Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popup advertisement in every tab I open, many anti-virus/malware found nothing!


  • This topic is locked This topic is locked
13 replies to this topic

#1 gauchotche

gauchotche

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 20 May 2016 - 02:43 PM

Last few days my computer started displaying some sort of (malware) popup in every browser window I open or refresh, showing advertise, where I have to click the X, then it opens another window (which I think Adblock plus closes). Looking at firefox inspect tool I've found that this crap is RUSSIAN related... I've done a test with iexplorer and it happens there also... so it's a system infection. I've always been using Avast, I've run malware antimalware, i've run kasperspy, i've run ADW cleaner, and nothing find the damn virus or malware... I don't know what to do!!!

 

this is a continuation of:

 

http://www.bleepingcomputer.com/forums/t/614514/popup-advertisement-in-every-tab-i-open-many-anti-virusmalware-found-nothing/

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-05-2016
Ran by Fernando (administrator) on NOTEBOOK (20-05-2016 16:34:21)
Running from D:\PROGRAMAS
Loaded Profiles: Fernando (Available Profiles: Fernando & Eternita & Glaucia & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "D:\PROGRAMAS\Firefox\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) D:\PROGRAMAS\avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() D:\PROGRAMAS\Serviio\bin\ServiioService.exe
() D:\PROGRAMAS\Serviio\bin\ServiioService.exe
(Super Flexible Software Ltd. & Co. KG) D:\PROGRAMAS\Syncovery\SyncoveryVSS.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(KARPOLAN) D:\PROGRAMAS\Touchpad Blocker\TouchpadBlocker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVAST Software) D:\PROGRAMAS\avast\avastui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(VMware, Inc.) D:\PROGRAMAS\VMWare\Workstation\vmware-tray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(VMware, Inc.) D:\PROGRAMAS\VMWare\Workstation\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() D:\PROGRAMAS\VMWare\Workstation\vmware-hostd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) D:\PROGRAMAS\Firefox\firefox.exe
(Mozilla Corporation) D:\PROGRAMAS\Thunderbird\thunderbird.exe
(Mozilla Corporation) D:\PROGRAMAS\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => D:\PROGRAMAS\avast\AvastUI.exe [7400576 2016-05-12] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [vmware-tray.exe] => D:\PROGRAMAS\VMWare\Workstation\vmware-tray.exe [104528 2013-02-26] (VMware, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972280 2016-05-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [2104456 2011-05-26] (Sony Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [X]
Winlogon\Notify\ GbPluginBb:
HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Run: [TouchpadBlocker.exe] => D:\PROGRAMAS\Touchpad Blocker\TouchpadBlocker.exe [881152 2013-04-16] (KARPOLAN)
HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\MountPoints2: {c4c1ac11-dfa1-11e3-881f-c0f8daf28d93} - I:\LG_PC_Programs.exe
ShellExecuteHooks-x32:  - {E37CB5F0-51F5-4395-A808-5FA49E399007} -  No File [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Fernando\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Fernando\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Fernando\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\PROGRAMAS\avast\ashShA64.dll [2016-05-07] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => D:\Programas\LinkShellExtension\HardlinkShellExt.dll [2013-08-23] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => D:\Programas\LinkShellExtension\HardlinkShellExt.dll [2013-08-23] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => D:\Programas\LinkShellExtension\HardlinkShellExt.dll [2013-08-23] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Fernando\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Fernando\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Fernando\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => D:\Programas\LinkShellExtension\32\HardlinkShellExt.dll [2013-08-23] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => D:\Programas\LinkShellExtension\32\HardlinkShellExt.dll [2013-08-23] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => D:\Programas\LinkShellExtension\32\HardlinkShellExt.dll [2013-08-23] (Hermann Schinagl)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3576105890-103167945-1411994898-1000] => localhost:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.9.1
Tcpip\..\Interfaces\{9F955654-07FA-4450-B1D4-B2A5AA178751}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{A25C6119-7DC4-47E1-AE84-515A9BA958FE}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{A4F61397-C28C-41E4-B2F7-E3404CD779C5}: [DhcpNameServer] 192.168.9.1

Internet Explorer:
==================
HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.pmpf.rs.gov.br/secao.php?p=1142&a=6
HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://sig.pmpf.rs.gov.br/acessoexterno/viewReport.faces
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\PROGRAMAS\IObit Uninstaller\UninstallExplorer64.dll => No File
BHO: No Name -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> D:\PROGRAMAS\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: No Name -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> D:\PROGRAMAS\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default
FF NewTab: about:blank
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\PROGRAMAS\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Fernando\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: @talk.google.com/O1DPlugin -> C:\Users\Fernando\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Fernando\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Fernando\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fernando\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/abn -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/abn64 -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Fernando\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Fernando\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Tabhunter - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\tabhunter@ericpromislow.com.xpi [2016-01-23]
FF Extension: Tab Mix Plus - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-27]
FF Extension: Dorando keyconfig - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\keyconfig@mozilla.dorando.at.xpi [2016-03-28]
FF Extension: Lazarus: Form Recovery - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\lazarus@interclue.com.xpi [2016-04-28]
FF Extension: New tab toolbar button - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\{42975993-6fa0-46f5-a45f-706915f18ebf}.xpi [2016-04-28]
FF Extension: Classic Theme Restorer - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-05-05]
FF Extension: Add-on Compatibility Reporter - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-04-27]
FF Extension: facepaste - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\facepaste.firefox.addon@azabani.com.xpi [2016-01-06]
FF Extension: Keybinder - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\keybinder@fail.cl.xpi [2016-04-12]
FF Extension: keyconfig - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\keyconfig@dorando.xpi [2012-10-21] [not signed]
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2016-05-13]
FF Extension: Places Maintenance - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\places-maintenance@bonardo.net.xpi [2015-12-29]
FF Extension: SQLite Manager - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-27]
FF Extension: StopTube - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\stoptube@kashiif.com.xpi [2016-04-27]
FF Extension: Tab Counter - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\tabcounter@morac.xpi [2016-03-09]
FF Extension: Tab Utilities Fixed - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\tabutilsfixed@addon.cn.xpi [2016-03-27]
FF Extension: Toolbar Buttons - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}.xpi [2016-04-27]
FF Extension: Session Manager - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-18]
FF Extension: Searchbar Autosizer - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\{655397ca-4766-496b-b7a8-3a5b176ee4c2}.xpi [2016-04-27]
FF Extension: Cookies Manager+ - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-05-17]
FF Extension: Adblock Plus - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-19]
FF Extension: Greasemonkey - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\PROGRAMAS\avast\WebRep\FF
FF Extension: Avast Online Security - D:\PROGRAMAS\avast\WebRep\FF [2015-12-10]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - D:\PROGRAMAS\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - D:\PROGRAMAS\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-05-07] [not signed]
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => not found
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - D:\PROGRAMAS\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\abn\xpi => not found
StartMenuInternet: FIREFOX.EXE - D:\PROGRAMAS\Firefox\firefox.exe

