1E8F ] D:\User2016\Desktop\FRST64.exe

12:27:27.0346 0x095c  D:\User2016\Desktop\FRST64.exe - ok

12:27:27.0356 0x095c  [ AC5DF873913B00E554D8F553459BC431, 86FC6E15BD67AEB714E44C088EDA1C17BAC25A1EC67A518A05878D594F293394 ] C:\Windows\System32\qmgrprxy.dll

12:27:27.0356 0x095c  C:\Windows\System32\qmgrprxy.dll - ok

12:27:27.0356 0x095c  [ 85B45B4B285B159ACDB355FC8C1E8925, EBB4A5472306A284D3A845347E2A79B13EFCCBA86705E1D49DE8AC44D8D06112 ] C:\Windows\SysWOW64\qmgrprxy.dll

12:27:27.0356 0x095c  C:\Windows\SysWOW64\qmgrprxy.dll - ok

12:27:27.0356 0x095c  [ EDB57065790B62EF83BE117AD3EDFDE2, D1DCCEF8FA78B7F44966A59C86A0C5C02F810F73CAF10BA549752691F98DB904 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll

12:27:27.0356 0x095c  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll - ok

12:27:27.0356 0x095c  [ D436FF2CBB5653E376A65F7A8874AC04, E5EC8488B1AA4E8161A46886BF1FC89B6C18CB22DBF782870924BC7CD522C66B ] C:\Windows\SysWOW64\d3d11.dll

12:27:27.0356 0x095c  C:\Windows\SysWOW64\d3d11.dll - ok

12:27:27.0366 0x095c  [ A98D23910862BE46A333D9EB1398C57E, 7D41D341F9C13D57CB87D223BB8FF856F070B5134C718F807E978FF3227F2E24 ] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

12:27:27.0366 0x095c  C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe - ok

12:27:27.0366 0x095c  [ DD76301614636306414EFA94A9AC5A03, D84F407CB32FE495844EEB90C156CEE191E005EB89F4D349426A34C04DC019B9 ] C:\Windows\SysWOW64\dxgi.dll

12:27:27.0366 0x095c  C:\Windows\SysWOW64\dxgi.dll - ok

12:27:27.0366 0x095c  [ 28D2B08D3D33670B0D010ED2BA2AB513, 183729409813BA5A8501A581979530BFDDBABE5617DA1588EB8FEFDCFCBA5D7E ] C:\Windows\SysWOW64\vcomp100.dll

12:27:27.0366 0x095c  C:\Windows\SysWOW64\vcomp100.dll - ok

12:27:27.0376 0x095c  [ 68AFB4DDFCB224B4335F8EF9D52692E1, 4364D67995393EFA7896D9A5C6C683EA420DC418F062EC218F6F13B78B80FD3A ] C:\Program Files (x86)\ControlCenter4\BrCcDevMan.dll

12:27:27.0376 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcDevMan.dll - ok

12:27:27.0376 0x095c  [ 7459301D21C2E21468823F73042D9F87, 74CF393FDA910EBF50F5EE74DF001F29467FE83F0457895FB267518A8504800B ] C:\Windows\SysWOW64\d3d9.dll

12:27:27.0376 0x095c  C:\Windows\SysWOW64\d3d9.dll - ok

12:27:27.0376 0x095c  [ 92B214B7E5436A3310A9138CE4A03D23, 78E1B75D8109CC4B0C6CEC76251E99AF4082A2AE08968E733890342981AA0962 ] C:\Windows\SysWOW64\esent.dll

12:27:27.0376 0x095c  C:\Windows\SysWOW64\esent.dll - ok

12:27:27.0376 0x095c  [ 0C11EC4EB99ED67F260B059D9FC924E2, 721C21C4C014C1933BE970ED555E2453A084C532F2BD67F2614AECFA0F0CFA48 ] C:\Windows\System32\jscript.dll

12:27:27.0376 0x095c  C:\Windows\System32\jscript.dll - ok

12:27:27.0386 0x095c  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll

12:27:27.0386 0x095c  C:\Windows\SysWOW64\d3d8thk.dll - ok

12:27:27.0386 0x095c  [ F3F571288CDE445881102E385BF3471F, A6BD9FD8E9D1DBA14334DB442B7FD6BB06F58201DB720A7AA006530F76FC26EB ] C:\Windows\SysWOW64\Magnification.dll

12:27:27.0386 0x095c  C:\Windows\SysWOW64\Magnification.dll - ok

12:27:27.0386 0x095c  [ 2DEEB96A0957BD058753FF250E85EF49, ABBC70ADA045C12F7100438B7A3FAFB0BC6900FF67668FEFEE96DD09F663E2D5 ] C:\Windows\SysWOW64\msvfw32.dll

12:27:27.0386 0x095c  C:\Windows\SysWOW64\msvfw32.dll - ok

12:27:27.0386 0x095c  [ 98A48B1A4B9A9C4E54316BC490D42F3D, 11D097D6A4D81470B7586D1D3F28B0179D514173AA675643895893EEAD446925 ] C:\Windows\SysWOW64\quartz.dll

12:27:27.0386 0x095c  C:\Windows\SysWOW64\quartz.dll - ok

12:27:27.0386 0x095c  [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

12:27:27.0386 0x095c  C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe - ok

12:27:27.0396 0x095c  [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll

12:27:27.0396 0x095c  C:\Windows\SysWOW64\avicap32.dll - ok

12:27:27.0396 0x095c  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll

12:27:27.0396 0x095c  C:\Windows\SysWOW64\oledlg.dll - ok

12:27:27.0396 0x095c  [ 84F746D32DBFF7588D08BDDDB07338D9, B08836ED600354CD14BCE72C4F26C9F3EF88D2264045EBDE49093BDE5F308ECD ] C:\Program Files (x86)\TeamViewer\TeamViewer_Resource_en.dll

12:27:27.0396 0x095c  C:\Program Files (x86)\TeamViewer\TeamViewer_Resource_en.dll - ok

12:27:27.0396 0x095c  [ F8D78E5C1AE8C2675D275A0E66B7D8CE, DC39670A9D4F26B0C5AD612BF7A50627D0090B1A2E76560A4D8792F80FEF312D ] C:\Program Files (x86)\TeamViewer\TeamViewer_Resource_de.dll

12:27:27.0396 0x095c  C:\Program Files (x86)\TeamViewer\TeamViewer_Resource_de.dll - ok

12:27:27.0406 0x095c  [ 4A32585BC30F437C38A7DACD28877FFF, AA37973F290B6DA117C8A82C0590E8D5C910F8EA5F873B71E68B6483FE6B4F4E ] C:\Program Files (x86)\TeamViewer\TeamViewer_Resource_es.dll

12:27:27.0406 0x095c  C:\Program Files (x86)\TeamViewer\TeamViewer_Resource_es.dll - ok

12:27:27.0406 0x095c  [ C0A7D97213C8FD84E8DE014F1B109083, 14073299A2C57BA0C65B8F1689400685347A50CAB4CA0331F7CD5CEB1790F042 ] C:\Program Files (x86)\TeamViewer\TeamViewer_StaticRes.dll

12:27:27.0406 0x095c  C:\Program Files (x86)\TeamViewer\TeamViewer_StaticRes.dll - ok

12:27:27.0406 0x095c  [ 691C8DFB208227F0CBB5C0897C742ACE, 3240EAFF8182D1E8C8EA4642D2BF7A6EF19DCA2618E0C20B1FC6E81C277B8649 ] C:\Windows\SysWOW64\WindowsCodecs.dll

12:27:27.0406 0x095c  C:\Windows\SysWOW64\WindowsCodecs.dll - ok

12:27:27.0406 0x095c  [ D1BBE227367ED791D5FCF08E132D2956, 34349B7FB46BB89D59CC9CC6CD3F790870AB96642254C0374D97AFAC6121B945 ] C:\Windows\SysWOW64\opengl32.dll

12:27:27.0406 0x095c  C:\Windows\SysWOW64\opengl32.dll - ok

12:27:27.0416 0x095c  [ DE3897365B04C4DA1CF8FF725577C082, 44703E2D6C7219714C929D8ED096C8E044A3EDCA73198870A5CC4EF5CE16C397 ] C:\Windows\SysWOW64\glu32.dll

12:27:27.0416 0x095c  C:\Windows\SysWOW64\glu32.dll - ok

12:27:27.0416 0x095c  [ D7D7EB64B7DE14A783329805E5AC0031, 37B69D3EBB7A26B67261AF6ABDB74329A38F2012CCDF44F75901B8E1D3BC323E ] C:\Windows\System32\webcheck.dll

12:27:27.0416 0x095c  C:\Windows\System32\webcheck.dll - ok

12:27:27.0416 0x095c  [ 000B3A704234C202D4D788A171B02243, 7F5D42EC44DD14204D068E7F4C44C411710A67CAB1A62A1E1484098C50495CF5 ] C:\Windows\SysWOW64\mapi32.dll

12:27:27.0416 0x095c  C:\Windows\SysWOW64\mapi32.dll - ok

12:27:27.0416 0x095c  [ DE12B5063EB78DBE5DADB000271AFFA5, C09ACBB60DD4937AD828C64299A8EAA3090408961F3212DF0BB367FDE87DD8AE ] C:\Program Files (x86)\TeamViewer\tv_w32.dll

12:27:27.0416 0x095c  C:\Program Files (x86)\TeamViewer\tv_w32.dll - ok

12:27:27.0426 0x095c  [ 78BEDE9F9D3EA18C34E197152E655999, CFB4DCC7EBFBA7F1124E7765265B88E727612C48031C644FAB0455F4DA39ACC7 ] C:\Program Files (x86)\TeamViewer\tv_w32.exe

12:27:27.0426 0x095c  C:\Program Files (x86)\TeamViewer\tv_w32.exe - ok

12:27:27.0426 0x095c  [ 0A85258809A07BFD9712FC54E99556F2, BFE1D696778DE9B9C0F7E7348421883497B4E8F8CF2C6F54EB352C0E3D2883A5 ] C:\Program Files (x86)\TeamViewer\tv_x64.exe

12:27:27.0426 0x095c  C:\Program Files (x86)\TeamViewer\tv_x64.exe - ok

12:27:27.0426 0x095c  [ A6154A954F08E99D27CEA4D3B9563172, 11D6FA5C15B7E1E03449A910E58AAE52EFE97AA1989A8A1D9B3E2EB715FFC58A ] C:\Windows\SysWOW64\newdev.dll

12:27:27.0426 0x095c  C:\Windows\SysWOW64\newdev.dll - ok

12:27:27.0426 0x095c  [ BB7E865599FA258C70DF8B1F70109F6F, 9DE5150D59127632BF2CD5DAF84D2D9E6E367E958A3A839F5134DC6685E7A284 ] C:\Windows\System32\newdev.dll

12:27:27.0426 0x095c  C:\Windows\System32\newdev.dll - ok

12:27:27.0436 0x095c  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll

12:27:27.0436 0x095c  C:\Windows\SysWOW64\devenum.dll - ok

12:27:27.0436 0x095c  [ 8C680C0E6B3D6711B2B88AC82FE1804E, 1308E99ADBA5DA47689A7B089016BDDA93AC6EADD0698225C07F5C7453582A9F ] C:\Windows\SysWOW64\MMDevAPI.dll

12:27:27.0436 0x095c  C:\Windows\SysWOW64\MMDevAPI.dll - ok

12:27:27.0436 0x095c  [ 70F03B29A62194E69911952B3640D9D2, 837E2672660DC72DEA9A75B2E7DC952065770E83C52D63FF3042BF42C72E1664 ] C:\Windows\SysWOW64\msdmo.dll

12:27:27.0436 0x095c  C:\Windows\SysWOW64\msdmo.dll - ok

12:27:27.0436 0x095c  [ 1A99B866657C9C8B039CF11CB3B642E1, F25107E6B938D885A99C91BC3238335D919D8202ECA7868F9B8B641E5BACB457 ] C:\Windows\SysWOW64\printui.dll

12:27:27.0436 0x095c  C:\Windows\SysWOW64\printui.dll - ok

12:27:27.0446 0x095c  [ E6F66F31422C44EDC00D9C9329E7DF60, 81DB3B830F100ACEC5538840D73713FD3C530227886B6CEF250A48A3697729FE ] C:\Windows\System32\SyncCenter.dll

12:27:27.0446 0x095c  C:\Windows\System32\SyncCenter.dll - ok

12:27:27.0446 0x095c  [ 2AFAA10F62F0978AB832DBB971E56EAD, 791103ADE7C355367052AADBFF1023704303EEA3252AE2B87813809B120A9B4C ] C:\Windows\System32\printui.dll

12:27:27.0446 0x095c  C:\Windows\System32\printui.dll - ok

12:27:27.0446 0x095c  [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll

12:27:27.0446 0x095c  C:\Windows\SysWOW64\dsound.dll - ok

12:27:27.0446 0x095c  [ 625B198FC49675F6908EEDC7C6378012, 88A0087FAFA8EC567F770DF131C66F28EB664521A4C0794FBD544A981B9A3A89 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll

12:27:27.0446 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll - ok

12:27:27.0456 0x095c  [ B24ABFAB2D541996A38905369D511953, D683C5B6C5FEC53B595D2A28556CB11BA4867597114986B8605E2FAC10410EBF ] C:\Windows\SysWOW64\wdmaud.drv

12:27:27.0456 0x095c  C:\Windows\SysWOW64\wdmaud.drv - ok

12:27:27.0456 0x095c  [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll

12:27:27.0456 0x095c  C:\Windows\SysWOW64\avrt.dll - ok

12:27:27.0456 0x095c  [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll

12:27:27.0456 0x095c  C:\Windows\SysWOW64\ksuser.dll - ok

12:27:27.0456 0x095c  [ AFBB5060A2DAD431A2EAEB2C86CFFE81, 03BBBC09385CD995D143356D6CAE0B255AB08C47C8E778CD965C87B17DA10956 ] C:\Windows\SysWOW64\AudioSes.dll

12:27:27.0456 0x095c  C:\Windows\SysWOW64\AudioSes.dll - ok

12:27:27.0466 0x095c  [ 6EEEB6C90D19918A927CF0028BB5C535, 77FBC72C6888A7CB20A16C543C10077D769EEC48877B506DA4FCA787F75F320E ] C:\Windows\SysWOW64\puiapi.dll

12:27:27.0466 0x095c  C:\Windows\SysWOW64\puiapi.dll - ok

12:27:27.0466 0x095c  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll

12:27:27.0466 0x095c  C:\Windows\SysWOW64\msacm32.dll - ok

12:27:27.0466 0x095c  [ 07393A09C46083588E751B63B03C8301, 36E2351CF5FA05FEAAEB340B5E04B107B53C8174F8333559D8AEA40BEB94F678 ] C:\Windows\SysWOW64\msacm32.drv