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Google Drive) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-22]
CHR Extension: (YouTube) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-22]
CHR Extension: (Adblock Plus) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-02]
CHR Extension: (Google Search) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Google Docs Offline) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\PROGRAMAS\avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; D:\PROGRAMAS\avast\AvastSvc.exe [243296 2016-05-07] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-20] (Dropbox, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S4 hpqcxs08; D:\PROGRAMAS\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
S3 hpqddsvc; D:\PROGRAMAS\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-03] (IObit)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 Serviio; D:\PROGRAMAS\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [File not signed]
R2 SyncoveryVSSService; D:\PROGRAMAS\Syncovery\SyncoveryVSS.exe [3258056 2013-02-15] (Super Flexible Software Ltd. & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 VMAuthdService; D:\PROGRAMAS\VMWare\Workstation\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
R2 VMwareHostd; D:\PROGRAMAS\VMWare\Workstation\vmware-hostd.exe [13242960 2013-02-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; "D:\PROGRAMAS\avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 COMLegService; no ImagePath
S2 OS Selector; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-07] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-07] (AVAST Software)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-09] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3341904 2012-03-26] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-05-17] ()
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-09-28] (Acronis International GmbH)
R1 legendasdrv; C:\Windows\System32\drivers\legendasdrv.sys [57584 2015-12-04] (GT)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-06-01] (Riverbed Technology, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [266328 2015-06-30] (IBM Corp.)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech LLC)
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [167936 2013-10-17] (Prolific Technology Inc.) [File not signed]
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-09-28] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198088 2015-09-28] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [553912 2015-09-28] (Acronis International GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-07-22] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-07-22] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-07-22] ()
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33360 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 ALSysIO; \??\C:\Users\Fernando\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz134; \??\C:\Users\Fernando\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RTL8187; system32\DRIVERS\rtl8187.sys [X]
S2 VBoxAswDrv; \??\D:\PROGRAMAS\avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-24 13:12 - 2020-04-24 13:12 - 00000000 ____D C:\ProgramData\OCR
2020-04-24 13:12 - 2015-11-05 19:00 - 00000000 ____D C:\Users\Fernando\AppData\Roaming\OCR
2017-02-28 20:03 - 2017-02-28 20:03 - 00000482 _____ C:\Users\Fernando\AppData\Local\TempQV6976.html
2016-05-20 15:45 - 2016-05-20 15:45 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2016-05-20 09:04 - 2016-05-20 09:04 - 00000000 ____D C:\ProgramData\ProductData
2016-05-20 09:01 - 2016-05-20 09:01 - 00021516 _____ C:\Users\Fernando\Desktop\install.txt
2016-05-19 21:59 - 2016-05-19 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-05-19 21:58 - 2016-05-20 15:23 - 00003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458766542
2016-05-19 21:57 - 2016-05-07 08:43 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-05-19 21:39 - 2016-05-19 21:39 - 00000000 ____D C:\Users\Fernando\AppData\Roaming\ProductData
2016-05-19 17:29 - 2016-05-19 17:32 - 00003356 _____ C:\Users\Fernando\Desktop\startup.txt
2016-05-19 17:00 - 2016-05-20 08:24 - 00000150 _____ C:\Windows\Reimage.ini
2016-05-19 16:45 - 2016-05-19 16:45 - 00002887 _____ C:\Users\Fernando\Desktop\JRT.txt
2016-05-19 16:13 - 2016-04-23 14:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-19 16:13 - 2016-04-23 13:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-19 16:13 - 2016-04-23 02:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-19 16:13 - 2016-04-23 02:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-19 16:13 - 2016-04-23 02:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-19 16:13 - 2016-04-23 02:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-19 16:13 - 2016-04-23 02:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-19 16:13 - 2016-04-23 02:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-19 16:13 - 2016-04-23 01:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-19 16:13 - 2016-04-23 01:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-19 16:13 - 2016-04-23 01:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-19 16:13 - 2016-04-23 01:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-19 16:13 - 2016-04-23 01:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-19 16:13 - 2016-04-23 01:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-19 16:13 - 2016-04-23 01:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-19 16:13 - 2016-04-23 01:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-19 16:13 - 2016-04-23 01:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-19 16:13 - 2016-04-23 01:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-19 16:13 - 2016-04-23 01:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-19 16:13 - 2016-04-23 01:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-19 16:13 - 2016-04-23 01:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-19 16:13 - 2016-04-23 01:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-19 16:13 - 2016-04-23 01:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-19 16:13 - 2016-04-23 01:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-19 16:13 - 2016-04-23 01:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-19 16:13 - 2016-04-23 01:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-19 16:13 - 2016-04-23 01:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-19 16:13 - 2016-04-23 01:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-19 16:13 - 2016-04-23 01:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-19 16:13 - 2016-04-23 01:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-19 16:13 - 2016-04-23 01:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-19 16:13 - 2016-04-23 01:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-19 16:13 - 2016-04-23 01:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-19 16:13 - 2016-04-23 01:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-19 16:13 - 2016-04-23 01:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-19 16:13 - 2016-04-23 01:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-19 16:13 - 2016-04-23 01:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-19 16:13 - 2016-04-23 01:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-19 16:13 - 2016-04-23 01:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-19 16:13 - 2016-04-23 00:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-19 16:13 - 2016-04-23 00:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-19 16:13 - 2016-04-23 00:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-19 16:13 - 2016-04-23 00:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-19 16:13 - 2016-04-23 00:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-19 16:13 - 2016-04-23 00:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-19 16:13 - 2016-04-23 00:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-19 16:13 - 2016-04-23 00:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-19 16:13 - 2016-04-23 00:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-19 16:13 - 2016-04-23 00:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-19 16:13 - 2016-04-23 00:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-19 16:13 - 2016-04-23 00:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-19 16:13 - 2016-04-23 00:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-19 16:13 - 2016-04-23 00:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-19 16:13 - 2016-04-23 00:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-19 16:13 - 2016-04-23 00:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-19 16:13 - 2016-04-23 00:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-19 16:13 - 2016-04-23 00:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-19 16:13 - 2016-04-23 00:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-19 16:13 - 2016-04-23 00:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-19 16:13 - 2016-04-23 00:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-19 16:13 - 2016-04-23 00:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-19 16:12 - 2016-04-23 02:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-19 16:12 - 2016-04-23 02:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-19 16:12 - 2016-04-23 02:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-19 16:12 - 2016-04-23 01:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-19 16:12 - 2016-04-23 00:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-19 16:12 - 2016-04-14 10:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-19 16:12 - 2016-04-14 10:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-19 16:12 - 2016-04-09 04:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-19 16:12 - 2016-04-09 04:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-19 16:12 - 2016-04-09 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-19 16:12 - 2016-04-09 03:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-19 16:12 - 2016-04-09 03:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-19 16:12 - 2016-04-09 03:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-19 16:12 - 2016-04-09 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-19 16:12 - 2016-04-06 12:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-19 16:10 - 2016-04-09 04:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-19 16:10 - 2016-04-09 04:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-19 16:10 - 2016-04-09 04:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-19 16:10 - 2016-04-09 04:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-19 16:10 - 2016-04-09 04:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-19 16:10 - 2016-04-09 03:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-19 16:10 - 2016-04-09 03:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-19 16:10 - 2016-04-09 03:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-19 16:10 - 2016-04-09 03:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 03:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 02:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-19 16:10 - 2016-04-09 02:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-19 16:10 - 2016-04-09 02:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-19 16:10 - 2016-04-09 02:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-19 16:10 - 2016-04-09 02:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-19 16:10 - 2016-04-09 02:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-19 16:10 - 2016-04-09 02:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-19 16:10 - 2016-04-09 02:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-19 16:10 - 2016-04-09 02:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-19 16:10 - 2016-04-09 02:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-19 16:10 - 2016-04-09 02:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-19 16:10 - 2016-04-09 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-19 16:10 - 2016-04-09 02:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-19 16:10 - 2016-04-09 02:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-19 16:10 - 2016-04-09 02:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-19 16:10 - 2016-04-09 02:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-19 16:10 - 2016-04-09 02:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-19 16:10 - 2016-04-09 02:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 02:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 02:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-19 16:10 - 2016-04-09 02:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-19 16:09 - 2016-04-09 01:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-19 16:09 - 2016-04-09 00:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-19 15:14 - 2016-05-19 15:14 - 00000000 ____D C:\c94a81569fd6cf735879
2016-05-19 15:14 - 2016-04-09 02:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-19 13:49 - 2016-05-19 14:21 - 00000000 ____D C:\AdwCleaner
2016-05-19 10:11 - 2016-05-19 10:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-05-19 10:08 - 2016-05-19 10:08 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-05-19 10:07 - 2016-05-19 10:21 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-17 16:50 - 2016-05-17 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-17 14:01 - 2016-05-17 14:01 - 00000000 _____ C:\autoexec.bat
2016-05-17 13:58 - 2016-05-17 13:58 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-05-16 16:27 - 2016-05-16 16:29 - 00055376 _____ C:\Users\Fernando\Desktop\Efeitos_Medicações 2016.pdf
2016-05-07 08:43 - 2016-05-07 08:43 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-30 09:12 - 2016-04-30 09:12 - 00000000 ____D C:\Users\Fernando\Nox_share
2016-04-30 09:04 - 2015-09-16 03:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-04-30 09:04 - 2015-09-16 00:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-04-30 09:03 - 2016-04-30 09:56 - 00000000 ____D C:\Users\Fernando\AppData\Local\Nox
2016-04-29 16:14 - 2016-04-29 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2016-04-29 16:14 - 2016-04-29 16:14 - 00000000 ____D C:\ProgramData\Apple
2016-04-29 16:11 - 2016-04-29 16:27 - 00000000 ____D C:\Users\Fernando\AppData\Roaming\Andy
2016-04-29 16:11 - 2016-04-29 16:11 - 00000000 ____D C:\Users\Fernando\Andy
2016-04-29 15:12 - 2016-04-29 15:12 - 00000000 ____D C:\Users\Fernando\AppData\Local\BlueStacks
2016-04-29 13:09 - 2016-03-17 19:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-29 13:09 - 2016-03-17 19:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-29 10:15 - 2016-03-15 21:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-29 10:15 - 2016-03-15 21:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-29 10:15 - 2016-03-15 20:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-29 10:15 - 2016-01-22 03:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-04-29 10:15 - 2016-01-22 03:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-04-29 10:15 - 2016-01-22 03:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-29 10:15 - 2016-01-22 03:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-04-29 10:15 - 2016-01-22 03:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-04-29 10:15 - 2016-01-22 03:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-29 10:15 - 2016-01-22 03:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-29 10:15 - 2016-01-06 16:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-04-29 10:15 - 2016-01-06 15:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-04-29 10:15 - 2015-09-23 10:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-29 10:15 - 2015-09-23 10:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-04-29 10:15 - 2015-09-23 10:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-04-29 10:15 - 2015-09-14 18:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-29 10:14 - 2016-03-06 15:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-29 10:14 - 2016-03-06 15:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-29 10:14 - 2016-03-06 15:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-29 10:14 - 2016-03-06 15:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-29 10:14 - 2016-02-12 15:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-04-29 10:14 - 2016-02-12 15:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-04-29 10:14 - 2016-02-12 15:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-04-29 10:14 - 2016-02-12 15:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-04-29 10:14 - 2016-02-12 15:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-04-29 10:14 - 2016-02-12 15:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-04-29 10:14 - 2016-02-12 15:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-04-29 10:14 - 2016-02-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-04-29 10:14 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-04-29 10:14 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-04-29 10:14 - 2016-02-12 15:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-04-29 10:14 - 2016-02-12 15:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-04-29 10:14 - 2016-02-12 15:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-04-29 10:14 - 2016-02-12 15:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-04-29 10:14 - 2016-02-12 15:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-04-29 10:14 - 2016-02-12 15:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-04-29 10:14 - 2016-02-09 06:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-04-29 10:14 - 2016-02-09 06:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-04-29 10:14 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-04-29 10:14 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-04-29 10:14 - 2016-02-09 06:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-04-29 10:14 - 2016-02-09 06:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-04-29 10:14 - 2016-02-09 06:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-04-29 10:14 - 2016-02-09 06:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-04-29 10:14 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-04-29 10:14 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-04-29 10:14 - 2016-02-03 15:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-04-29 10:14 - 2016-02-03 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-04-29 10:14 - 2016-02-03 15:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-04-29 10:14 - 2016-02-03 15:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-04-29 10:14 - 2015-12-08 18:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-04-29 10:14 - 2015-12-08 18:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-04-29 10:14 - 2015-12-08 18:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-04-29 10:14 - 2015-12-08 18:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-04-29 10:14 - 2015-12-08 18:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-04-29 10:14 - 2015-12-08 18:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-04-29 10:14 - 2015-12-08 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-04-29 10:14 - 2015-12-08 18:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-04-29 10:14 - 2015-12-08 18:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-04-29 10:14 - 2015-12-08 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-04-29 10:14 - 2015-12-08 16:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-04-29 10:14 - 2015-12-08 16:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-04-29 10:14 - 2015-12-08 16:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-04-29 10:14 - 2015-12-08 16:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-04-29 10:14 - 2015-12-08 16:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-04-29 10:14 - 2015-12-08 16:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-04-29 10:14 - 2015-12-08 15:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-04-29 10:14 - 2015-12-08 15:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-04-29 10:14 - 2015-12-08 15:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-04-29 10:14 - 2015-11-11 15:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-04-29 10:14 - 2015-11-11 15:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-04-29 10:14 - 2015-11-11 15:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-04-29 10:14 - 2015-11-11 15:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-04-29 10:14 - 2015-11-10 15:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-04-29 10:14 - 2015-11-10 15:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-04-29 10:14 - 2015-11-10 15:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-04-29 10:14 - 2015-11-10 15:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-04-29 10:14 - 2015-11-10 15:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-04-29 10:14 - 2015-08-06 15:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-29 10:14 - 2015-08-06 15:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-29 10:14 - 2015-08-06 14:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-29 10:14 - 2015-08-06 14:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-29 10:13 - 2016-02-09 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-04-29 10:13 - 2016-02-05 15:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-04-29 10:13 - 2016-02-05 15:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-04-29 10:13 - 2016-02-05 15:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-04-29 10:13 - 2016-02-05 15:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-04-29 10:13 - 2016-02-05 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-04-29 10:13 - 2016-02-05 15:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-04-29 10:13 - 2016-02-05 15:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-04-29 10:13 - 2016-02-05 14:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-04-29 10:13 - 2016-02-05 14:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-04-29 10:13 - 2016-02-05 14:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-04-29 10:13 - 2016-02-04 22:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-04-29 10:13 - 2016-02-04 15:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-04-29 10:13 - 2016-02-03 15:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-04-29 10:13 - 2016-01-07 14:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-04-29 10:13 - 2015-12-20 15:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-04-29 10:13 - 2015-12-20 15:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-04-29 10:13 - 2015-12-20 11:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-04-29 10:13 - 2015-12-08 18:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-04-29 10:13 - 2015-12-08 16:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-04-29 10:13 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-04-29 10:13 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-04-29 10:13 - 2015-11-13 20:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-04-29 10:13 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-04-29 10:13 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-04-29 10:13 - 2015-11-13 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-04-29 10:13 - 2015-11-05 16:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-04-29 10:13 - 2015-11-05 16:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-04-29 10:13 - 2015-11-05 06:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-04-29 10:13 - 2015-11-03 16:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-04-29 10:13 - 2015-11-03 15:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-04-29 10:13 - 2015-10-13 13:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-04-29 10:13 - 2015-10-13 13:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-04-29 10:13 - 2015-10-13 01:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-04-29 09:59 - 2015-11-03 16:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-04-29 09:59 - 2015-11-03 15:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-04-28 21:29 - 2016-05-19 10:27 - 00000000 ____D C:\ProgramData\Legendas
2016-04-28 21:29 - 2015-12-04 19:25 - 00057584 _____ (GT) C:\Windows\system32\Drivers\legendasdrv.sys
2016-04-28 14:42 - 2016-04-28 14:46 - 00000000 ____D C:\Symbols
2016-04-28 14:28 - 2016-04-28 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.0
2016-04-28 14:28 - 2016-04-28 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
2016-04-28 14:28 - 2016-04-28 14:28 - 00000000 ____D C:\Program Files\Microsoft SDKs
2016-04-28 14:28 - 2016-04-28 14:28 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
2016-04-21 14:34 - 2016-04-21 14:34 - 02830067 _____ C:\Users\Fernando\Desktop\NormaseParametros.pdf
2016-04-21 14:34 - 2016-04-21 14:34 - 00099115 _____ C:\Users\Fernando\Desktop\GuiadoInvestidor2015.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-24 13:12 - 2009-07-13 23:34 - 00000278 _____ C:\Windows\system.ini
2017-02-28 20:04 - 2015-09-28 19:58 - 00000000 ____D C:\Users\Fernando\AppData\Roaming\Acronis
2016-05-20 16:34 - 2015-03-19 06:28 - 00000000 ____D C:\FRST
2016-05-20 15:50 - 2009-07-14 01:45 - 00029200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-20 15:50 - 2009-07-14 01:45 - 00029200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-20 15:47 - 2013-10-31 14:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-20 15:26 - 2013-10-30 22:45 - 00000000 ____D C:\ProgramData\VMware
2016-05-20 15:25 - 2014-12-14 16:13 - 00000000 ____D C:\Temp
2016-05-20 15:24 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-20 15:23 - 2015-03-16 19:45 - 00003476 _____ C:\Windows\System32\Tasks\Motorola Device Manager Engine
2016-05-20 15:23 - 2015-03-16 19:45 - 00003302 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2016-05-20 15:23 - 2013-11-02 20:16 - 00002730 _____ C:\Windows\System32\Tasks\Core Temp Autostart Fernando
2016-05-20 13:00 - 2016-04-10 20:36 - 00000000 ____D C:\Users\Fernando\AppData\LocalLow\uTorrent
2016-05-19 22:58 - 2015-04-15 10:35 - 00000000 ____D C:\Windows\rescache
2016-05-19 21:59 - 2014-11-23 13:39 - 00000786 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-19 21:58 - 2013-11-07 14:15 - 00003886 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-19 21:46 - 2009-07-14 02:13 - 00865968 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-19 21:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-05-19 21:36 - 2015-07-20 12:46 - 00001024 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-19 21:36 - 2015-07-20 12:46 - 00001020 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-19 21:34 - 2011-04-12 05:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-19 21:19 - 2015-07-20 12:46 - 00004032 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-05-19 21:19 - 2015-07-20 12:46 - 00003780 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-05-19 17:21 - 2013-12-09 07:26 - 00000000 ____D C:\Windows\Minidump
2016-05-19 16:50 - 2014-11-04 17:12 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-19 16:34 - 2013-10-30 21:29 - 00000000 ____D C:\Windows\system32\MRT
2016-05-19 16:14 - 2013-11-07 10:33 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-19 15:52 - 2009-07-14 01:45 - 00435424 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-19 13:58 - 2013-11-07 08:44 - 00000000 ____D C:\Users\Fernando
2016-05-19 11:23 - 2011-08-01 11:23 - 00000000 ____D C:\Users\Fernando\advfn
2016-05-19 10:13 - 2015-12-03 20:26 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-17 16:50 - 2015-07-20 12:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-17 13:42 - 2013-10-30 21:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-15 19:07 - 2015-11-12 18:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-15 19:07 - 2014-12-28 21:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 02:31 - 2016-01-06 18:54 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-13 02:31 - 2016-01-06 18:54 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-05-12 21:47 - 2016-04-08 10:47 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-12 21:47 - 2013-10-31 14:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-12 21:47 - 2013-10-31 14:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-12 21:47 - 2013-10-31 14:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 21:32 - 2013-11-06 08:31 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 20:02 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-09 08:28 - 2016-03-26 19:46 - 00000130 _____ C:\Users\Fernando\Desktop\ENDERECO FATIMA.txt
2016-05-07 08:43 - 2016-03-23 17:55 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-05-07 08:43 - 2014-05-02 15:29 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-05-07 08:43 - 2014-01-03 18:40 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-05-07 08:43 - 2013-11-07 14:15 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-05-07 08:43 - 2013-10-30 20:53 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-05-07 08:43 - 2013-10-30 20:53 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-05-07 08:43 - 2013-10-30 20:53 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-05-07 08:43 - 2013-10-30 20:53 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-05-07 08:43 - 2013-10-30 20:53 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-30 09:39 - 2011-08-06 15:01 - 00000000 ____D C:\Users\Fernando\.android
2016-04-30 09:04 - 2014-08-04 18:46 - 00000000 ____D C:\Program Files\DIFX
2016-04-29 16:24 - 2013-10-30 22:47 - 00000000 ____D C:\Users\Fernando\AppData\Roaming\VMware
2016-04-29 13:36 - 2014-03-02 23:06 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-04-29 13:12 - 2013-11-07 14:24 - 00850278 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-04-29 12:36 - 2009-07-14 01:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-29 11:43 - 2015-04-02 17:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-04-29 11:43 - 2015-04-02 17:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-04-29 11:14 - 2015-04-02 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-28 20:08 - 2013-11-07 09:25 - 01750962 _____ C:\Windows\WindowsUpdate.log.bak
2016-04-28 14:54 - 2013-11-02 21:34 - 00000000 ____D C:\Users\Fernando\AppData\Local\ElevatedDiagnostics
2016-04-28 14:20 - 2015-05-25 12:30 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-28 13:53 - 2013-11-02 15:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-28 12:56 - 2009-07-14 02:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-22 19:43 - 2013-11-07 10:51 - 00111448 _____ C:\Users\Fernando\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-22 17:18 - 2016-03-20 13:57 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-04-22 14:31 - 2013-10-31 14:32 - 00000000 ____D C:\ProgramData\Oracle
2016-04-22 13:10 - 2015-08-28 12:15 - 00000000 ____D C:\Users\Fernando\.oracle_jre_usage
2016-04-22 13:10 - 2014-10-17 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-22 13:10 - 2014-10-17 12:55 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-22 13:09 - 2015-04-20 21:05 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2013-11-11 15:24 - 2013-11-11 15:25 - 0035384 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2014-03-06 21:55 - 2014-03-06 21:55 - 0010507 _____ () C:\Program Files (x86)\Player Setup Log.txt
2015-10-08 18:47 - 2015-10-08 18:55 - 0000028 ___RH () C:\Users\Fernando\AppData\Roaming\be046e943fe726861c04b0318e13b2f274b1ec06.sys
2014-01-19 20:38 - 2014-12-25 22:48 - 0000649 _____ () C:\Users\Fernando\AppData\Roaming\burnaware.ini
2015-10-08 18:47 - 2015-10-08 18:47 - 0000028 _RSHO () C:\Users\Fernando\AppData\Roaming\c54da0d4db72e7476d261013371d583ed5cee3ac.sys
2014-12-13 20:24 - 2014-12-13 20:39 - 0025301 _____ () C:\Users\Fernando\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-03-08 08:43 - 2014-03-08 08:43 - 0000092 _____ () C:\Users\Fernando\AppData\Roaming\Control System_Settings.ini
2014-12-13 19:29 - 2014-12-13 19:29 - 0000242 _____ () C:\Users\Fernando\AppData\Roaming\ex_log.txt
2014-11-23 15:15 - 2014-11-23 15:15 - 0099384 _____ () C:\Users\Fernando\AppData\Roaming\inst.exe
2013-11-24 18:37 - 2014-02-14 19:26 - 0000036 _____ () C:\Users\Fernando\AppData\Roaming\mbam.context.scan
2014-11-23 15:15 - 2014-11-23 15:15 - 0007859 _____ () C:\Users\Fernando\AppData\Roaming\pcouffin.cat
2014-11-23 15:15 - 2014-11-23 15:15 - 0001167 _____ () C:\Users\Fernando\AppData\Roaming\pcouffin.inf
2014-11-23 15:15 - 2014-11-23 15:15 - 0000055 _____ () C:\Users\Fernando\AppData\Roaming\pcouffin.log
2014-11-23 15:15 - 2014-11-23 15:15 - 0082816 _____ (VSO Software) C:\Users\Fernando\AppData\Roaming\pcouffin.sys
2013-11-16 15:57 - 2014-08-04 19:16 - 0000600 _____ () C:\Users\Fernando\AppData\Roaming\winscp.rnd
2014-05-08 09:54 - 2014-05-08 09:54 - 0000037 ___SH () C:\Users\Fernando\AppData\Local\70149b02515b3bb20dd492.47983420
2015-04-07 14:09 - 2015-04-07 14:09 - 0008433 _____ () C:\Users\Fernando\AppData\Local\recently-used.xbel
2015-01-05 10:11 - 2015-10-04 20:59 - 0007618 _____ () C:\Users\Fernando\AppData\Local\Resmon.ResmonCfg
2017-02-28 20:03 - 2017-02-28 20:03 - 0000482 _____ () C:\Users\Fernando\AppData\Local\TempQV6976.html
2015-01-20 20:50 - 2015-05-23 07:23 - 0000554 _____ () C:\Users\Fernando\AppData\Local\vrepair.log
2013-11-07 08:42 - 2013-11-07 08:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-07 16:29 - 2016-05-20 15:22 - 0001885 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Fernando\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Fernando\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-18 19:44