12:27:27.0466 0x095c  C:\Windows\SysWOW64\msacm32.drv - ok

12:27:27.0466 0x095c  [ 5A12C364AD1D4FCC0AD0E56DBBC34462, 5FDF434BE4E15311AC83754CF85B5451F5A219D768A5DE3DC4FD9AE0B57B0AD9 ] C:\Windows\SysWOW64\midimap.dll

12:27:27.0466 0x095c  C:\Windows\SysWOW64\midimap.dll - ok

12:27:27.0476 0x095c  [ 43592D31AFF84DD957199248898D9430, BE0D2C635725647EAC985B59DAFA5CFE2C2BA110AA54E9DC0C2D3019CC6A2C6E ] C:\Windows\SysWOW64\mshtml.dll

12:27:27.0476 0x095c  C:\Windows\SysWOW64\mshtml.dll - ok

12:27:27.0476 0x095c  [ 927E0723FF793440B001289C4296FA98, DAD5B556032C801E69C7289A374338DE3EF45C4FAC9A8373CFC5C2A41C1A4EFB ] C:\Windows\System32\puiapi.dll

12:27:27.0476 0x095c  C:\Windows\System32\puiapi.dll - ok

12:27:27.0476 0x095c  [ E7991EA7FBAB0C7FA85731C309B5A5C5, B1B52DEFBC5C2607EA5A7A4BF02CC7FF76F1FAF2CACECC1FBDF9B0340D68B0B8 ] C:\Program Files (x86)\TeamViewer\tv_x64.dll

12:27:27.0476 0x095c  C:\Program Files (x86)\TeamViewer\tv_x64.dll - ok

12:27:27.0476 0x095c  [ 8B886A0AC14EAA8599142887991A5A2E, 5CD23A0F7DC53B1F4E8D33E2FD5C3C6E375EE5F542EBCEE2989400F352815462 ] C:\Windows\System32\imapi2.dll

12:27:27.0476 0x095c  C:\Windows\System32\imapi2.dll - ok

12:27:27.0486 0x095c  [ 42EC9065D9BF266ADE924B066C783A56, 4AC002E90A52CB0998DA78F2995294EE77B89FB2BE709B0E3C8E1627212BCCDC ] C:\Windows\System32\SearchProtocolHost.exe

12:27:27.0486 0x095c  C:\Windows\System32\SearchProtocolHost.exe - ok

12:27:27.0486 0x095c  [ A6CB639613E4E716A4A1B5DBF5638BC6, 0A3D9DCBC7BADBBDFAFA99F6FE281FEE349C3E012EA3336D7DFE6C39434542C8 ] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll

12:27:27.0486 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll - ok

12:27:27.0486 0x095c  [ 1025C2BF8E737FBCC5A4271EC1BDEF29, A400A260986A76ABA5AD1FD784906EADAC1567C535A7C88E88CE544B5CA9436A ] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll

12:27:27.0486 0x095c  C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll - ok

12:27:27.0486 0x095c  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll

12:27:27.0486 0x095c  C:\Windows\System32\msshooks.dll - ok

12:27:27.0496 0x095c  [ 52D56D1013D4F1B99102679314CC5325, F8F6C41FEC774C71A85C91DFEB057076D018E5A64CE1D7B7D9D202CA65B34758 ] C:\Windows\System32\SearchFilterHost.exe

12:27:27.0496 0x095c  C:\Windows\System32\SearchFilterHost.exe - ok

12:27:27.0496 0x095c  [ 6071A0E1BDC03027A3B19710B2EFBEF4, 3D8A69D79C086CB72DEC124DA4FF626D6FAA5ACB1F63FEC6B6ACB46F14D16019 ] C:\Program Files (x86)\ControlCenter4\BrCcExtPg.dll

12:27:27.0496 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcExtPg.dll - ok

12:27:27.0496 0x095c  [ F0AAB2A76A7AF04C70A818E96BAF3E64, 44E7D7A0D1F35D02D627D449EE773177AEE026B6D6C787B1463362E73670CB77 ] C:\Windows\System32\hgcpl.dll

12:27:27.0496 0x095c  C:\Windows\System32\hgcpl.dll - ok

12:27:27.0496 0x095c  [ 26025A46FB3FDB40FF06BBF1834093B5, EEA5F111C6F3A86EE2CB7D11C2C9986DC540E713817929366ABD4DB132C61F7B ] C:\Windows\SysWOW64\msls31.dll

12:27:27.0496 0x095c  C:\Windows\SysWOW64\msls31.dll - ok

12:27:27.0506 0x095c  [ E97295DE2A9FDE547FEAB4FE41DF16CA, 0ED49CA80D2A71A7BE4905A8A1042F25B0BD4F87DA9C63DD8BB4949E18B51CF6 ] C:\Windows\SysWOW64\mspaint.exe

12:27:27.0506 0x095c  C:\Windows\SysWOW64\mspaint.exe - ok

12:27:27.0506 0x095c  [ 7E65A525D2845D4167FD698242E7E2E5, 3A7A326E1A0D5A168C053288D830EFBB7F975CE3555043603A35A258C93C13AE ] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll

12:27:27.0506 0x095c  C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll - ok

12:27:27.0506 0x095c  [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\SysWOW64\SPInf.dll

12:27:27.0506 0x095c  C:\Windows\SysWOW64\SPInf.dll - ok

12:27:27.0506 0x095c  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] C:\Program Files (x86)\Browny02\BrYNSvc.exe

12:27:27.0506 0x095c  C:\Program Files (x86)\Browny02\BrYNSvc.exe - ok

12:27:27.0516 0x095c  [ FFA07A8A98506947812127067D394FB8, D4493087ABE2A048F24D87AE232AC2CE90329662348555EEC33E223DF6921A60 ] C:\PROGRA~2\MICROS~2\Office14\OIS.EXE

12:27:27.0516 0x095c  C:\PROGRA~2\MICROS~2\Office14\OIS.EXE - ok

12:27:27.0516 0x095c  [ DE6E7A6AFDD684FB3EF48101B8A9C364, 4CA7D4FD4354BAA841BDB93D0A18A614CBE64173AAD245244AB8DAA87B9C70A7 ] C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe

12:27:27.0516 0x095c  C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe - ok

12:27:27.0516 0x095c  [ 4E3C04F13286EA5F8119A4F65D4B535C, ACD7F6BA6D5E8E401E803C45F69FB6C04790B1CADF25DD9F4B862078AC5AE5BF ] C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll

12:27:27.0516 0x095c  C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll - ok

12:27:27.0516 0x095c  [ ABDBABE3A7D2222B3A0DB1B8B9CAD16E, C1852121F9ADB5D2B46C73334C6E8B3CF6B7BB431520C6937F1CAFAD19AA194E ] C:\Windows\System32\mssph.dll

12:27:27.0516 0x095c  C:\Windows\System32\mssph.dll - ok

12:27:27.0526 0x095c  [ 92B29E6BE97F5B2C5894904D1447BBFE, C8BF1ABDC9EDE0264ED7A818F61BB84BA2D42F160FDEA45DE6ED6EF816A6425E ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

12:27:27.0526 0x095c  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok

12:27:27.0526 0x095c  [ A53CC4C0FA7DA7CDC8DDDF4A0E6123F9, EAD4783058EFC1FCA6E92266CCA02AE8AB79105405775208167D280C14D98914 ] C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE

12:27:27.0526 0x095c  C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE - ok

12:27:27.0526 0x095c  [ FDA2FEC6B42787EE1ED4EFD39359770B, FD2ECA98D4F41293945242F79C3FA5969B5B995B22E721A849194DB84B01B2AC ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll

12:27:27.0526 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok

12:27:27.0526 0x095c  [ E938BB1D7523E4CEC914CDE0C8159E4E, 86CCE507E2A90604085B99BAC94C62A653BD2843A04D7982DCA7399931B73911 ] C:\Program Files (x86)\Browny02\BrMonitor.dll

12:27:27.0526 0x095c  C:\Program Files (x86)\Browny02\BrMonitor.dll - ok

12:27:27.0536 0x095c  [ 2BC566829965B30D0A82058F2EAE60EA, 3FB02C77002FA5037C6B2AC7DD21A9D2572510752733BA7DD27D3384BC25BAFC ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_elf.dll

12:27:27.0536 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_elf.dll - ok

12:27:27.0536 0x095c  [ 17E8DE51C5DAE58C5C390F41B9C777BD, C3A8886ED48B2339ED106C503AA05E183905E21D0F504645EFB4092ACA8D459A ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL

12:27:27.0536 0x095c  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL - ok

12:27:27.0536 0x095c  [ 59B7280D73906B43B13B273A1F9CC3DD, 21B7D150DA2B0C2613C2C0DE60B296F3AFF88EA9E70FD692C757B3A84DB2CF07 ] C:\Windows\SysWOW64\xpsrchvw.exe

12:27:27.0536 0x095c  C:\Windows\SysWOW64\xpsrchvw.exe - ok

12:27:27.0536 0x095c  [ 0EF845AF06AE5F34BA8F9B397A98BE3A, 94B1BFEEA829BD99768126E2F6CBBCBE13B46FC67B1EA0B6F01EDD817D779D51 ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL

12:27:27.0536 0x095c  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL - ok

12:27:27.0546 0x095c  [ BB50B21FEE2A6F3E5FC92B330ECCF050, FD8A126C7F19267821C5FFC6C8341BBF2E11ADB241C49371BFB8CA00218A5754 ] C:\Windows\SysWOW64\hhctrl.ocx

12:27:27.0546 0x095c  C:\Windows\SysWOW64\hhctrl.ocx - ok

12:27:27.0546 0x095c  [ 2B9B4271E23C69F9D121B59476968EAA, D2CDB4EFE4C3CC2BCBCDD34E1E2A362A24A4E1EB386577719FEEC5CEFB388992 ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome.dll

12:27:27.0546 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome.dll - ok

12:27:27.0546 0x095c  [ D378BFFB70923139D6A4F546864AA61C, C4232DDD4D37B9C0884BD44D8476578C54D7F98D58945728E425736A6A07E102 ] C:\Windows\SysWOW64\notepad.exe

12:27:27.0546 0x095c  C:\Windows\SysWOW64\notepad.exe - ok

12:27:27.0546 0x095c  [ 15E52F52ED2B8ED122FAE897119687C4, 8CFB55087FA8E4C1E7BCC580D767CF2C884C1B8C890AD240C1E7009810AF6736 ] C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

12:27:27.0546 0x095c  C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE - ok

12:27:27.0556 0x095c  [ 53FA6D58BE4782B4D058583ED17521D5, 17AB0FCC4B1053F4B548AB6CBDB608551662B5A0DC740DF205BF709ECFF6C074 ] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll

12:27:27.0556 0x095c  C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll - ok

12:27:27.0556 0x095c  [ 7FB1C5DFC2605843CEC69A6FC4E96576, 330C1D3DD702AF11B01AE38CED101E4C4217816E4887E9EBFFE2E529CDC857D5 ] C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\vsta.exe

12:27:27.0556 0x095c  C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\vsta.exe - ok

12:27:27.0556 0x095c  [ 325898762AF50CC9D7A4C504B7CD6206, 293EB1F421601477E48119966ADBD2D8BE68510334C19A8377C5E772E40E039A ] C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE

12:27:27.0556 0x095c  C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE - ok

12:27:27.0556 0x095c  [ 2C32E3E596CFE660353753EABEFB0540, 04C66A2139E7E531DA18BB4F240798B1B69C2B240C39BA9FF102E5A9EF8A79BA ] C:\Program Files (x86)\Internet Explorer\iexplore.exe

12:27:27.0556 0x095c  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok

12:27:27.0566 0x095c  [ E745BC62FE98CE4DA12D7B18F5DDBA3F, D3D4CD5622BF194A26A5639E09F02B2768A7897A168F2DFDBBB4B56D2DE183F8 ] C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

12:27:27.0566 0x095c  C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe - ok

12:27:27.0566 0x095c  [ 702A13ED6F2B4740FA77A7A19B382348, 3C546D9A4E382C0A797DC4293BCFFB653110D5D11E2266368430B8AC213A3112 ] C:\Windows\SysWOW64\credui.dll

12:27:27.0566 0x095c  C:\Windows\SysWOW64\credui.dll - ok

12:27:27.0566 0x095c  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll

12:27:27.0566 0x095c  C:\Windows\SysWOW64\hid.dll - ok

12:27:27.0566 0x095c  [ B194D2CFE72FD79F5199C46F2EE19D92, 0DAECD0FFBD7B1BB597C284B5E9724CDE290D4F973E79F69E99FE1CE377C6BF5 ] C:\Windows\SysWOW64\DWrite.dll

12:27:27.0566 0x095c  C:\Windows\SysWOW64\DWrite.dll - ok

12:27:27.0576 0x095c  [ 264BF62E54F6D73A8956C1A39040E573, 6246E0A8330E8079F13946B10E24082BF0E32C80BB2672255EC157929191B143 ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_watcher.dll

12:27:27.0576 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_watcher.dll - ok

12:27:27.0576 0x095c  [ 4F2595A7F283A8DCC86007FB24B77AB9, E37512B6E9133A49E47D834194F9989EFDE15163245F54E3C3A624A68779D91B ] C:\Windows\SysWOW64\KBDUS.DLL

12:27:27.0576 0x095c  C:\Windows\SysWOW64\KBDUS.DLL - ok

12:27:27.0576 0x095c  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] C:\Windows\System32\FntCache.dll

12:27:27.0576 0x095c  C:\Windows\System32\FntCache.dll - ok

12:27:27.0576 0x095c  [ C10459DBDC2099C5A8428CB7D87DB85F, 8423A61CC42A1E8BF1B093D172C629D2F5915873BAD3DDA2A28C9D6006930E46 ] C:\Windows\SysWOW64\olepro32.dll

12:27:27.0576 0x095c  C:\Windows\SysWOW64\olepro32.dll - ok

12:27:27.0586 0x095c  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll

12:27:27.0586 0x095c  C:\Windows\SysWOW64\shfolder.dll - ok

12:27:27.0586 0x095c  [ 2A556E2D703DED03186C596B90AC6869, 566DF5F4754D3510D277B30A773E5A21B1D30EADBA0B585A18A68AC9BC72A7EC ] C:\Windows\System32\mapi32.dll

12:27:27.0586 0x095c  C:\Windows\System32\mapi32.dll - ok

12:27:27.0586 0x095c  [ 5E34DBC54BBA1576F323F622484D6E5B, F36C920B44754ECA7066C54E0A39F63C848762A4CEE527D25EF464ECD82B1743 ] C:\Program Files (x86)\ControlCenter4\BrCcFaxRx.dll

12:27:27.0586 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcFaxRx.dll - ok