==================== End of FRST.txt ============================

Attached Files


Edited by gauchotche, 20 May 2016 - 02:45 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 21 May 2016 - 10:30 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [X]
Winlogon\Notify\ GbPluginBb:
ShellExecuteHooks-x32:  - {E37CB5F0-51F5-4395-A808-5FA49E399007} -  No File [ ]
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\PROGRAMAS\IObit Uninstaller\UninstallExplorer64.dll => No File
BHO: No Name -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> No File
BHO-x32: No Name -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/abn -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/abn64 -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [No File]
FF Extension: New tab toolbar button - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\{42975993-6fa0-46f5-a45f-706915f18ebf}.xpi [2016-04-28]
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => not found
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\abn\xpi => not found
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\PROGRAMAS\avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 AvastVBoxSvc; "D:\PROGRAMAS\avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 COMLegService; no ImagePath
S2 OS Selector; no ImagePath
S3 ALSysIO; \??\C:\Users\Fernando\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz134; \??\C:\Users\Fernando\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RTL8187; system32\DRIVERS\rtl8187.sys [X]
S2 VBoxAswDrv; \??\D:\PROGRAMAS\avast\ng\vbox\VBoxAswDrv.sys [X]
C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
AlternateDataStreams: C:\Windows\System32:42851729_Abn.gbp [2]
AlternateDataStreams: C:\Windows\system32\EPD63962:K300 [0]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F

Clean the Firefox Cache.
https://kb.iu.edu/d/ahic#firefox
<<<>>>

If the popups continues please run this tool.

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

Keep me posted.

#3 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 21 May 2016 - 02:04 PM

There's an "http://s.dynad.net" in offline websites in firefox options, near the option to clear cache. I have removed that.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:19-05-2016
Ran by Fernando (2016-05-21 14:23:01) Run:2
Running from D:\PROGRAMAS\FRST64
Loaded Profiles: Fernando (Available Profiles: Fernando & Eternita & Glaucia & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [X]
Winlogon\Notify\ GbPluginBb:
ShellExecuteHooks-x32:  - {E37CB5F0-51F5-4395-A808-5FA49E399007} -  No File [ ]
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\PROGRAMAS\IObit Uninstaller\UninstallExplorer64.dll => No File
BHO: No Name -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> No File
BHO-x32: No Name -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No
File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/abn -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/abn64 -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [No File]
FF Plugin HKU\S-1-5-21-3576105890-103167945-1411994898-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [No File]
FF Extension: New tab toolbar button - C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\{42975993-6fa0-46f5-a45f-706915f18ebf}.xpi [2016-04-28]
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Fernando\AppData\Local\GAS
Tecnologia\GBBD\cef\xpi => not found
FF HKU\S-1-5-21-3576105890-103167945-1411994898-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\abn\xpi => not found
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\PROGRAMAS\avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 AvastVBoxSvc; "D:\PROGRAMAS\avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 COMLegService; no ImagePath
S2 OS Selector; no ImagePath
S3 ALSysIO; \??\C:\Users\Fernando\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz134; \??\C:\Users\Fernando\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RTL8187; system32\DRIVERS\rtl8187.sys [X]
S2 VBoxAswDrv;
\??\D:\PROGRAMAS\avast\ng\vbox\VBoxAswDrv.sys [X]
C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
AlternateDataStreams: C:\Windows\System32:42851729_Abn.gbp [2]
AlternateDataStreams: C:\Windows\system32\EPD63962:K300 [0]

End
*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginAbn" => key removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginBb => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399007} => value removed successfully
HKCR\Wow6432Node\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399007} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => key removed successfully
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540007}" => key removed successfully
HKCR\Wow6432Node\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540007} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
File => Error: No automatic fix found for this entry.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\MozillaPlugins\gastecnologia.com.br/sf/abn" => key removed successfully
C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll => not found.
"HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\MozillaPlugins\gastecnologia.com.br/sf/abn64" => key removed successfully
C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll => not found.
"HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\MozillaPlugins\gastecnologia.com.br/sf/cef64" => key removed successfully
C:\Users\Fernando\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll => not found.
C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\{42975993-6fa0-46f5-a45f-706915f18ebf}.xpi => moved successfully
C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\extensions\{42975993-6fa0-46f5-a45f-706915f18ebf}.xpi => path removed successfully
HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886D} => value removed successfully
Tecnologia\GBBD\cef\xpi => not found => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E8874} => value removed successfully
C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
AvastVBoxSvc => service could not remove
COMLegService => service removed successfully
OS Selector => service removed successfully
ALSysIO => service removed successfully
cpuz134 => service removed successfully
MBAMSwissArmy => service removed successfully
RTL8187 => service removed successfully
VBoxAswDrv => service could not remove
\??\D:\PROGRAMAS\avast\ng\vbox\VBoxAswDrv.sys [X] => Error: No automatic fix found for this entry.
"C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => not found.
C:\Windows\System32 => ":42851729_Abn.gbp" ADS removed successfully.
C:\Windows\system32\EPD63962 => ":K300" ADS removed successfully.
 

 

RogueKiller V12.2.1.0 [May 16 2016] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Site : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciou : Modo normal
Usuário : Fernando [Administrador]
Started from : D:\PROGRAMAS\FRST64\RogueKiller.exe
Modo : Escanear -- Data : 05/21/2016 15:38:33

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 17 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Reimage -> Encontrado
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:8080  -> Encontrado
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:8080  -> Encontrado
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Internet Explorer\Main | Start Page :
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Internet Explorer\Main | Start Page :
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Encontrado
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> Encontrado
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> Encontrado
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> Encontrado
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Encontrado
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> Encontrado
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> Encontrado
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3576105890-103167945-1411994898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Não carregado [0xc000036b]) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: ST2000LM003 HN-M201RAD +++++
--- User ---
[MBR] 1e92608b1535232e455dea5803b500e0
[BSP] 05db0b31d8cbbb187db0ad7ec8fbad86 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 72524 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 148737985 | Size: 1835100 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3845160960 | Size: 100 MB [Error reading VBR! ([83] An attempt was made to move the file pointer before the beginning of the file. )]
User != LL1 ... KO!
--- LL1 ---
[MBR] 1e92608b1535232e455dea5803b500e0
[BSP] 05db0b31d8cbbb187db0ad7ec8fbad86 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 72524 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 148737985 | Size: 1835100 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3845160960 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User != LL2 ... KO!
--- LL2 ---
[MBR] 1e92608b1535232e455dea5803b500e0
[BSP] 05db0b31d8cbbb187db0ad7ec8fbad86 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 72524 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 148737985 | Size: 1835100 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3845160960 | Size: 100 MB[Invalid]
 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 22 May 2016 - 07:04 AM

Is your problem solved?

#5 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 22 May 2016 - 11:41 AM

No, it persists.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 22 May 2016 - 01:58 PM

Are all the Browsers affected?

Which one...

#7 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 22 May 2016 - 04:19 PM

Are all the Browsers affected?

Which one...

 

All, Firefox, IE 11, Chrome.

 

It seems that when I first open a browser (ie, not been using for a long time) it doesn't show popup for a few pages... then it starts showing... I believe this means the virus infected the new browser... this must be Russian high tech virus.... I've found in the sources of the poupup some russian sites... I'm getting crazy with this thing...



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 23 May 2016 - 07:00 AM

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
aswMBRScan.gif
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
    ===

    Wait for further instructions.

    p.s.
    If that fails will probably have to reset your router.
    Will see.


#9 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 23 May 2016 - 03:37 PM

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2016-05-23 12:35:34
-----------------------------
12:35:34.346    OS Version: Windows x64 6.1.7601 Service Pack 1
12:35:34.346    Number of processors: 4 586 0x2A07
12:35:34.347    ComputerName: NOTEBOOK  UserName: Fernando
12:35:34.962    Initialize success
12:35:34.967    VM: initialized successfully
12:35:34.968    VM: Intel CPU supported
12:35:40.769    VM: supported disk I/O iaStor.sys
12:35:44.864    AVAST engine defs: 16052300
12:35:47.768    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:35:47.775    Disk 0 Vendor: ST2000LM 2BC1 Size: 1907729MB BusType: 8
12:35:47.933    VM: Disk 0 MBR read successfully
12:35:47.940    Disk 0 MBR scan
12:35:47.948    Disk 0 Windows 7 default MBR code
12:35:47.955    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
12:35:47.964    Disk 0 default boot code
12:35:47.985    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        72524 MB offset 206848
12:35:47.989    Disk 0 Partition - 00     0F Extended LBA           1835100 MB offset 148737985
12:35:48.021    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS          100 MB offset 3845160960
12:35:48.367    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       513086 MB offset 148738048
12:35:48.382    Disk 0 Partition - 00     05     Extended            870695 MB offset 1199538176
12:35:48.416    Disk 0 Partition 5 00     07    HPFS/NTFS NTFS       870694 MB offset 1199540224
12:35:48.425    Disk 0 Partition - 00     05     Extended             24282 MB offset 4033521727
12:35:48.466    Disk 0 Partition 6 00     07    HPFS/NTFS NTFS        24281 MB offset 2982723584
12:35:48.475    Disk 0 Partition - 00     05     Extended            392839 MB offset 5866434623
12:35:48.507    Disk 0 Partition 7 00     07    HPFS/NTFS NTFS       392838 MB offset 3032453120
12:35:48.520    Disk 0 Partition - 00     05     Extended              3992 MB offset 6720698431
12:35:48.563    Disk 0 Partition 8 00     07    HPFS/NTFS NTFS         3991 MB offset 3836987392
12:35:48.571    Disk 0 Partition - 00     05     Extended             30106 MB offset 7533613954
12:35:48.592    Disk 0 Partition 9 00     07    HPFS/NTFS NTFS        30106 MB offset 3845366658
12:35:48.644    Disk 0 scanning C:\Windows\system32\drivers
12:36:01.113    Service scanning
12:36:23.453    Modules scanning
12:36:23.456    Disk 0 trace - called modules:
12:36:23.486    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
12:36:23.487    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008595060]
12:36:23.488    3 CLASSPNP.SYS[fffff88001da543f] -> nt!IofCallDriver -> [0xfffffa800666e5d0]
12:36:23.488    5 ACPI.sys[fffff88000f8c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006671050]
12:36:23.680    AVAST engine scan C:\Windows
12:36:26.769    AVAST engine scan C:\Windows\system32
12:40:23.952    AVAST engine scan C:\Windows\system32\drivers
12:40:37.904    AVAST engine scan C:\Users\Fernando
12:59:35.774    AVAST engine scan C:\ProgramData
13:11:25.477    Disk 0 statistics 5465197/0/52 @ 2,10 MB/s
13:11:25.478    Scan finished successfully
17:35:01.369    Disk 0 MBR has been saved successfully to "D:\PROGRAMAS\VIRUS\MBR.dat"
17:35:01.396    The log file has been saved successfully to "D:\PROGRAMAS\VIRUS\aswMBR.txt"

 