12:27:27.0586 0x095c  [ 8EE66B490856B2823DF82BF1B747A738, 043F061A7CB485F8504DA06ED8DF0ADEC5847E55786229E6F10D3384142995E5 ] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

12:27:27.0586 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe - ok

12:27:27.0596 0x095c  [ F71EC3FEC2EBEB67D067E9DA1469A9E0, 997F186482E3DD7EA731CC5C165C7F22E6D66807CD039F38F541F24CF0CF02A6 ] C:\Program Files (x86)\Browny02\BRLMW03A.DLL

12:27:27.0596 0x095c  C:\Program Files (x86)\Browny02\BRLMW03A.DLL - ok

12:27:27.0596 0x095c  [ 114E9DE7781BEE1FF4738658C12C013A, 06A37DBF5141589A397ECEFA96DF3E0AAD63DCCBD1BC3FF3BFCDE3284F84FD24 ] C:\Program Files (x86)\Browny02\brlm03a.dll

12:27:27.0596 0x095c  C:\Program Files (x86)\Browny02\brlm03a.dll - ok

12:27:27.0596 0x095c  [ EF4248D28C2940AE6D46470AC2479A4F, 7C0DBCED93823E918A3DB9785E68A24743DECB03D378F1AEDCB0BF9705B4AC9A ] C:\Windows\System32\msisip.dll

12:27:27.0596 0x095c  C:\Windows\System32\msisip.dll - ok

12:27:27.0596 0x095c  [ 22E7431E7DAE8463AF94A79A054276E5, 980EA547B86D3F2DF698FCB6A90200CC993DF4B7EE23BDB749D9179E0DD46944 ] C:\Windows\System32\WinSCard.dll

12:27:27.0596 0x095c  C:\Windows\System32\WinSCard.dll - ok

12:27:27.0606 0x095c  [ 6E74D0AE00231D87CD213CD7BDC27E37, 29BD01036687B16670DECB1720592B7F2EA75C359784D4F89663D7B8523DF9C2 ] C:\Windows\System32\wshext.dll

12:27:27.0606 0x095c  C:\Windows\System32\wshext.dll - ok

12:27:27.0606 0x095c  [ 8C362BC4687838891922DBD00D622ACD, 383FF92CF608B77A1E5E24D65F2089D8B22C1594B58F0F86994322586FE5CEDE ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL

12:27:27.0606 0x095c  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL - ok

12:27:27.0606 0x095c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

12:27:27.0606 0x095c  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - ok

12:27:27.0606 0x095c  [ 67CE7A83CF4AA78A05EA26D4443CE5F3, 6564E617FB526E424B6B0814EC8C6CDA5327F1B2957AA40E186767E38D4B91EC ] C:\Windows\System32\scrobj.dll

12:27:27.0606 0x095c  C:\Windows\System32\scrobj.dll - ok

12:27:27.0616 0x095c  [ 3DCC84D1F63E5F7CB56F229D2149AB5D, CB0B32B890EE0C604478147D1625CC050F482CC492E6FD2B5966635691BCB0DC ] C:\Windows\System32\wshom.ocx

12:27:27.0616 0x095c  C:\Windows\System32\wshom.ocx - ok

12:27:27.0616 0x095c  [ 8771BEDEAD950014EEDF6EEFE4A68066, 0C926F84C214FFCA6ECCCA70129526B6FA6CB6DA019F7C547A43A3DFA2D0E8BA ] C:\Windows\System32\scrrun.dll

12:27:27.0616 0x095c  C:\Windows\System32\scrrun.dll - ok

12:27:27.0616 0x095c  [ 754A0C324ECA95AE4F708D01EF27060E, 14CCE8BF5502B4DAF1B9B99406B450AF6D260F480EF22B8FCF500822A2AF5BF2 ] C:\Windows\System32\wbem\wbemdisp.dll

12:27:27.0616 0x095c  C:\Windows\System32\wbem\wbemdisp.dll - ok

12:27:27.0616 0x095c  [ FB24438F64BAF5198EE7648B51FD3AB0, 69FC832A234847FFBC7691144F4ED21D28322BFEA13D15A98FEF79CF6B59A595 ] C:\Windows\System32\cacls.exe

12:27:27.0616 0x095c  C:\Windows\System32\cacls.exe - ok

12:27:27.0626 0x095c  [ EEB3F363A7B458774C81013FC8127B94, 54FF6186ADD09575BA264B3ED7DE0E6BF38E2224B1928ED9E632713A34AF77F9 ] C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll

12:27:27.0626 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll - ok

12:27:27.0626 0x095c  [ CC8AC0AB0CDA80DCE9A7A680D091F352, A8CC3B78670A1F29C0529A409BEE28B677B6F07C9A88083FAB8641FDA1DE5DE4 ] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll

12:27:27.0626 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll - ok

12:27:27.0626 0x095c  [ 35CEE01453EB587A9C1053B357B9CBAE, 619880497A8B7E1ABCC69A9CD2B3CB3A6CB13A842339C4139B4F24F0A2469F17 ] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

12:27:27.0626 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll - ok

12:27:27.0626 0x095c  [ F62175F3B0CF55742A2085516F1B9BEC, 2A544298ABD8A9C386E902D85F4827AA03CC9514CAB23E79F8531CF65E368BBF ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL

12:27:27.0626 0x095c  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL - ok

12:27:27.0636 0x095c  [ E8132FB3BAC7C0CDBD581485B8BA947F, 063ABE4F7FE9E81543377AD45F58D9C61B06453025B0CCC3E3388C93FE8DBF57 ] C:\Windows\SysWOW64\cryptui.dll

12:27:27.0636 0x095c  C:\Windows\SysWOW64\cryptui.dll - ok

12:27:27.0636 0x095c  [ 8886E0697B0A93C521F99099EF643450, D73F7EE4E6E992A618D02580BDBF4FD6BA7C683D110928001092F4073341E95F ] C:\Users\Felipe\AppData\Roaming\dfenqkn\fsjqn.exe

12:27:27.0636 0x095c  C:\Users\Felipe\AppData\Roaming\dfenqkn\fsjqn.exe - ok

12:27:27.0636 0x095c  [ D0FAF82CA976ADE294498B3A8A7A0D7D, 3DB2796AF1D35E093487F100BBED87DFC1361075FAE71A2C51224CD11F73CEFF ] C:\Program Files (x86)\Skype\Phone\SkypeResources.dll

12:27:27.0636 0x095c  C:\Program Files (x86)\Skype\Phone\SkypeResources.dll - ok

12:27:27.0636 0x095c  [ 7ABDE51F438D4DC1B4095F5F2440AA4B, 5E93B770E2BADF06117777A47DB1796599B6E86205EEE5602266186B41F68DF0 ] C:\Program Files (x86)\ControlCenter4\BrCcScan.dll

12:27:27.0636 0x095c  C:\Program Files (x86)\ControlCenter4\BrCcScan.dll - ok

12:27:27.0646 0x095c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] C:\Windows\System32\drivers\asyncmac.sys

12:27:27.0646 0x095c  C:\Windows\System32\drivers\asyncmac.sys - ok

12:27:27.0646 0x095c  [ 637982A421D0133DCEAA0D1490D1DC9C, CBAA8242C1013E4D9E48BEE146D6AC3ABF8B2370B7390D80A01344771A097B2A ] C:\Windows\System32\netsh.exe

12:27:27.0646 0x095c  C:\Windows\System32\netsh.exe - ok

12:27:27.0646 0x095c  [ DBFDE03DE745C7EA430DEB8EECD32468, F93F021DE167A495D067EFC72AC36DBFE57E3FD23C912BBAC90B0783D223F7A8 ] C:\Program Files\Common Files\System\ado\msado15.dll

12:27:27.0646 0x095c  C:\Program Files\Common Files\System\ado\msado15.dll - ok

12:27:27.0646 0x095c  [ C5413BC4F10CEB4C3070BBF04D324117, 83908C79D22458BC05FAB5ABF1DDF74177B1E5C612E893C62C19C284D2C86F60 ] C:\Windows\SysWOW64\msisip.dll

12:27:27.0646 0x095c  C:\Windows\SysWOW64\msisip.dll - ok

12:27:27.0656 0x095c  [ CDD78E8E82C863A102CC2252255A614D, B6D0B4FDAA85E464CADB7759C6606A75B843D1E2783B26C28FF1D78049A1959A ] C:\Windows\System32\msdart.dll

12:27:27.0656 0x095c  C:\Windows\System32\msdart.dll - ok

12:27:27.0656 0x095c  [ 516C021FEBEDE2962C9252DF85606C76, 0ED27C1C59E4AC96B704F423AB836589EFFAEC2B4615F534EEFFF104893ADC36 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe

12:27:27.0656 0x095c  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe - ok

12:27:27.0656 0x095c  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll

12:27:27.0656 0x095c  C:\Windows\SysWOW64\wlanapi.dll - ok

12:27:27.0656 0x095c  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll

12:27:27.0656 0x095c  C:\Windows\SysWOW64\wlanutil.dll - ok

12:27:27.0666 0x095c  [ 40E1F127557EFC86882581C55108D4AE, B55DB0E5ACD045D2BACD268C6153479F1ED030395E13CE330A1254F3FCBF3CA9 ] C:\Windows\System32\rasmontr.dll

12:27:27.0666 0x095c  C:\Windows\System32\rasmontr.dll - ok

12:27:27.0666 0x095c  [ A09533A0395A06F47143CAFB6DCED04A, 8872EA7DE924FF5AF7579D38898D7C4AA9980B879115BFEE827693E67A51D1A5 ] C:\Windows\System32\mfc42u.dll

12:27:27.0666 0x095c  C:\Windows\System32\mfc42u.dll - ok

12:27:27.0666 0x095c  [ C586EE2DAB4BF42A291B8A6B6EE928F0, C11C1F8689ECB9A5F4C4570AB512965DDA93F89BBB441A2E7147BA27D6037611 ] C:\Windows\System32\odbc32.dll

12:27:27.0666 0x095c  C:\Windows\System32\odbc32.dll - ok

12:27:27.0666 0x095c  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll

12:27:27.0666 0x095c  C:\Windows\SysWOW64\linkinfo.dll - ok

12:27:27.0676 0x095c  [ 36333D345062E42E849C0AF00CBEFC97, 3E375720C5A3E116CC22416BAFD61F06BD508ED0A628DD393FB8F065F0F1EAA5 ] C:\Windows\SysWOW64\ntshrui.dll

12:27:27.0676 0x095c  C:\Windows\SysWOW64\ntshrui.dll - ok

12:27:27.0676 0x095c  [ 3E466073C3B1033FF92ADE9031E3D4A2, 2B26096A6BA2EE8C496D3252248F21D214E8C41ECF79A60A60E52D3BC4135C03 ] C:\Windows\System32\odbcint.dll

12:27:27.0676 0x095c  C:\Windows\System32\odbcint.dll - ok

12:27:27.0676 0x095c  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll

12:27:27.0676 0x095c  C:\Windows\SysWOW64\slc.dll - ok

12:27:27.0676 0x095c  [ A58B05E6B949D86144907F0A4D807032, 548D64E9B41EF0963D0E3A78B62BE176C790FE41B646D543BABAD43385FF5EF9 ] C:\Program Files (x86)\Skype\Updater\Updater.dll

12:27:27.0676 0x095c  C:\Program Files (x86)\Skype\Updater\Updater.dll - ok

12:27:27.0686 0x095c  [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\SysWOW64\pcwum.dll

12:27:27.0686 0x095c  C:\Windows\SysWOW64\pcwum.dll - ok

12:27:27.0686 0x095c  [ 236360CE5E4C3F063AC110533747C0A8, 405A17410BBB46034EC1DE4B149186A12A0C80AFDADD34C4D7D17B7A24FDF1DC ] C:\Windows\SysWOW64\Wpc.dll

12:27:27.0686 0x095c  C:\Windows\SysWOW64\Wpc.dll - ok

12:27:27.0686 0x095c  [ 47F29A09E01B5D01866E2061FCFF766F, 4EEB87E613C178A4EC30F72EBDD16711EA2624DC57590E042DE6E6DB3C41E663 ] C:\Windows\System32\nshwfp.dll

12:27:27.0686 0x095c  C:\Windows\System32\nshwfp.dll - ok

12:27:27.0686 0x095c  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll

12:27:27.0686 0x095c  C:\Windows\SysWOW64\EhStorShell.dll - ok

12:27:27.0696 0x095c  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll

12:27:27.0696 0x095c  C:\Windows\SysWOW64\wevtapi.dll - ok

12:27:27.0696 0x095c  [ BF0319C91260940E9933B216B3A48417, 9576EA46D4CAF738CB49BA3CA9D3B9D6C36535CF0E084DAF872BA9D3B6909413 ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_child.dll

12:27:27.0696 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_child.dll - ok

12:27:27.0696 0x095c  [ 8B57391F4E96FF5DD550532EDD85DC84, 9DE2AAA598844E8575431DA08F5B23FEC9ACC697283F61BA5DB68442D4DAE2A1 ] C:\PROGRA~2\MICROS~2\Office14\3082\GrooveIntlResource.dll

12:27:27.0696 0x095c  C:\PROGRA~2\MICROS~2\Office14\3082\GrooveIntlResource.dll - ok

12:27:27.0696 0x095c  [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll

12:27:27.0696 0x095c  C:\Windows\SysWOW64\FirewallAPI.dll - ok

12:27:27.0706 0x095c  [ 80EFBCAFBD26956B69EE9CEFC93423B0, 9DFC9FCFD3F88CD2952D3D6ACB32D6E98EC09C492727A8A5E73EBA82F6F6C9E8 ] C:\Windows\SysWOW64\mf.dll

12:27:27.0706 0x095c  C:\Windows\SysWOW64\mf.dll - ok

12:27:27.0706 0x095c  [ FA753FAB0B93E3427C1EB722E876501E, D4AEAA11210118B1FA7423BBA25DA2A95303FEF0CDAF84B6BA637081D3DAA8FB ] C:\Windows\System32\dhcpcmonitor.dll

12:27:27.0706 0x095c  C:\Windows\System32\dhcpcmonitor.dll - ok

12:27:27.0706 0x095c  [ CB06D9EDB2A0C225C25A3B33BEDF4DD7, FE53B282B0D0C2E33093BFBF4C65FDF7E943E7C94FFCE8C6A586518B9FD04D79 ] C:\Windows\System32\DHCPQEC.DLL

12:27:27.0706 0x095c  C:\Windows\System32\DHCPQEC.DLL - ok

12:27:27.0706 0x095c  [ D314DA4B0B8DCD023D547FC568E34FB6, 9BBBB7B0D40EA47C4B8CCE0050BC3E6C02E5B6D7B4BE632361FDB38E25ACD877 ] C:\Windows\System32\wshelper.dll