11:21:29.0791 0x1a60  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:21:35.0067 0x1a60  ============================================================
11:21:35.0067 0x1a60  Current date / time: 2016/05/23 11:21:35.0067
11:21:35.0067 0x1a60  SystemInfo:
11:21:35.0067 0x1a60  
11:21:35.0067 0x1a60  OS Version: 6.1.7601 ServicePack: 1.0
11:21:35.0067 0x1a60  Product type: Workstation
11:21:35.0067 0x1a60  ComputerName: NOTEBOOK
11:21:35.0067 0x1a60  UserName: Fernando
11:21:35.0067 0x1a60  Windows directory: C:\Windows
11:21:35.0067 0x1a60  System windows directory: C:\Windows
11:21:35.0067 0x1a60  Running under WOW64
11:21:35.0067 0x1a60  Processor architecture: Intel x64
11:21:35.0067 0x1a60  Number of processors: 4
11:21:35.0067 0x1a60  Page size: 0x1000
11:21:35.0067 0x1a60  Boot type: Normal boot
11:21:35.0067 0x1a60  ============================================================
11:21:35.0435 0x1a60  KLMD registered as C:\Windows\system32\drivers\81340119.sys
11:21:36.0659 0x1a60  System UUID: {DD47697B-1F77-E12F-6747-44BC80B3E2AF}
11:21:37.0520 0x1a60  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:21:37.0524 0x1a60  ============================================================
11:21:37.0524 0x1a60  \Device\Harddisk0\DR0:
11:21:37.0524 0x1a60  MBR partitions:
11:21:37.0524 0x1a60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:21:37.0524 0x1a60  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8DA6000
11:21:37.0531 0x1a60  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x8DD9000, BlocksNum 0x3EA1F000
11:21:37.0549 0x1a60  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x477F8800, BlocksNum 0x6A493000
11:21:37.0574 0x1a60  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0xB1C8C000, BlocksNum 0x2F6C800
11:21:37.0581 0x1a60  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0xB4BF9000, BlocksNum 0x2FF43000
11:21:37.0598 0x1a60  \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0xE4B3C800, BlocksNum 0x7CB800
11:21:37.0611 0x1a60  \Device\Harddisk0\DR0\Partition8: MBR, Type 0x7, StartLBA 0xE533A382, BlocksNum 0x3ACD13F
11:21:37.0611 0x1a60  \Device\Harddisk0\DR0\Partition9: MBR, Type 0x7, StartLBA 0xE5308000, BlocksNum 0x32000
11:21:37.0611 0x1a60  ============================================================
11:21:37.0685 0x1a60  C: <-> \Device\Harddisk0\DR0\Partition2
11:21:37.0847 0x1a60  D: <-> \Device\Harddisk0\DR0\Partition3
11:21:37.0889 0x1a60  K: <-> \Device\Harddisk0\DR0\Partition8
11:21:38.0019 0x1a60  E: <-> \Device\Harddisk0\DR0\Partition4
11:21:38.0019 0x1a60  ============================================================
11:21:38.0019 0x1a60  Initialize success
11:21:38.0019 0x1a60  ============================================================
11:21:42.0115 0x11dc  ============================================================
11:21:42.0115 0x11dc  Scan started
11:21:42.0115 0x11dc  Mode: Manual;
11:21:42.0115 0x11dc  ============================================================
11:21:42.0115 0x11dc  KSN ping started
11:22:09.0626 0x11dc  KSN ping finished: true
11:22:10.0973 0x11dc  ================ Scan system memory ========================
11:22:10.0973 0x11dc  System memory - ok
11:22:10.0974 0x11dc  ================ Scan services =============================
11:22:11.0142 0x11dc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:22:11.0159 0x11dc  1394ohci - ok
11:22:11.0206 0x11dc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:22:11.0216 0x11dc  ACPI - ok
11:22:11.0228 0x11dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:22:11.0229 0x11dc  AcpiPmi - ok
11:22:11.0380 0x11dc  [ 72E77257398095D743B6C5046C94CAB9, 49F8D6B87CAF4C5D2901B07E1F9BF424038E50BBBDFDCA377D0972485963924F ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:22:11.0406 0x11dc  AcrSch2Svc - ok
11:22:11.0475 0x11dc  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:22:11.0480 0x11dc  AdobeARMservice - ok
11:22:11.0609 0x11dc  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:22:11.0613 0x11dc  AdobeFlashPlayerUpdateSvc - ok
11:22:11.0645 0x11dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:22:11.0655 0x11dc  adp94xx - ok
11:22:11.0687 0x11dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:22:11.0694 0x11dc  adpahci - ok
11:22:11.0706 0x11dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:22:11.0711 0x11dc  adpu320 - ok
11:22:11.0738 0x11dc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:22:11.0741 0x11dc  AeLookupSvc - ok
11:22:11.0929 0x11dc  [ B048C87A82322C06F0F22C7627D60B57, CA24E2007340F2C773137D3B709D5EED58B37BE19901D44A96FB77C8D063AE54 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:22:12.0234 0x11dc  afcdpsrv - ok
11:22:12.0297 0x11dc  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:22:12.0309 0x11dc  AFD - ok
11:22:12.0340 0x11dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:22:12.0344 0x11dc  agp440 - ok
11:22:12.0357 0x11dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:22:12.0361 0x11dc  ALG - ok
11:22:12.0379 0x11dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:22:12.0380 0x11dc  aliide - ok
11:22:12.0439 0x11dc  [ 0EE274476C3E5F05F2B79B8C63FCCCFC, 7D1861FCC975AD85D793DD6945113DA06CDD2B8F118AA61D0147FFA3315E8A48 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:22:12.0455 0x11dc  AMD External Events Utility - ok
11:22:12.0485 0x11dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:22:12.0486 0x11dc  amdide - ok
11:22:12.0498 0x11dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:22:12.0501 0x11dc  AmdK8 - ok
11:22:12.0773 0x11dc  [ B18018924D6ADB6E64BC39BD37D6A4D8, 6EEB593A50AD5AA9633E6F97AB2314D674C13FAA7A6D03000A5F6C074CAF7BAF ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:22:12.0968 0x11dc  amdkmdag - ok
11:22:13.0059 0x11dc  [ 3249B112D48D29BE86984CF4594C9755, 089712B872F92AB0614665F8B5EA869EAB4F6035164921EE0021158D457DE83F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:22:13.0066 0x11dc  amdkmdap - ok
11:22:13.0080 0x11dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:22:13.0082 0x11dc  AmdPPM - ok
11:22:13.0116 0x11dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:22:13.0128 0x11dc  amdsata - ok
11:22:13.0149 0x11dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:22:13.0153 0x11dc  amdsbs - ok
11:22:13.0162 0x11dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:22:13.0163 0x11dc  amdxata - ok
11:22:13.0209 0x11dc  [ EFD1765905491B742C531FF6C38E9EC7, 68566878E040F72089967797B00F04EC6B23CDA4B8886EB82157BB5CC0936ED0 ] andnetadb       C:\Windows\system32\Drivers\lgandnetadb.sys
11:22:13.0211 0x11dc  andnetadb - ok
11:22:13.0239 0x11dc  [ 8660C7BFE2CBA7E0B3F5D9ECD05D780E, BCA25159ACB3DB4AFA848F64C11AEAC9D17724DE1DCA6090AEFDC79C72499FEF ] AndNetDiag      C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
11:22:13.0241 0x11dc  AndNetDiag - ok
11:22:13.0246 0x11dc  [ 620F9CDFC8987FE26F6E0DC37D645B45, E307EAB2E123EF40AD0603F24DFE7629669FA64A7FDA7CC1100DB482EB295092 ] ANDNetModem     C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
11:22:13.0248 0x11dc  ANDNetModem - ok
11:22:13.0276 0x11dc  [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
11:22:13.0362 0x11dc  androidusb - ok
11:22:13.0417 0x11dc  [ DBBE362C1FA9243783D9B8AEB52C3674, A935B578F7209611AA4B6912D276EBF17C7819C15E2F8EE75BC8E66397B0948F ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
11:22:13.0432 0x11dc  ApfiltrService - ok
11:22:13.0470 0x11dc  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
11:22:13.0474 0x11dc  AppID - ok
11:22:13.0493 0x11dc  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:22:13.0494 0x11dc  AppIDSvc - ok
11:22:13.0514 0x11dc  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
11:22:13.0517 0x11dc  Appinfo - ok