12:27:27.0706 0x095c  C:\Windows\System32\wshelper.dll - ok

12:27:27.0716 0x095c  [ 8396C6C26AADDFE4590CCEF0F419B6B7, 91BD32908DD0A5F61486678ED9F542DBE232ED9EE1EE23E4F68316F98430A94E ] C:\Windows\System32\ws2help.dll

12:27:27.0716 0x095c  C:\Windows\System32\ws2help.dll - ok

12:27:27.0716 0x095c  [ FA4D595B2C5B2E54E8A49A82CFFAB155, 5E6DBF2AD4834039325536242098FB7A9016A5FA771A2D7438B65F140B89BA9C ] C:\Windows\System32\nshhttp.dll

12:27:27.0716 0x095c  C:\Windows\System32\nshhttp.dll - ok

12:27:27.0716 0x095c  [ 2D15C41214F518FC3C72A4C01C30882F, BFA7F16D2883E01394A821A70FD38A3D31F362E45E790C02BE6569ED027894CA ] C:\Windows\SysWOW64\bthprops.cpl

12:27:27.0716 0x095c  C:\Windows\SysWOW64\bthprops.cpl - ok

12:27:27.0716 0x095c  [ 4509387963DF66A6401752A0C631F6E8, B160BD61BEC4D4566442106CCF48182481DF55F937DE5A816436D202630145DC ] C:\Windows\System32\httpapi.dll

12:27:27.0716 0x095c  C:\Windows\System32\httpapi.dll - ok

12:27:27.0726 0x095c  [ EFFA3C1731775272F074F3FF257020FC, AB3C15F756546C8622E2177ACB5F82F1EE267711C2F01FD12FCB08C5FB8C6A27 ] C:\Windows\System32\fwcfg.dll

12:27:27.0726 0x095c  C:\Windows\System32\fwcfg.dll - ok

12:27:27.0726 0x095c  [ 55F1C5EFF3D81EE93B0691FFC610BCF2, CBAB1BD8CAEBA0086CEDA124E42BEF1ADB807310A2126938138980EA04F2B54A ] C:\Windows\System32\authfwcfg.dll

12:27:27.0726 0x095c  C:\Windows\System32\authfwcfg.dll - ok

12:27:27.0736 0x095c  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll

12:27:27.0736 0x095c  C:\Windows\SysWOW64\atl.dll - ok

12:27:27.0736 0x095c  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B, 7A8A051F414A0A11252A361461A086890BCE9F49CE1AF794061184AE16517EF1 ] C:\Windows\SysWOW64\mfplat.dll

12:27:27.0736 0x095c  C:\Windows\SysWOW64\mfplat.dll - ok

12:27:27.0736 0x095c  [ FA4C81DC1E0B5D5F0BD5CB1C78659CAA, A61B3EC46FDD72D1C479B3F61B88B82C893CD211A8567A8C3362FAE45ADC6E17 ] C:\Windows\System32\winipsec.dll

12:27:27.0736 0x095c  C:\Windows\System32\winipsec.dll - ok

12:27:27.0736 0x095c  [ 3DE43BFDAF3F8979699650202AA18B12, B023FBD3EF0658512B059F5703E05FFF29AF3025A4F48DA7C3C013D0A8119E3C ] C:\Windows\SysWOW64\msmpeg2vdec.dll

12:27:27.0736 0x095c  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok

12:27:27.0746 0x095c  [ 2553AF518536B2E365A814730EB93E0A, 1D03E713CB506E515B63C8AC64DA9946094800BD4B6157DFD38C8136AE49D748 ] C:\Windows\System32\ifmon.dll

12:27:27.0746 0x095c  C:\Windows\System32\ifmon.dll - ok

12:27:27.0746 0x095c  [ A1A60A4C035535373F9FECCD6227E362, 45F994501CA164E9A185C54A4750017206BBB20750D6382C3607ECB822313F80 ] C:\Windows\System32\netiohlp.dll

12:27:27.0746 0x095c  C:\Windows\System32\netiohlp.dll - ok

12:27:27.0746 0x095c  [ 110A8C1EA034CE155CC99F083B2415CA, 2041537C39CD2328D388F729A5F5C6ADC02B2E34D553424AB852085BCE383500 ] C:\Windows\System32\whhelper.dll

12:27:27.0746 0x095c  C:\Windows\System32\whhelper.dll - ok

12:27:27.0756 0x095c  [ 840B884B2071186C0D354F3A7F4E4D56, 11EC4CA08970F092DD16082C3D71E1D780965DA7A37414DCE672290A4AF68733 ] C:\Windows\System32\hnetmon.dll

12:27:27.0756 0x095c  C:\Windows\System32\hnetmon.dll - ok

12:27:27.0756 0x095c  [ 18AAD5A845EEC8A0555582ED6A8B061F, 17FA4969C5A18D5D41509E228C409D1739DE9575786F361C2DBED9FB374F2F72 ] C:\Windows\System32\rpcnsh.dll

12:27:27.0756 0x095c  C:\Windows\System32\rpcnsh.dll - ok

12:27:27.0756 0x095c  [ A8BC80D5BD5D32B29834335FB5831203, 125C8D6DE48D76377275AB6269F575E51A479C40BC859D64803DF1B701208FF0 ] C:\Windows\System32\dot3cfg.dll

12:27:27.0756 0x095c  C:\Windows\System32\dot3cfg.dll - ok

12:27:27.0766 0x095c  [ A68E038D88A255B24F78AE47B944C7AF, 417A1E44885983811CF6C11C24199DA21ECBD608149021C45B7D6BBB4F621867 ] C:\Windows\System32\NAPMONTR.DLL

12:27:27.0766 0x095c  C:\Windows\System32\NAPMONTR.DLL - ok

12:27:27.0766 0x095c  [ 5A75FF83FE4EC87EC205ED12B79AC11D, AC47CC6A2FD1AE3937426FDBC03AD4D68545F8F421ACF1BE64708E5F10A6B5A8 ] C:\Windows\SysWOW64\evr.dll

12:27:27.0766 0x095c  C:\Windows\SysWOW64\evr.dll - ok

12:27:27.0766 0x095c  [ AAA6D0DF7356BBA706BD67385A103AAB, 4A483A9EEC0F3881C0252E975852A8D96D81DA0CC35C5E2E4F00947E6C2B0A69 ] C:\Windows\System32\certcli.dll

12:27:27.0766 0x095c  C:\Windows\System32\certcli.dll - ok

12:27:27.0766 0x095c  [ 6AC23D88F560593F5138F54C751A9979, B6E1A100C313E6A754632BE6C9114A5481C7820E84F153DE433DCA19F7A26BA6 ] C:\Windows\SysWOW64\sqmapi.dll

12:27:27.0766 0x095c  C:\Windows\SysWOW64\sqmapi.dll - ok

12:27:27.0776 0x095c  [ 2AE53CA58B2921C2CA0C636B400D1835, 260A2C95F367F1BB778FDBDE34D87BB64E73227A8C3B9FA043B1959435961048 ] C:\Windows\System32\nshipsec.dll

12:27:27.0776 0x095c  C:\Windows\System32\nshipsec.dll - ok

12:27:27.0776 0x095c  [ CFC39F97FF3B32D4E9DA845FD46035EC, 3A010EE7186086A7F77B6AEC3644E05F8495A84895B90572CAB8D4F14EFA088E ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\d3dcompiler_47.dll

12:27:27.0776 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\d3dcompiler_47.dll - ok

12:27:27.0776 0x095c  [ 011F0B067E47612F57C4ECE377D9C9DF, 69FA7230B889DA09CD4DDA0D38CA1D418E48605535D7E1125050F0B89919DFBE ] C:\Windows\System32\activeds.dll

12:27:27.0776 0x095c  C:\Windows\System32\activeds.dll - ok

12:27:27.0786 0x095c  [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4, 19C5EBCE5F4B574402F0F4802C93824B0763DD2C972E146E26B85C0960A05185 ] C:\Windows\System32\adsldpc.dll

12:27:27.0786 0x095c  C:\Windows\System32\adsldpc.dll - ok

12:27:27.0786 0x095c  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650, 64D581B5F68821B9FCBC656B9C3B04F047EDFE4D2905B1926017A60C740D645A ] C:\Windows\System32\polstore.dll

12:27:27.0786 0x095c  C:\Windows\System32\polstore.dll - ok

12:27:27.0786 0x095c  [ 6D672FE62DF8B2A6626F128C1ABAB4F8, 1545E5D63A0928929AAD9498EBD9C9E91470AE90497F4853835BAEB9D972325A ] C:\Windows\System32\nettrace.dll

12:27:27.0786 0x095c  C:\Windows\System32\nettrace.dll - ok

12:27:27.0786 0x095c  [ 18D4729031314F8C217CDFCC599EF4E4, 6BDF1858819A8D8DDEB375D3D8737627EFFCB8D254A455975E16209AEF615B17 ] C:\Windows\System32\ndfapi.dll

12:27:27.0786 0x095c  C:\Windows\System32\ndfapi.dll - ok

12:27:27.0786 0x095c  [ FBD879D17B26D49DD7A48FF58062FAE6, 531363F29AB4C479C7757D5FE45D7CE2609FA112E644AB98F8269E03454DC387 ] C:\Windows\System32\tdh.dll

12:27:27.0786 0x095c  C:\Windows\System32\tdh.dll - ok

12:27:27.0796 0x095c  [ 91F071416758BB518A7E1FE326109B76, E52D90DA423A1C4BAAE6CFC63DEC4A4E066F00BC4BE7093D20F7C67DCBD9A196 ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll

12:27:27.0796 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll - ok

12:27:27.0796 0x095c  [ C02585D6BB5A6D7B2F88C1299A5B1B79, 792A02F06591922E6E05981D45EE93BBF5F8FFB113AEFB718D809AFD02D71EDD ] C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

12:27:27.0796 0x095c  C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll - ok

12:27:27.0796 0x095c  [ DB991B869472AF2A3BB97460BBA59AA3, 26C391C0068D947A3B27AD21C7769CF3E0F49AFE54863E4C4197E86EED1FC82B ] C:\Windows\System32\WcnNetsh.dll

12:27:27.0796 0x095c  C:\Windows\System32\WcnNetsh.dll - ok

12:27:27.0796 0x095c  [ 01A9E95A520247E110AFBDF2ACBC6AE8, B58CCC656BC91B03BFF152B65901D0459D6453E20D63ED59744AF00D5B22F1C7 ] C:\Windows\System32\p2pnetsh.dll

12:27:27.0796 0x095c  C:\Windows\System32\p2pnetsh.dll - ok

12:27:27.0806 0x095c  [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll

12:27:27.0806 0x095c  C:\Windows\System32\P2P.dll - ok

12:27:27.0806 0x095c  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll

12:27:27.0806 0x095c  C:\Windows\System32\p2pcollab.dll - ok

12:27:27.0806 0x095c  [ D63A0FF194BF6BEC0E2776B550B3691B, 20DA2E2A48E5C5D312DFE10406265904331A8D37BAE000747C42D67B7DCB31BA ] C:\Windows\System32\wwancfg.dll

12:27:27.0806 0x095c  C:\Windows\System32\wwancfg.dll - ok

12:27:27.0806 0x095c  [ DFE67CB5060D6B4E950646ABDBB0C9C4, 4B290DBA6BE68F881C2E3D155E2D1FE24090FBF08A353FFA23A020DEFD114A5A ] C:\Windows\System32\wlancfg.dll

12:27:27.0806 0x095c  C:\Windows\System32\wlancfg.dll - ok

12:27:27.0816 0x095c  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll

12:27:27.0816 0x095c  C:\Windows\SysWOW64\imageres.dll - ok

12:27:27.0816 0x095c  [ 523CF74A52C9A1762DA8B83AEE734498, 5A739182B916738B611E1BBA9098F8BCC8C4E2CC2CFEFD1BC5CE7941D11CEDFD ] C:\Windows\SysWOW64\IconCodecService.dll

12:27:27.0816 0x095c  C:\Windows\SysWOW64\IconCodecService.dll - ok

12:27:27.0816 0x095c  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll

12:27:27.0816 0x095c  C:\Windows\System32\wbem\NCProv.dll - ok

12:27:27.0816 0x095c  [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll

12:27:27.0816 0x095c  C:\Windows\SysWOW64\mlang.dll - ok

12:27:27.0826 0x095c  [ FAD2A307838F66F2037868460A71DBBD, 91009EA4E3F5EABC725EB317402667C6F379EA5E9CB8AD3779A34C8C80179503 ] C:\Windows\SysWOW64\t2embed.dll

12:27:27.0826 0x095c  C:\Windows\SysWOW64\t2embed.dll - ok

12:27:27.0826 0x095c  [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\SysWOW64\msimtf.dll

12:27:27.0826 0x095c  C:\Windows\SysWOW64\msimtf.dll - ok

12:27:27.0826 0x095c  [ 84ADBE77F3038579AF69DB06960A97B3, 980E86DF0421FC2D080071F33A5AD136CCEE03ABD524B5786FD648CB7D27D06B ] C:\Windows\SysWOW64\jscript.dll

12:27:27.0826 0x095c  C:\Windows\SysWOW64\jscript.dll - ok

12:27:27.0826 0x095c  [ 2AABC029D38326143229A6257F6B4B84, CD331026A3BD565A38D978C0BB994AB8F01B979B95EFAF26B2CCF0A5C446CAE0 ] C:\Windows\SysWOW64\imgutil.dll

12:27:27.0826 0x095c  C:\Windows\SysWOW64\imgutil.dll - ok

12:27:27.0836 0x095c  [ EED5AE4EF38893DD1743A95760C98704, AA2CF2B49DED21D305DB0525CE389D67CA14E796D9DC568A33C9D84201BB9321 ] C:\Windows\SysWOW64\pngfilt.dll

12:27:27.0836 0x095c  C:\Windows\SysWOW64\pngfilt.dll - ok

12:27:27.0836 0x095c  [ B4844AA141A5E25D6D4AC33968D82C51, 5AF8BC4E1BB3B1A682E97FA3E8CE22B07F10CF98CBD80B057FDEE6121979F8A9 ] C:\Windows\System32\sppwmi.dll

12:27:27.0836 0x095c  C:\Windows\System32\sppwmi.dll - ok

12:27:27.0836 0x095c  [ 26EB385F014AE2592D6495E6D4E9EFE8, C4BCB2E744941065603A25EA6532138096E52EC039F22C883F7557C5ED961445 ] C:\Windows\SysWOW64\msxml3.dll

12:27:27.0836 0x095c  C:\Windows\SysWOW64\msxml3.dll - ok

12:27:27.0836 0x095c  [ 6F5BE3F67D7F66FFA861ABBFC6A8C973, 0D01568C0ABE1682DE8AFDCB1D5421E1AA9AFBC11714B801FE886455B4F76385 ] C:\Windows\System32\sppcext.dll

12:27:27.0836 0x095c  C:\Windows\System32\sppcext.dll - ok

12:27:27.0846 0x095c  [ 64856DFE10FC7B429E6999380BC3BB62, B6BF63B401862290FE33EC4C8BD3026C2FD04152B5D9E215DD5C6FEE84672284 ] C:\Windows\System32\sppc.dll

12:27:27.0846 0x095c  C:\Windows\System32\sppc.dll - ok

12:27:27.0846 0x095c  [ 22693332CE42610A0C711501A01C0FC3, 7F24A16394A9091FC564448D3CFF3E21BD0781A2811A07A2A3B8A4EDA54DC441 ] C:\Windows\System32\slwga.dll

12:27:27.0846 0x095c  C:\Windows\System32\slwga.dll - ok

12:27:27.0846 0x095c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] C:\Windows\System32\sppsvc.exe

12:27:27.0846 0x095c  C:\Windows\System32\sppsvc.exe - ok

12:27:27.0846 0x095c  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys

12:27:27.0846 0x095c  C:\Windows\System32\drivers\spsys.sys - ok

12:27:27.0856 0x095c  [ B7BDBEBC74105E68A3093073C30E3498, B5D738E4C83DE4B02EA2045E6B74CB9DBA1D5CE072C235C883E216B51B4E718F ] C:\Windows\System32\sppwinob.dll

12:27:27.0856 0x095c  C:\Windows\System32\sppwinob.dll - ok

12:27:27.0856 0x095c  [ 2F530C1448D4984F2A3F995895F2D532, EF624B3D581C2BB830AB4A1275EC0A66CA28EB157E366642B7A604DFE2CDD9BC ] C:\Windows\System32\sppobjs.dll

12:27:27.0856 0x095c  C:\Windows\System32\sppobjs.dll - ok

12:27:27.0856 0x095c  [ A5C34F93BA77EB28B88CFC9D8FFE0BF7, 47C674AEDF51B5EC4091E6FEFA76105A06C9423B9286D772A2F55BC5A9E29F0A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll

12:27:27.0856 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll - ok

12:27:27.0856 0x095c  [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll

12:27:27.0856 0x095c  C:\Windows\SysWOW64\wshqos.dll - ok

12:27:27.0866 0x095c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] C:\Windows\System32\wersvc.dll

12:27:27.0866 0x095c  C:\Windows\System32\wersvc.dll - ok

12:27:27.0866 0x095c  [ D5B2C48EC3CDD4154AD7865CB7329964, 9BA5D88C8CD2B299A4331F539EEC12E18A798D334D2594D296D76D571D49F57E ] C:\Windows\System32\Faultrep.dll

12:27:27.0866 0x095c  C:\Windows\System32\Faultrep.dll - ok

12:27:27.0866 0x095c  [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\System32\WerFault.exe

12:27:27.0866 0x095c  C:\Windows\System32\WerFault.exe - ok

12:27:27.0866 0x095c  [ 63104BEF8FC6FEE45FCDE5B11E16B6FE, D34B2D7341A8483F715574FA227AB3CCBBFE5CE545E359E13F83229641F36C94 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll

12:27:27.0866 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll - ok

12:27:27.0876 0x095c  [ 782099ABB7EA73BB7FB8ED65671B0AEB, 6CF2F7A57EC199EB0FBF9EBB3A7E2BE57F86B908C99E65EF15A6C519549762D0 ] C:\Windows\System32\dbgeng.dll

12:27:27.0876 0x095c  C:\Windows\System32\dbgeng.dll - ok

12:27:27.0876 0x095c  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll

12:27:27.0876 0x095c  C:\Windows\System32\SensApi.dll - ok

12:27:27.0876 0x095c  [ 41DF7355A5A907E2C1D7804EC028965D, 207BFEC939E7C017C4704BA76172EE2C954F485BA593BC1BC8C7666E78251861 ] C:\Windows\System32\wermgr.exe

12:27:27.0876 0x095c  C:\Windows\System32\wermgr.exe - ok

12:27:27.0876 0x095c  [ 0819EF7DB96DAB8AC3DACE567ED1B99E, 1489E5BC7F6E7E25665F0ED681A74DC65ADAC331895416F1980BD9D22E79B897 ] C:\Windows\System32\werui.dll

12:27:27.0876 0x095c  C:\Windows\System32\werui.dll - ok

12:27:27.0886 0x095c  [ 22695951ED19F17B6A3AA0CBDD2FDCD1, F2BA2CACD11AC92E9469A466DF774B6B9005010E3334DBE89524BAC00D3FD60E ] C:\Windows\SysWOW64\twext.dll

12:27:27.0886 0x095c  C:\Windows\SysWOW64\twext.dll - ok

12:27:27.0886 0x095c  [ D5C88CB54E9E232DEAB8181CF04B5DCD, CBBA19F679DB37F90C244718A5FECAD69ED92E8835AF1EF0FECF16144B2FBDE8 ] C:\Windows\SysWOW64\zipfldr.dll

12:27:27.0886 0x095c  C:\Windows\SysWOW64\zipfldr.dll - ok

12:27:27.0886 0x095c  [ 59E2786A841BA8C358BB6888096128D3, F489137C06D1A7F4E5D3EEFE927D0692A6D234F3CD3AC4C471B2B01829B2C317 ] C:\Program Files\WinRAR\RarExt32.dll

12:27:27.0886 0x095c  C:\Program Files\WinRAR\RarExt32.dll - ok

12:27:27.0886 0x095c  [ 8D34930EC77FE466883F3C791100EA82, 472266DCD287211409936B9D3CDB2C8E5048E7CFADF111A3EA8C1ED0A4A1612A ] C:\Windows\SysWOW64\syncui.dll

12:27:27.0886 0x095c  C:\Windows\SysWOW64\syncui.dll - ok

12:27:27.0886 0x095c  [ 98ECA04A6B5319043583FE00FC3C22EE, 86E0FB35DD23B0C4011511019A24152286D8F3A4DE5DFCCE74786ED66770C8E4 ] C:\Windows\SysWOW64\synceng.dll

12:27:27.0886 0x095c  C:\Windows\SysWOW64\synceng.dll - ok

12:27:27.0896 0x095c  [ 2E9414B927802658C082109ECFF34595, 86C7865C82BB49479B160440C5A476B376A472B8D138ABE58FC8C858FEC10618 ] C:\Windows\SysWOW64\acppage.dll

12:27:27.0896 0x095c  C:\Windows\SysWOW64\acppage.dll - ok

12:27:27.0896 0x095c  [ 8019A904EBB6F8CFBA9E41A76A99604A, E3565098FA6519BCFF7140A1112208BD8F1E298415B2DFA0B938D146098164DF ] C:\Windows\SysWOW64\wer.dll

12:27:27.0896 0x095c  C:\Windows\SysWOW64\wer.dll - ok

12:27:27.0896 0x095c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:27:27.0896 0x095c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

12:27:27.0896 0x095c  [ 9036922E7150BD311885C82A20C52B43, 685C09EA25F2D58F79F460BC4262426FF1A8A203C0D97737CA0E6E684D552C2D ] C:\Windows\SysWOW64\msvcr120_clr0400.dll

12:27:27.0896 0x095c  C:\Windows\SysWOW64\msvcr120_clr0400.dll - ok

12:27:27.0906 0x095c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:27:27.0906 0x095c  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok

12:27:27.0906 0x095c  [ 9710CE73BB2AB06637113106F0CAAE71, 403BA9BF58A2E908158C943C896ED5ADED4AD59153F0CAF7A48562BD84494C1D ] C:\Program Files (x86)\Google\Update\1.3.32.7\goopdateres_es-419.dll

12:27:27.0906 0x095c  C:\Program Files (x86)\Google\Update\1.3.32.7\goopdateres_es-419.dll - ok

12:27:27.0906 0x095c  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:27:27.0906 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok

12:27:27.0906 0x095c  [ CF318F60A84F15AF352439465A8D05F4, E713F7FD90EB5D8845F3407E94FFD17D893C59746330960A36645A989D8D45AF ] C:\Program Files\Windows Defender\MpSvc.dll

12:27:27.0906 0x095c  C:\Program Files\Windows Defender\MpSvc.dll - ok

12:27:27.0916 0x095c  [ ADF3E771F429940E762AC097F5A54EAF, C6083EFF964E56DAB13C1D9A925052110A57145AEF06D895EAB53FD882463436 ] C:\Program Files\Windows Defender\MpClient.dll

12:27:27.0916 0x095c  C:\Program Files\Windows Defender\MpClient.dll - ok

12:27:27.0916 0x095c  [ 9BF014C20F91D97055532F2F5496E7BD, DD3CF54F729504F6A30920CC83CC32EE6165B59668291D772FDA49C37CFF08C1 ] C:\Program Files\Windows Media Player\wmpnetwk.exe

12:27:27.0916 0x095c  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

12:27:27.0916 0x095c  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll

12:27:27.0916 0x095c  C:\Windows\System32\wsock32.dll - ok

12:27:27.0916 0x095c  [ 302B93586DFA480545C320EBA5BA6572, 78DF6FBD3B37F753156D0372C514AB20CA5EF2CACE6A32E983FE2E956AF99791 ] C:\Windows\System32\wmdrmdev.dll

12:27:27.0916 0x095c  C:\Windows\System32\wmdrmdev.dll - ok

12:27:27.0926 0x095c  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll

12:27:27.0926 0x095c  C:\Windows\System32\drmv2clt.dll - ok

12:27:27.0926 0x095c  [ 4F20D081F9C9B91730EE5CB84E9AC8C4, 8A8DE5D3519715ABF13A9F276FD6B3816C0B7DE79B8F0406A601B0CAAF274F7D ] C:\Windows\System32\blackbox.dll

12:27:27.0926 0x095c  C:\Windows\System32\blackbox.dll - ok

12:27:27.0926 0x095c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll

12:27:27.0926 0x095c  C:\Windows\System32\wscsvc.dll - ok

12:27:27.0926 0x095c  [ 48FB4DC45A3D6A1D9DA1D81D224BF6F5, E99329971B9F408B2823F2CA86A68CD9BA70846822750E9F4FFCD08B47B055D7 ] C:\Windows\System32\wmp.dll

12:27:27.0926 0x095c  C:\Windows\System32\wmp.dll - ok

12:27:27.0936 0x095c  [ 72B7C2B796EE70DC5C46759FDB042666, D2A74BF0C2311FE96E674EE3C38CD73FA892B4DFAD9A97C000E9FD8E305F24F8 ] C:\Windows\System32\wuapi.dll

12:27:27.0936 0x095c  C:\Windows\System32\wuapi.dll - ok

12:27:27.0936 0x095c  [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] C:\Windows\System32\wuaueng.dll

12:27:27.0936 0x095c  C:\Windows\System32\wuaueng.dll - ok

12:27:27.0936 0x095c  [ 64E6A44177ACF348D68255A37F4723DA, 5D66D94A347BC43D0D8157CC5A24ABAF2F60B5DBEB2B1527C251452128E00EE2 ] C:\Windows\System32\cabinet.dll

12:27:27.0936 0x095c  C:\Windows\System32\cabinet.dll - ok

12:27:27.0936 0x095c  [ 99198D6590345DA0077F4C4EA4B35724, E40DF1C1833CE24FFCDDBE4429DBEA9408E0FD816E784A4C47D3F9CAC3C27704 ] C:\Windows\System32\wups.dll

12:27:27.0936 0x095c  C:\Windows\System32\wups.dll - ok

12:27:27.0946 0x095c  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll

12:27:27.0946 0x095c  C:\Windows\System32\mspatcha.dll - ok

12:27:27.0946 0x095c  [ 4FDFA3F219692D17011BF1B428857C1E, 0422101F9D47633DFF47DF022031C4221B9D395F3E23C0C6E0A54CE55D76565D ] C:\Program Files\Windows Defender\MpRTP.dll

12:27:27.0946 0x095c  C:\Program Files\Windows Defender\MpRTP.dll - ok

12:27:27.0946 0x095c  [ D3F21B4715A656563D5FC58E72F655B4, ACFCE9903A60864D4A9449B0DD9023F53D4606771B83D36D75E88C6E66B18B9A ] C:\Windows\System32\wups2.dll

12:27:27.0946 0x095c  C:\Windows\System32\wups2.dll - ok

12:27:27.0946 0x095c  [ 08C4686C366D7F8F69AFE6E77E3C6F8F, 3EE5682C3372CE8D8028A1AF2FA8087087E2D86B1EF11EE146EDC16F3C7A5C57 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A9D4DC-F05C-466B-90A8-B0062C42A2F9}\mpengine.dll

12:27:27.0946 0x095c  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A9D4DC-F05C-466B-90A8-B0062C42A2F9}\mpengine.dll - ok

12:27:27.0956 0x095c  [ D8134F0DB2BD7BB39AB91453E6374BB5, B3698C5AA75A833AFC74F89213DAE7A4E822B98366A23D55B609BD83A0A0E707 ] C:\Windows\System32\wmploc.DLL

12:27:27.0956 0x095c  C:\Windows\System32\wmploc.DLL - ok

12:27:27.0956 0x095c  [ 3AF431D7D73AF07FA00BDEC1CCDB4F09, D760AE399D6B164F1B0F572A90CA3710D1CBFFD3A1B059218E40075F93111740 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A9D4DC-F05C-466B-90A8-B0062C42A2F9}\mpasbase.vdm

12:27:27.0956 0x095c  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A9D4DC-F05C-466B-90A8-B0062C42A2F9}\mpasbase.vdm - ok

12:27:27.0956 0x095c  [ 74C560085FD533E9C26729D360E885A3, 2CBA58837E73DEAFA86D69A657D0E705598E43F8F7BE90C3E351C259321778DB ] C:\Program Files\Internet Explorer\ieproxy.dll

12:27:27.0956 0x095c  C:\Program Files\Internet Explorer\ieproxy.dll - ok

12:27:27.0956 0x095c  [ 2D444C361F758D6CC4B2F51655ECF528, DC54D594B9D5FC27C29C5B843D03E618086E5E070E03ED911C6A8E506C6F2020 ] C:\Windows\System32\wmpps.dll

12:27:27.0956 0x095c  C:\Windows\System32\wmpps.dll - ok

12:27:27.0966 0x095c  [ AF5D4C95BCF1C002461637E5DDA95609, 0098C220FD8BDEAD2DC1D39AF65D18C74B3E237E60027B387BA26D6979CDE626 ] C:\Windows\System32\wmpmde.dll

12:27:27.0966 0x095c  C:\Windows\System32\wmpmde.dll - ok

12:27:27.0966 0x095c  [ EC7EB038EA11E0D04214D143E0CB6002, 5833B2EE7CAD94B163957DFAC53CA0CCC9CC96AFD3D94050A0A77CFA777D4E81 ] C:\Windows\System32\WinSATAPI.dll

12:27:27.0966 0x095c  C:\Windows\System32\WinSATAPI.dll - ok

12:27:27.0966 0x095c  [ 66C87DB880052104808507D6FA84D68E, 46BD5C16225B3D0BF786FDA6461CE9A549DAA9FA38C8BDADAA0AF08FA6A24260 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

12:27:27.0966 0x095c  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok

12:27:27.0966 0x095c  [ 2BF5A09197251572A74C426EE3E35117, F82E120F67DD25886A91EF3067E1DE49512B06FB700488B559518F9858407010 ] C:\Windows\System32\MSMPEG2ENC.DLL

12:27:27.0966 0x095c  C:\Windows\System32\MSMPEG2ENC.DLL - ok

12:27:27.0976 0x095c  [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll

12:27:27.0976 0x095c  C:\Windows\System32\devenum.dll - ok

12:27:27.0976 0x095c  [ 0B0604BC02CA5F77A1F23C6B0D86AE8C, 84F123DC2000AB2D857C7352DCF62CDEB6CC74E505DF8B2718A87A0458FCAB0F ] C:\Windows\System32\msdmo.dll

12:27:27.0976 0x095c  C:\Windows\System32\msdmo.dll - ok

12:27:27.0976 0x095c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll

12:27:27.0976 0x095c  C:\Windows\System32\upnphost.dll - ok

12:27:27.0976 0x095c  [ 031C6782F2D50336FC2C72F8D14A4C13, A548A1360D5F30771DB5E3E9391965B3FF2E89B146B1595583009852A6FA73E0 ] C:\Windows\System32\wbem\wmiprov.dll

12:27:27.0976 0x095c  C:\Windows\System32\wbem\wmiprov.dll - ok

12:27:27.0986 0x095c  [ 98417DB5BF5777BC6C60D7317CB781C4, BA713EFFD3CD58578C99B44F3532D9E49C76637F8F9B5CAF9621FEB31C7A08AD ] C:\Windows\System32\msxml3.dll

12:27:27.0986 0x095c  C:\Windows\System32\msxml3.dll - ok

12:27:27.0986 0x095c  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:27:27.0986 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok

12:27:27.0986 0x095c  [ 7C61654D637BD4A294D86C6214C2D580, 9ABCB23BFDC986C29A12096B5D304B957B4DF19B18823168BB76026CED0C0292 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A9D4DC-F05C-466B-90A8-B0062C42A2F9}\mpasdlta.vdm

12:27:27.0986 0x095c  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A9D4DC-F05C-466B-90A8-B0062C42A2F9}\mpasdlta.vdm - ok

12:27:27.0986 0x095c  [ 64EE4663A3876638471F03586474DC13, E940F56893ACC0086CE44BE239AB7869BC11233D84FDDAAAF64FC1BE98110492 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

12:27:27.0986 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll - ok

12:27:27.0998 0x095c  [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\SysWOW64\msvcp100.dll

12:27:27.0998 0x095c  C:\Windows\SysWOW64\msvcp100.dll - ok

12:27:28.0000 0x095c  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\SysWOW64\msvcr100.dll

12:27:28.0000 0x095c  C:\Windows\SysWOW64\msvcr100.dll - ok

12:27:28.0000 0x095c  [ D0C751D4D43B16327566FE17F39F461D, 56AB216BC6017E8171CA51DD21AEDAECC56C8BB2DFE83A1A54403A4CC7070B79 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll

12:27:28.0000 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll - ok

12:27:28.0000 0x095c  [ E2430ECA924632371CC085AA4F086E65, 0C5A418B5A2B678335CEC5D0150A89CE1D59F2D686A30AA7CC66209D2F316E56 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll

12:27:28.0000 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll - ok

12:27:28.0000 0x095c  [ 7B07B798B13DB6C65DFD16FC765F7139, FC4AF97A1D580D6FA0F810BA9174CF57D3ED960E0B5BEBB42E8E7C9810687E24 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll

12:27:28.0000 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll - ok

12:27:28.0010 0x095c  [ 2120A35C9222C972AE75950A234CCB50, 101A95CFA18E8BD3380B26B2434538731F079864092CF968FFBB253C32973C66 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll

12:27:28.0010 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll - ok

12:27:28.0010 0x095c  [ 4D3D037C655D35AE8FF6F8A30B11CF90, 3B85A8A6489F35FF758DD7820B24F53509EA0F212868BB0D7E9338EAA3643C3F ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll

12:27:28.0010 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll - ok

12:27:28.0010 0x095c  [ 04B16F85684A1D3F74E4A07653F6BF14, 11065B347AF9A1D446DE122D8D885083434B3528F8CBBAA6D0CF59C947A1AF69 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll

12:27:28.0010 0x095c  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll - ok

12:27:28.0020 0x095c  [ 93BB66044FA76734E882C6F3E8EE1900, E00FE1028C999FFED3F8335F9D760929CB3A11B6EEF8D8D2F2CA4A32DEC56B26 ] C:\Program Files\Windows Defender\MsMpLics.dll

12:27:28.0020 0x095c  C:\Program Files\Windows Defender\MsMpLics.dll - ok

12:27:28.0020 0x095c  [ 36D31EA14A5014079E335BA73C1C88DA, DDA2C2A47835E93EE59A8EC091F71013E26C479048C76951F9B5F80FF6BE97B3 ] C:\Windows\System32\wscapi.dll

12:27:28.0020 0x095c  C:\Windows\System32\wscapi.dll - ok

12:27:28.0020 0x095c  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll

12:27:28.0020 0x095c  C:\Windows\System32\wscisvif.dll - ok

12:27:28.0020 0x095c  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll

12:27:28.0020 0x095c  C:\Windows\System32\wscproxystub.dll - ok

12:27:28.0020 0x095c  [ 71E68F2443A80BD4DA89181889C457EA, 8665D3DDF92B05EF287FB6EC43782512C23A1437764CF6F4DE0B00547F3C696B ] C:\Windows\System32\udhisapi.dll

12:27:28.0020 0x095c  C:\Windows\System32\udhisapi.dll - ok

12:27:28.0030 0x095c  [ 81252AA3B13743020BCF2089A5A0D911, BFFB1A5917EC1EDAF6B58EAFD888575299365D09C734FACF5A7D1843680DDFD8 ] C:\Windows\System32\wscinterop.dll

12:27:28.0030 0x095c  C:\Windows\System32\wscinterop.dll - ok

12:27:28.0030 0x095c  [ DF50DAE4C547285E4997A0C61063B632, 24F1B66CD2C5188609F936E7F4947E29EB120C59731E7028285CE6791F31B580 ] C:\Windows\System32\wscui.cpl

12:27:28.0030 0x095c  C:\Windows\System32\wscui.cpl - ok

12:27:28.0030 0x095c  [ C3626E674990EF003B6C94807E82B501, 2C94CC7BEE7529D6CB3D832FAB5CFC87E72D06800B930A586875A317E2DD11FA ] C:\Windows\System32\werconcpl.dll

12:27:28.0030 0x095c  C:\Windows\System32\werconcpl.dll - ok

12:27:28.0030 0x095c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll

12:27:28.0030 0x095c  C:\Windows\System32\wercplsupport.dll - ok

12:27:28.0040 0x095c  [ 809AE7D4ACE06BBCF621E5C504BF6FC8, 0BAAB89FB57468F27446947D75CBD6DDFC92D9B8F040144A12656803B2F7BF65 ] C:\Windows\System32\hcproviders.dll

12:27:28.0040 0x095c  C:\Windows\System32\hcproviders.dll - ok

12:27:28.0040 0x095c  [ 5EA9A0950F322BFA382AF277801C0307, A2C00A3E22A484A00620FF801E0B6EB475C9593C80AF321564E5A0DD2B1C38B7 ] C:\Windows\System32\wbem\wmipcima.dll

12:27:28.0040 0x095c  C:\Windows\System32\wbem\wmipcima.dll - ok

12:27:28.0040 0x095c  ================ Scan generic autorun ======================

12:27:28.0400 0x095c  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

12:27:28.0640 0x095c  RtHDVCpl - ok

12:27:28.0810 0x095c  [ 666FEA598D1776C7F8EDD7746F0F7F59, 54E330BCDBAB646B555DACC15F9CFB0AD6A05BF4E273F73C5133259EEE976C21 ] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

12:27:28.0870 0x095c  Malwarebytes TrayApp - ok

12:27:28.0940 0x095c  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

12:27:28.0960 0x095c  Adobe ARM - ok

12:27:29.0010 0x095c  [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

12:27:29.0020 0x095c  BCSSync - ok

12:27:29.0060 0x095c  [ 40754D93AEB60577897FADEE6941B2B1, 150D74C7EFE5C06CDE603E1A9C6DBA89FC83B86F2E94BBEA92C3D9CEC9373142 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe

12:27:29.0090 0x095c  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )

12:27:32.0046 0x095c  Detect skipped due to KSN trusted

12:27:32.0046 0x095c  ControlCenter4 - ok

12:27:32.0226 0x095c  [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

12:27:32.0346 0x095c  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )

12:27:35.0509 0x095c  Detect skipped due to KSN trusted

12:27:35.0509 0x095c  BrStsMon00 - ok

12:27:35.0599 0x095c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

12:27:35.0649 0x095c  Sidebar - ok

12:27:35.0669 0x095c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

12:27:35.0679 0x095c  mctadmin - ok

12:27:35.0739 0x095c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

12:27:35.0769 0x095c  Sidebar - ok

12:27:35.0789 0x095c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

12:27:35.0799 0x095c  mctadmin - ok

12:27:36.0052 0x095c  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe

12:27:36.0192 0x095c  CCleaner Monitoring - ok

12:27:36.0312 0x095c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Felipe\AppData\Local\FluxSoftware\Flux\flux.exe

12:27:36.0332 0x095c  f.lux - ok

12:27:36.0362 0x095c  Skype - ok

12:27:36.0372 0x095c  Waiting for KSN requests completion. In queue: 6

12:27:37.0372 0x095c  Waiting for KSN requests completion. In queue: 6

12:27:38.0375 0x095c  Waiting for KSN requests completion. In queue: 6

12:27:39.0385 0x095c  Win FW state via NFP2: enabled ( trusted )

12:27:42.0251 0x095c  ============================================================

12:27:42.0251 0x095c  Scan finished

12:27:42.0251 0x095c  ============================================================

12:27:42.0261 0x0960  Detected object count: 0

12:27:42.0261 0x0960  Actual detected object count: 0

 

[Jr0x]

Hi diegofba,

Windows Repair (All in One):

Download Windows Repair (All in One) from this site to your Desktop

• Install the program then run it.
• Please use the default settings for locations as it will help with log retrieval and fixing the registry should anything be needed.

NOTE 1. In Windows Vista, 7 and 8, Right click on the desktop shortcut for "Tweaking.com - Windows Repair" and select 'Run as administrator'.
NOTE 2. Disable your antivirus program before running Windows Repair.

The program will run a self check to make sure that all the correct files are in place for it to run and then it will load the program.  As you can see, there are many steps to take in using this program.  Mainly, the first few steps involve checking for proper Windows files and backing up the system as a precaution.




 
You can read the notes on the first screen but the important thing to do is click on "ReBoot to Safe Mode" and allow the system to restart itself.  Once the system is started in safe mode and you have logged in (using an administrative level account), restart the program and move onto the Step2 screen.
 



Please click on "Open Pre-Scan" to load a utility to verify some Windows resource / build files and settings.



 
Click on "Start Scan" and allow the routine to run.  You can see the status of the checks in the window.
 


 
When the routine is finished, it will report on any problems found and you can click on the appropriate repair button if needed.  Once this is done, you can close this window and click on Step3.
 


 
Click on the "Check" to see if a repair disk check routine needs to run.  A Command Prompt window will open and you can view the status of the routine.  If the routine finds that repairs need to be made, please select "Open Disk Check at Next Boot" and then click on the "Reboot To Safe Mode" button.  Once the routine(s) completes, please select Step4.
 


 
Please click on "Do It" to run a SFC /scannow routine.  If the routine makes any repairs, please reboot your system (again into Safe Mode).  If the routine does not make any repairs, please move onto Step5.
 


 
Once there, click on "Backup" under the 1. Registry Backup.  This will make a complete backup of the current registry which can be reloaded should anything go wrong with the repairs that are going to be made.  Next, click on the "Create" under 2. System Restore.  Once both of these backups are made, select Repairs.
 



I would suggest that you read the Tips For The Best Repairs Results.  Once this is done, click on "Open Repairs".




On this screen, uncheck All Repairs and then click (select) the following click the following: 1, 2, 3, 4, 5, 6, 8, 10, 11, 13, 15, 17, 21, 23, 26, 27, 31 and 32.  The screen and options should look very much like the picture above.  Click "Start Repairs" and confirm that the program starts running the fixes.  This will take a while to run, so you can let it run unattended if you like.  Log files are being recorded as the repairs are being executed.  Once the repairs are finished, reboot your system (normal boot now) and tell me how it is running now.

Once completed, please try running FRST and (install) Malwarebytes on normal windows mode (not Safe Mode) and let me know if you are able to run.

[diegofba]

Hi, after doing that i tried to open/install FRST and MALW but i'm still unable to run them on normal mode(also malwarebytes icon doesn't show properly for some reason) And on step 4 when pc rebooted there was a error pop up about pleasewait.exe (if i remember correctly)

 

Here are the logs that i got running MALW and FRST on safe mode 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017

Ran by Felipe (administrator) on FELIPE (07-01-2017 18:49:25)

Running from D:\User2016\Desktop

Loaded Profiles: Felipe (Available Profiles: Felipe)

Platform: Windows 7 Home Premium (X64) Language: Español (España, internacional)

Internet Explorer Version 8 (Default browser: Chrome)

Boot Mode: Safe Mode (minimal)

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

 

==================== Registry (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Run: [f.lux] => C:\Users\Felipe\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\RunOnce: [Adobe Speed Launcher] => 1483832159

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {ac1b0cb2-91fa-11e6-9a82-50e5492444fa} - F:\LG_PC_Programs.exe

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {f9f8731d-7286-11e6-b397-50e5492444fa} - F:\HiSuiteDownLoader.exe

Startup: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk [2017-01-07]

ShortcutTarget: Start.lnk -> C:\Users\Felipe\AppData\Roaming\dfenqkn\qnaip.exe (Microsoft Corporation)

BootExecute: autocheck autochk * sdnclean64.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Tcpip\..\Interfaces\{92B75EA1-5721-4377-9BB8-8BE2FE93959C}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{A49E6196-757F-47AB-87CF-9D04061CDD5D}: [NameServer] 200.108.96.220,200.108.96.217

 

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.centamnetworks.com/

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://login.centamnetworks.com/

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

Toolbar: HKU\S-1-5-21-3052470422-392353544-3589946678-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)

Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)

Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

 

FireFox:

========

FF DefaultProfile: 793f1rku.default

FF ProfilePath: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default [2017-01-07]

FF user.js: detected! => C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default\user.js [2017-01-07]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3052470422-392353544-3589946678-1000: SkypePlugin -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\npGatewayNpapi.dll [2016-03-31] (Skype Technologies S.A.)

FF Plugin HKU\S-1-5-21-3052470422-392353544-3589946678-1000: SkypePlugin64 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\npGatewayNpapi-x64.dll [2016-03-31] (Skype Technologies S.A.)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR StartupUrls: Default -> "hxxps://www.google.com.pe/?gws_rd=ssl"

CHR DefaultSearchURL: Default -> hxxps://auth.gfx.ms/16.000.26210.00/favicon.ico?v=2

CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default [2017-01-07]

CHR Extension: (HOTMAIL) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\alkekcgkpcoagcmachoigbfdghlbeoon [2016-04-02]

CHR Extension: (Google Docs) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-15]

CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-15]

CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-15]

CHR Extension: (Búsqueda de Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-15]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (AdBlock) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]

CHR Extension: (Skype) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-10]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]

CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-15]

CHR Extension: (Chrome Media Router) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]

CHR Extension: (Llamadas de Skype) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2016-04-09]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)

S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()

S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()

S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-07] (Malwarebytes)

S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-07] (Malwarebytes)

S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-07] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-07] (Malwarebytes)

S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-01-07] (Malwarebytes)

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-01-07 18:37 - 2017-01-07 18:37 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys

2017-01-07 18:37 - 2017-01-07 18:37 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys

2017-01-07 18:37 - 2017-01-07 18:37 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2017-01-07 18:37 - 2017-01-07 18:37 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2017-01-07 18:37 - 2017-01-07 18:37 - 00002966 _____ C:\Windows\System32\Tasks\{2F4D14A0-D0A2-4BC3-A1FF-8275A53BFF7D}

2017-01-07 18:36 - 2017-01-07 18:39 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2017-01-07 18:36 - 2017-01-07 18:36 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-01-07 18:36 - 2017-01-07 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-01-07 18:36 - 2017-01-07 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-01-07 18:36 - 2017-01-07 18:36 - 00000000 ____D C:\Program Files\Malwarebytes

2017-01-07 18:36 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys

2017-01-07 18:07 - 2017-01-07 18:07 - 00000207 _____ C:\Windows\tweaking.com-regbackup-FELIPE-Windows-7-Home-Premium-(64-bit).dat

2017-01-07 18:07 - 2017-01-07 18:07 - 00000000 ____D C:\RegBackup

2017-01-07 17:30 - 2017-01-07 17:30 - 00000000 ___DL C:\Users\Felipe\My Documents

2017-01-07 17:17 - 2017-01-07 17:18 - 00190158 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt

2017-01-07 17:17 - 2017-01-07 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

2017-01-07 17:17 - 2017-01-07 17:17 - 00000000 ____D C:\Program Files (x86)\Tweaking.com

2017-01-07 12:23 - 2017-01-07 12:33 - 00651834 _____ C:\TDSSKiller.3.1.0.12_07.01.2017_12.23.34_log.txt

2017-01-07 12:21 - 2017-01-07 12:22 - 00004980 _____ C:\TDSSKiller.3.1.0.12_07.01.2017_12.21.00_log.txt

2017-01-07 08:27 - 2017-01-07 08:27 - 00002966 _____ C:\Windows\System32\Tasks\{84EAA28A-84F3-40AC-BC38-92B039DE4CC7}

2017-01-07 08:27 - 2017-01-07 08:27 - 00002966 _____ C:\Windows\System32\Tasks\{825DBA04-6D76-4639-8CD0-6232F6A22B26}

2017-01-07 08:24 - 2017-01-07 08:24 - 00002966 _____ C:\Windows\System32\Tasks\{98ABF077-10F8-4F0E-904F-BA1D8D5BAA2D}

2017-01-07 08:24 - 2017-01-07 08:24 - 00002966 _____ C:\Windows\System32\Tasks\{66711122-12EC-495F-8D76-8CEF457BCEAE}

2017-01-07 08:08 - 2017-01-07 08:08 - 00000000 ____D C:\ProgramData\Office Genuine Advantage

2017-01-07 08:08 - 2017-01-07 08:08 - 00000000 ____D C:\MGADiagToolOutput

2017-01-07 07:55 - 2017-01-07 07:55 - 00000085 _____ C:\Windows\wininit.ini

2017-01-07 07:55 - 2017-01-07 07:55 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2017-01-07 07:54 - 2009-06-10 16:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20170107-075439.backup

2017-01-06 10:21 - 2017-01-07 18:49 - 00000000 ____D C:\FRST

2017-01-03 07:18 - 2017-01-07 07:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2017-01-03 07:18 - 2017-01-07 07:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2017-01-03 07:18 - 2017-01-03 07:18 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2017-01-03 07:18 - 2017-01-03 07:18 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2017-01-03 07:18 - 2017-01-03 07:18 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2017-01-03 07:17 - 2017-01-03 06:10 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Felipe\spybot-2.4.exe

2017-01-03 07:16 - 2017-01-03 06:03 - 54199488 _____ (Malwarebytes ) C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe

2017-01-03 07:15 - 2017-01-07 18:47 - 01116846 _____ C:\Windows\ntbtlog.txt

2016-12-29 12:04 - 2017-01-03 07:19 - 00000000 ____D C:\ProgramData\AVAST Software

2016-12-29 12:01 - 2016-12-29 12:02 - 00000000 __SHD C:\Config.Msi

2016-12-10 16:53 - 2016-12-10 16:53 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk

2016-12-10 16:53 - 2016-12-10 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-01-07 18:42 - 2009-07-14 04:31 - 00733306 _____ C:\Windows\system32\perfh00A.dat

2017-01-07 18:42 - 2009-07-14 04:31 - 00154222 _____ C:\Windows\system32\perfc00A.dat

2017-01-07 18:42 - 2009-07-14 00:13 - 01675926 _____ C:\Windows\system32\PerfStringBackup.INI

2017-01-07 18:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf

2017-01-07 18:38 - 2009-07-13 23:45 - 00018880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2017-01-07 18:38 - 2009-07-13 23:45 - 00018880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-01-07 18:36 - 2016-08-03 06:39 - 00000000 ___HD C:\Users\Felipe\AppData\Roaming\dfenqkn

2017-01-07 18:35 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2017-01-07 18:23 - 2009-07-13 23:45 - 00416024 _____ C:\Windows\system32\FNTCACHE.DAT

2017-01-07 18:17 - 2009-07-13 21:34 - 00000514 _____ C:\Windows\win.ini

2017-01-07 18:04 - 2016-03-15 11:53 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS

2017-01-07 17:30 - 2016-03-15 11:31 - 00000000 ____D C:\Users\Felipe

2017-01-07 17:14 - 2016-03-15 13:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2017-01-07 12:17 - 2016-04-09 21:38 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Skype

2017-01-07 08:30 - 2016-06-29 11:35 - 00000000 ____D C:\Users\Felipe\AppData\Local\ElevatedDiagnostics

2017-01-03 07:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF

2016-12-29 12:02 - 2016-03-15 11:35 - 00000000 __SHD C:\Windows\Installer

2016-12-29 12:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\DriverStore

2016-12-17 20:26 - 2016-03-15 11:34 - 00000000 ____D C:\Users\Felipe\AppData\Local\Google

2016-12-17 04:00 - 2016-03-15 11:35 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-12-17 04:00 - 2016-03-15 11:35 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-12-17 03:53 - 2016-03-15 11:34 - 00003468 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2016-12-17 03:53 - 2016-03-15 11:34 - 00003340 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2016-12-14 06:13 - 2016-04-12 21:36 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\vlc

2016-12-14 05:35 - 2016-03-15 13:01 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-12-14 05:35 - 2016-03-15 13:01 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk

2016-12-13 23:00 - 2016-03-15 12:40 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Adobe

2016-12-13 05:02 - 2016-04-09 21:38 - 00000000 ___RD C:\Program Files (x86)\Skype

2016-12-11 03:18 - 2009-07-14 00:08 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-12-10 16:52 - 2016-03-15 11:34 - 00000000 ____D C:\Program Files (x86)\Google

 

Files to move or delete:

====================

C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe

C:\Users\Felipe\spybot-2.4.exe

 

 

==================== Bamital & volsnap ======================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe

[2009-07-13 18:52] - [2011-01-15 19:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

 

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll

[2009-07-13 18:38] - [2011-01-15 19:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

 

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2017-01-06 15:03

 

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017

Ran by Felipe (07-01-2017 18:49:54)

Running from D:\User2016\Desktop

Windows 7 Home Premium (X64) (2016-03-15 16:31:26)

Boot Mode: Safe Mode (minimal)

==========================================================

 

 

==================== Accounts: =============================

 

Administrador (S-1-5-21-3052470422-392353544-3589946678-500 - Administrator - Disabled)

Felipe (S-1-5-21-3052470422-392353544-3589946678-1000 - Administrator - Enabled) => C:\Users\Felipe

HomeGroupUser$ (S-1-5-21-3052470422-392353544-3589946678-1002 - Limited - Enabled)

Invitado (S-1-5-21-3052470422-392353544-3589946678-501 - Limited - Enabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Malwarebytes (Enabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)

CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)

f.lux (HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\Flux) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)

Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Malwarebytes versión 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 34.0.5 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 es-ES)) (Version: 34.0.5 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)

Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG)

ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Photoshop CS5 Extended 12.0 (HKLM-x32\...\Photoshop CS5 Extended 12.0) (Version:  - )

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

Skype Web Plugin (HKLM-x32\...\{7E4C8063-6644-4580-B27F-6B70B1A51F0E}) (Version: 7.17.0.44 - Skype Technologies S.A.)

Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)

Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.21 - Tweaking.com)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)

WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-3052470422-392353544-3589946678-1000_Classes\CLSID\{0BFBE3EE-00BF-49F9-BC19-26B42AF261C1}\InprocServer32 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\GatewayActiveX-x64.dll (Skype Technologies S.A.)

CustomCLSID: HKU\S-1-5-21-3052470422-392353544-3589946678-1000_Classes\CLSID\{AC4E242D-28FB-40A2-9C2E-150FF1EE5B49}\localserver32 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\GatewayVersion-x64.exe (Skype Technologies S.A.)

CustomCLSID: HKU\S-1-5-21-3052470422-392353544-3589946678-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Felipe\AppData\Local\SkypePlugin\7.17.0.44\EdgeCalling.exe (Skype Technologies S.A.)

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0F9E67F2-1EA6-455D-B5CC-1B225E67753C} - System32\Tasks\{825DBA04-6D76-4639-8CD0-6232F6A22B26} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [2016-12-14] (Malwarebytes)

Task: {1E47880E-A52F-43D1-A6D0-19DB28ABD0B6} - System32\Tasks\{66711122-12EC-495F-8D76-8CEF457BCEAE} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [2016-12-14] (Malwarebytes)

Task: {33169B47-AB22-475D-BC94-709705FA9AB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

Task: {416A9E47-9103-4E84-A49B-00F3C923D1AE} - System32\Tasks\{98ABF077-10F8-4F0E-904F-BA1D8D5BAA2D} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [2016-12-14] (Malwarebytes)

Task: {514C1404-F5D3-47D1-B2C4-21EAEDDD1FFD} - System32\Tasks\{05E27C9C-E88B-48F5-9203-A9BDA03CB4E5} => C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe [2016-10-06] (Google)

Task: {64294FA9-8452-40D6-8638-7F4B744BEF29} - System32\Tasks\{2F4D14A0-D0A2-4BC3-A1FF-8275A53BFF7D} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [2016-12-14] (Malwarebytes)

Task: {91DFAED2-827F-4215-BD0F-9E9D34FBEB14} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()

Task: {B202AEC0-ACF8-468B-8A25-10598C67828C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)

Task: {B40F25B0-F906-46B3-98E2-4BB5B2863390} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-03-15] ()

Task: {C7887804-832B-4E55-81DC-7033D8AB298B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)

Task: {DB8FBF19-927E-4BE7-9391-AE3AC7A14FCA} - System32\Tasks\{84EAA28A-84F3-40AC-BC38-92B039DE4CC7} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [2016-12-14] (Malwarebytes)

Task: {E9812601-D2D0-4931-9F02-C9DB9EE64386} - System32\Tasks\{0D61BCCA-A4BB-48B1-90E2-B05B0F8F3FD8} => C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe [2016-10-06] (Google)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\HOTMAIL.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=alkekcgkpcoagcmachoigbfdghlbeoon

 

==================== Loaded Modules (Whitelisted) ==============

 

2017-01-07 18:36 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

 

==================== Alternate Data Streams (Whitelisted) =========

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

river"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35849799.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2017-01-07 07:54 - 00000824 ___RA C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: Media is not connected to internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{55EDC9DB-7EE8-4173-8250-6FE0FAF53DB5}] => C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{C724532D-5422-495F-9E85-4CBF405EB01A}] => C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{E4B67E3E-14D4-4F85-9F8E-83F07C886A39}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{EC4D0ECA-D192-45B2-A1A1-74C3D8293D39}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{B965BF6E-08D5-4A6A-BABB-A42A3BCA24BE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{E35DBD8E-668C-40F6-8F3B-D2BCD455FFDE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{59FDAC0C-9F84-46E6-BFC3-386B3BF57D47}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{CE074DA9-8640-40CB-8DF4-0E0DC2FFD80B}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{096DB4C0-F0F7-40C7-896B-EBA1A0053764}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{79688221-6C69-437C-817B-63A606014028}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{01B05AF3-BDC1-4D74-8CF6-41A31EFF9021}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

 

==================== Faulty Device Manager Devices =============

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (01/07/2017 06:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe98ade270

Id. del proceso con errores: 0x624

Hora de inicio de la aplicación con errores: 0x01d2693eaf636186

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: 13d199c8-d532-11e6-9fd9-50e5492444fa

 

Error: (01/07/2017 06:36:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/07/2017 06:32:14 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.1.0.388, marca de tiempo: 0x58320f73

Nombre del módulo con errores: MwacControllerImpl.dll, versión: 3.0.0.112, marca de tiempo: 0x584f2e52

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x00000000000212bf

Id. del proceso con errores: 0x440

Hora de inicio de la aplicación con errores: 0x01d2693e39259842

Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacControllerImpl.dll

Id. del informe: 848e7045-d531-11e6-a21f-50e5492444fa

 

Error: (01/07/2017 06:29:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe9a2de270

Id. del proceso con errores: 0x5f4

Hora de inicio de la aplicación con errores: 0x01d2693dc674f2c6

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: 3148ddb3-d531-11e6-a21f-50e5492444fa

 

Error: (01/07/2017 06:29:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/07/2017 06:26:25 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: AutoKMS.exe, versión: 2.5.2.0, marca de tiempo: 0x53c9a9a0

Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x000007fe9503e270

Id. del proceso con errores: 0x61c

Hora de inicio de la aplicación con errores: 0x01d2693d12545802

Ruta de acceso de la aplicación con errores: C:\Windows\AutoKMS\AutoKMS.exe

Ruta de acceso del módulo con errores: unknown

Id. del informe: b4b75671-d530-11e6-a3e8-50e5492444fa

 

Error: (01/07/2017 06:26:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

   at ..(System.String, System.String, ., System.String)

   at ...ctor()

   at ..(.)

   at ..()

 

Error: (01/07/2017 06:23:55 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

 

Error: (01/07/2017 06:23:54 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

 

Error: (01/07/2017 06:08:32 PM) (Source: VSS) (EventID: 8193) (User: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80040154, Clase no registrada

.

 

 

Operación:

   Establecer contexto de instantánea

 

Contexto:

   Contexto de ejecución: Requestor

 

 

System errors:

=============

Error: (01/07/2017 06:47:56 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:

{9E175B6D-F52A-11D8-B9A5-505054503030}

 

Error: (01/07/2017 06:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 

No se puede iniciar el servicio o grupo de dependencia.

 

Error: (01/07/2017 06:39:17 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: Error de DCOM "1068" al intentar iniciar el servicio netprofm con argumentos "" para ejecutar el servidor:

{A47979D2-C419-11D9-A5B4-001185AD2B89}

 

 

CodeIntegrity:

===================================

  Date: 2017-01-07 18:35:05.037

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 18:28:35.164

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 18:23:33.022

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 17:49:16.384

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 17:47:29.131

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 17:13:43.276

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 14:09:05.104

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 12:23:09.412

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 12:17:18.401

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

  Date: 2017-01-07 08:31:01.307

  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz

Percentage of memory in use: 14%

Total physical RAM: 4079.43 MB

Available physical RAM: 3489.07 MB

Total Virtual: 8157.01 MB

Available Virtual: 7520.79 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:29.19 GB) (Free:6.65 GB) NTFS

Drive d: (DATOS) (Fixed) (Total:203.58 GB) (Free:96.75 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9A9D9A9D)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=29.2 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=203.6 GB) - (Type=OF Extended)

 

==================== End of Addition.txt ============================

 

 

Malwarebytes

www.malwarebytes.com

 

-Log Details-

Scan Date: 1/7/17

Scan Time: 6:43 PM

Logfile: 

Administrator: Yes

 

-Software Information-

Version: 3.0.0

Components Version: 1.0.0

Update Package Version: 1.0.0

License: Free

 

-System Information-

OS: Windows 7

CPU: x64

File System: NTFS

User: FELIPE\Felipe

 

-Scan Summary-

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 336711

Time Elapsed: 4 min, 36 sec

 

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

-Scan Details-

Process: 0

(No malicious items detected)

 

Module: 0

(No malicious items detected)

 

Registry Key: 0

(No malicious items detected)

 

Registry Value: 0

(No malicious items detected)

 

Data Stream: 0

(No malicious items detected)

 

Folder: 0

(No malicious items detected)

 

File: 0

(No malicious items detected)

 

Physical Sector: 0

(No malicious items detected)

 

 

(end)

 

Attached Files

•  Addition.txt   25.93KB   181 downloads
•  FRST.txt   20.62KB   177 downloads

[Jr0x]

Hi diegofba,

Apologies for the delay.

When you mentioned that you are unable to run them on normal mode, can you please state if there is any error message or any sort?

Also, earlier on, you mentioned that
 

I'm unable to install or open some files due to a virus

Can you also further elaborate on this? Is there any specific symptoms?

-----

Move FRST to Desktop

I noticed that you did not run FRST from Desktop. Do note to move FRST from your current folder to Desktop (C:\Users\Felipe\Desktop).

Jotti File Submission:

• Please go to Jotti's malware scan
• Click the Choose File or Browse button beside File to scan:
• Navigate to the following file, select it, then press Open
  • C:\Users\Felipe\AppData\Roaming\dfenqkn\qnaip.exe
• Click on the Submit file button
• If you receive a message saying the "This file has been scanned before.", click Scan Again.
• Once the scan is finished, copy and paste the URL of the scan result in your next reply.

Fix with FRST

• Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. To do this highlight the contents of the box, right click on it and select copy.
• Right-click in the open notepad and select Paste.
• Save it on the desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {ac1b0cb2-91fa-11e6-9a82-50e5492444fa} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {f9f8731d-7286-11e6-b397-50e5492444fa} - F:\HiSuiteDownLoader.exe
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.centamnetworks.com/
HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://login.centamnetworks.com/
Toolbar: HKU\S-1-5-21-3052470422-392353544-3589946678-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF user.js: detected! => C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default\user.js [2017-01-07]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
Task: {B40F25B0-F906-46B3-98E2-4BB5B2863390} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-03-15] ()
ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\HOTMAIL.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=alkekcgkpcoagcmachoigbfdghlbeoon

C:\Windows\gdrv.sys
C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe
C:\Users\Felipe\spybot-2.4.exe
C:\Windows\AutoKMS\AutoKMS.exe

CMD: netsh winsock reset
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Emptytemp:
Hosts:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Note: Your machine will reboot after the fix.


Farbar Service Scanner

Please download Farbar Service Scanner to your desktop and double click on the file to run it.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

In your next reply, please include the following:

• Answer to my question
• Jotti scan result
• FRST fixlog
• FSS log
• Try to run FRST on normal mode

[diegofba]

Hey jr0x, about your questions ONCE or Twice when i tried to force-open a file (searching for errors or compatibility problems, there was a error msg saying that the file wasn't there) but what usually happens is, in the case of FSS and FRST for example, it seems like the program is opening (it opens half a second) and it inmediately closes thats why i'm unable to open them on normal mode

 

Also when i searched the qnaip.exe file it doensn't exist there ( i'm attaching a ss)

so i tried to scan both exes and on the last (xbcvutq32) it scanned it as ckfyedne (i tried to scan xbc.. multiple times on other browsers and on private mode but it always scans as ckfyedne, here is the link: https://virusscan.jo...njob/piqn4aa05f

 

should i run the fixlist and fss on safe mode??? Also i did run frst on desktop; don't know why it shows like it isn't running from there

[Jr0x]

Hi,
 
Run both on Safe Mode.
 
I'm not really sure what you meant by
 

so i tried to scan both exes and on the last (xbcvutq32) it scanned it as ckfyedne (i tried to scan xbc.. multiple times on other browsers and on private mode but it always scans as ckfyedne, here is the link: 

 
You can try to show hidden files, and see if it exist in the directory.


Show Hidden Files and Folders

• Click Start button > select Control Panel > select Appearance and Personalization > select Folder Options.
• Select View tab
• Select Show hidden files and folders, and then click OK.

 

Let me know how is your machine running in normal mode after the FRST fix. 

[diegofba]

sorry, forgot the ss, also just checked and the name of the exe changed again

 

also here's the fss log (on safe mode) 

 

Farbar Service Scanner Version: 27-01-2016

Ran by Felipe (administrator) on 09-01-2017 at 09:45:22

Running from "D:\User2016\Desktop"

Microsoft Windows 7 Home Premium   (X64)

Boot Mode: Minimal

****************************************************************

 

Internet Services:

============

Dnscache Service is not running. Checking service configuration:

The start type of Dnscache service is OK.

The ImagePath of Dnscache service is OK.

The ServiceDll of Dnscache service is OK.

 

Dhcp Service is not running. Checking service configuration:

The start type of Dhcp service is OK.

The ImagePath of Dhcp service is OK.

The ServiceDll of Dhcp service is OK.

 

Nsi Service is not running. Checking service configuration:

The start type of Nsi service is OK.

The ImagePath of Nsi service is OK.

The ServiceDll of Nsi service is OK.

 

nsiproxy Service is not running. Checking service configuration:

The start type of nsiproxy service is OK.

The ImagePath of nsiproxy service is OK.

 

tdx Service is not running. Checking service configuration:

The start type of tdx service is OK.

The ImagePath of tdx service is OK.

 

afd Service is not running. Checking service configuration:

The start type of afd service is OK.

The ImagePath of afd service is OK.

 

 

Connection Status:

==============

Attempt to access Local Host IP returned error: Localhost is blocked: Other errors

There is no connection to network.

Attempt to access Google IP returned error. Other errors

Attempt to access Google.com returned error: Other errors

Attempt to access Yahoo.com returned error: Other errors

 

 

Windows Firewall:

=============

mpsdrv Service is not running. Checking service configuration:

The start type of mpsdrv service is OK.

The ImagePath of mpsdrv service is OK.

 

MpsSvc Service is not running. Checking service configuration:

The start type of MpsSvc service is OK.

The ImagePath of MpsSvc service is OK.

The ServiceDll of MpsSvc service is OK.

 

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

 

 

System Restore Policy: 

========================

 

 

Action Center:

============

 

wscsvc Service is not running. Checking service configuration:

The start type of wscsvc service is OK.

The ImagePath of wscsvc service is OK.

The ServiceDll of wscsvc service is OK.

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is OK.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

 

BITS Service is not running. Checking service configuration:

The start type of BITS service is OK.

The ImagePath of BITS service is OK.

The ServiceDll of BITS service is OK.

 

EventSystem Service is not running. Checking service configuration:

The start type of EventSystem service is OK.

The ImagePath of EventSystem service is OK.

The ServiceDll of EventSystem service is OK.

 

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

 

Attached Thumbnails

• 
• 

Attached Files

•  FSS.txt   4.79KB   144 downloads

[Jr0x]

Hi,

 

Can you upload bageyudhp, ckfyedne, xbcvutq32, gqabo64 to Jotti and paste me the URL result?

[diegofba]

Here's the scan: 

https://virusscan.jo...p0hq,piqn4aa05f

 

bageyudhp.js seems infected and the other two exes seems as duplicates 

(one is omitted on the scan as seen as a duplicate)

and those exes change names constantly

 

Here's the fixlog, I still can't open the files on normal mode

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017

Ran by Felipe (09-01-2017 10:00:27) Run:1

Running from D:\User2016\Desktop

Loaded Profiles: Felipe (Available Profiles: Felipe)

Boot Mode: Safe Mode (minimal)

==============================================

 

fixlist content:

*****************

Start

CreateRestorePoint:

CloseProcesses:

 

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {ac1b0cb2-91fa-11e6-9a82-50e5492444fa} - F:\LG_PC_Programs.exe

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\...\MountPoints2: {f9f8731d-7286-11e6-b397-50e5492444fa} - F:\HiSuiteDownLoader.exe

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.centamnetworks.com/

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://login.centamnetworks.com/

Toolbar: HKU\S-1-5-21-3052470422-392353544-3589946678-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

FF user.js: detected! => C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default\user.js [2017-01-07]

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

Task: {B40F25B0-F906-46B3-98E2-4BB5B2863390} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-03-15] ()

ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\HOTMAIL.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=alkekcgkpcoagcmachoigbfdghlbeoon

 

C:\Windows\gdrv.sys

C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe

C:\Users\Felipe\spybot-2.4.exe

C:\Windows\AutoKMS\AutoKMS.exe

 

CMD: netsh winsock reset

CMD: ipconfig /flushdns

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state on

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

 

Emptytemp:

Hosts:

End

*****************

 

Error: Restore point can only be created in normal mode.

Processes closed successfully.

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => key removed successfully

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac1b0cb2-91fa-11e6-9a82-50e5492444fa} => key removed successfully

HKCR\CLSID\{ac1b0cb2-91fa-11e6-9a82-50e5492444fa} => key not found. 

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9f8731d-7286-11e6-b397-50e5492444fa} => key removed successfully

HKCR\CLSID\{f9f8731d-7286-11e6-b397-50e5492444fa} => key not found. 

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => key removed successfully

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009 => key removed successfully

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => key removed successfully

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009 => key removed successfully

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully

HKU\S-1-5-21-3052470422-392353544-3589946678-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully

HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 

C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default\user.js => moved successfully

C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\793f1rku.default\user.js => not found.

HKLM\System\CurrentControlSet\Services\gdrv => key removed successfully

gdrv => service removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B40F25B0-F906-46B3-98E2-4BB5B2863390} => key removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B40F25B0-F906-46B3-98E2-4BB5B2863390} => key removed successfully

C:\Windows\System32\Tasks\AutoKMS => moved successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully

C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\HOTMAIL.lnk => Shortcut argument removed successfully.

"C:\Windows\gdrv.sys" => not found.

C:\Users\Felipe\mb3-setup-35891.35891-3.0.5.1299.exe => moved successfully

C:\Users\Felipe\spybot-2.4.exe => moved successfully

C:\Windows\AutoKMS\AutoKMS.exe => moved successfully

 

========= netsh winsock reset =========

 

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error

11003

 

El cat logo Winsock se restableci¢ correctamente.

Debe reiniciar el equipo para completar el restablecimiento.

 

 

========= End of CMD: =========

 

 

========= ipconfig /flushdns =========

 

 

Configuraci¢n IP de Windows

 

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.

 

 

========= End of CMD: =========

 

 

========= netsh advfirewall reset =========

 

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error

11003

 

Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.

 

 

========= End of CMD: =========

 

 

========= netsh advfirewall set allprofiles state on =========

 

La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error

11003

 

Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.

 

 

========= End of CMD: =========

 

 

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

 

La operaci¢n se complet¢ correctamente.

 

 

 

========= End of Reg: =========

 

 

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

 

La operaci¢n se complet¢ correctamente.

 

 

 

========= End of Reg: =========

 

C:\Windows\System32\Drivers\etc\hosts => moved successfully

Hosts restored successfully.

 

=========== EmptyTemp: ==========

 

BITS transfer queue => 0 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 104523827 B

Java, Flash, Steam htmlcache => 0 B

Windows/system/drivers => 858 B

Edge => 0 B

Chrome => 345537205 B

Firefox => 3251260 B

Opera => 0 B

 

Temp, IE cache, history, cookies, recent:

Users => 0 B

Default => 0 B

Public => 0 B

ProgramData => 0 B

systemprofile => 101033 B

systemprofile32 => 66228 B

LocalService => 132244 B

NetworkService => 79936 B

Felipe => 113249360 B

 

RecycleBin => 2411 B

EmptyTemp: => 540.7 MB temporary data Removed.

 

================================

 

 

The system needed a reboot.

 

==== End of Fixlog 10:00:38 ====

bageyudhp.js 

Attached Files

•  Fixlog.txt   8.34KB   144 downloads