11:22:13.0559 0x11dc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:22:13.0564 0x11dc  AppMgmt - ok
11:22:13.0596 0x11dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:22:13.0599 0x11dc  arc - ok
11:22:13.0615 0x11dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:22:13.0618 0x11dc  arcsas - ok
11:22:13.0654 0x11dc  [ 236023DAC93037A8DDE9539F36D7F3EE, DA689EA3FD5A886D19003B71114DC2F5ABE9F0D9B2F501881BB6AD1641E8BA14 ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
11:22:13.0663 0x11dc  asmthub3 - ok
11:22:13.0701 0x11dc  [ 1390ABD16ADE1F2443B5749D06C4C8F2, 3F5BE10CC1D6459B7062206FA4981BF81956B3CBC92D3B596B7B7A383DA4C106 ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
11:22:13.0713 0x11dc  asmtxhci - ok
11:22:13.0854 0x11dc  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:22:13.0856 0x11dc  aspnet_state - ok
11:22:13.0899 0x11dc  [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
11:22:13.0903 0x11dc  aswHwid - ok
11:22:13.0942 0x11dc  [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
11:22:13.0944 0x11dc  aswKbd - ok
11:22:13.0969 0x11dc  [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
11:22:13.0972 0x11dc  aswMonFlt - ok
11:22:13.0984 0x11dc  [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
11:22:13.0987 0x11dc  aswRdr - ok
11:22:14.0010 0x11dc  [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:22:14.0011 0x11dc  aswRvrt - ok
11:22:14.0093 0x11dc  [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:22:14.0117 0x11dc  aswSnx - ok
11:22:14.0156 0x11dc  [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
11:22:14.0166 0x11dc  aswSP - ok
11:22:14.0227 0x11dc  [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
11:22:14.0234 0x11dc  aswStm - ok
11:22:14.0273 0x11dc  [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:22:14.0283 0x11dc  aswVmm - ok
11:22:14.0320 0x11dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:22:14.0323 0x11dc  AsyncMac - ok
11:22:14.0351 0x11dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:22:14.0353 0x11dc  atapi - ok
11:22:14.0434 0x11dc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:22:14.0449 0x11dc  AudioEndpointBuilder - ok
11:22:14.0468 0x11dc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:22:14.0480 0x11dc  AudioSrv - ok
11:22:14.0673 0x11dc  [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus D:\PROGRAMAS\avast\AvastSvc.exe
11:22:14.0690 0x11dc  avast! Antivirus - ok
11:22:14.0756 0x11dc  AvastVBoxSvc - ok
11:22:14.0795 0x11dc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:22:14.0799 0x11dc  AxInstSV - ok
11:22:14.0846 0x11dc  [ 1FED668A08CD871ED317A0388CDD4537, DBE7A53E163D4090EF99DB9621FD0116AA633193E523738552E75D97D79919CD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:22:14.0858 0x11dc  b06bdrv - ok
11:22:14.0903 0x11dc  [ CFE42B9C72CD047E478C3B7F4B1FAFFD, E8CAB5F6D54DA3777D9F351FBF393B85C7E2F3D3CD37B2F3C9F05A246E270FCB ] b06diag         C:\Windows\system32\drivers\bxdiaga.sys
11:22:14.0906 0x11dc  b06diag - ok
11:22:14.0954 0x11dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:22:14.0961 0x11dc  b57nd60a - ok
11:22:15.0016 0x11dc  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
11:22:15.0022 0x11dc  bcbtums - ok
11:22:15.0097 0x11dc  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
11:22:15.0142 0x11dc  BcmBtRSupport - ok
11:22:15.0180 0x11dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:22:15.0183 0x11dc  BDESVC - ok
11:22:15.0208 0x11dc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:22:15.0210 0x11dc  Beep - ok
11:22:15.0260 0x11dc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:22:15.0280 0x11dc  BFE - ok
11:22:15.0351 0x11dc  [ 33B114FC0394358DB521828B6F6ACC54, 3EF2AB62A23BDB2C5976B5C470E48FCD11154C1CCFC5633CA90C08D32E97D330 ] BFN7x64         C:\Windows\system32\drivers\Xeno7x64.sys
11:22:15.0428 0x11dc  BFN7x64 - ok
11:22:15.0503 0x11dc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:22:15.0547 0x11dc  BITS - ok
11:22:15.0582 0x11dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:22:15.0584 0x11dc  blbdrive - ok
11:22:15.0603 0x11dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:22:15.0606 0x11dc  bowser - ok
11:22:15.0623 0x11dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:22:15.0624 0x11dc  BrFiltLo - ok
11:22:15.0634 0x11dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:22:15.0636 0x11dc  BrFiltUp - ok
11:22:15.0678 0x11dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:22:15.0682 0x11dc  Browser - ok
11:22:15.0716 0x11dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:22:15.0723 0x11dc  Brserid - ok
11:22:15.0737 0x11dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:22:15.0739 0x11dc  BrSerWdm - ok
11:22:15.0767 0x11dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:22:15.0768 0x11dc  BrUsbMdm - ok
11:22:15.0778 0x11dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:22:15.0779 0x11dc  BrUsbSer - ok
11:22:15.0818 0x11dc  [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
11:22:15.0822 0x11dc  BTCFilterService - ok
11:22:15.0864 0x11dc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
11:22:15.0868 0x11dc  BthEnum - ok
11:22:15.0885 0x11dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:22:15.0889 0x11dc  BTHMODEM - ok
11:22:15.0910 0x11dc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:22:15.0916 0x11dc  BthPan - ok
11:22:15.0964 0x11dc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
11:22:15.0977 0x11dc  BTHPORT - ok
11:22:16.0018 0x11dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:22:16.0021 0x11dc  bthserv - ok
11:22:16.0038 0x11dc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
11:22:16.0041 0x11dc  BTHUSB - ok
11:22:16.0054 0x11dc  [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
11:22:16.0059 0x11dc  btwampfl - ok
11:22:16.0096 0x11dc  [ 96858ECF6D017E33A5A1A87E7A1E3206, 2D56CE8EDE1A23C0AD931C284838413110A9DDCF1C29BB75FFE3D54A22FF3DA0 ] bxfcoe          C:\Windows\system32\drivers\bxfcoe.sys
11:22:16.0100 0x11dc  bxfcoe - ok
11:22:16.0121 0x11dc  [ 33B60616D5DE1D7FE8B5939D437BC74F, 510AA2796D1238EB236062322E027267C9708DC966553B4D7990128D7BBA2460 ] bxois           C:\Windows\system32\drivers\bxois.sys
11:22:16.0132 0x11dc  bxois - ok
11:22:16.0137 0x11dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:22:16.0140 0x11dc  cdfs - ok
11:22:16.0166 0x11dc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:22:16.0170 0x11dc  cdrom - ok
11:22:16.0196 0x11dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:22:16.0199 0x11dc  CertPropSvc - ok
11:22:16.0213 0x11dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:22:16.0215 0x11dc  circlass - ok
11:22:16.0255 0x11dc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:22:16.0263 0x11dc  CLFS - ok
11:22:16.0322 0x11dc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:22:16.0324 0x11dc  clr_optimization_v2.0.50727_32 - ok
11:22:16.0370 0x11dc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:22:16.0374 0x11dc  clr_optimization_v2.0.50727_64 - ok
11:22:16.0482 0x11dc  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:22:16.0487 0x11dc  clr_optimization_v4.0.30319_32 - ok
11:22:16.0516 0x11dc  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:22:16.0522 0x11dc  clr_optimization_v4.0.30319_64 - ok
11:22:16.0550 0x11dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:22:16.0552 0x11dc  CmBatt - ok
11:22:16.0564 0x11dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:22:16.0565 0x11dc  cmdide - ok
11:22:16.0599 0x11dc  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:22:16.0608 0x11dc  CNG - ok
11:22:16.0640 0x11dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:22:16.0641 0x11dc  Compbatt - ok
11:22:16.0665 0x11dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:22:16.0667 0x11dc  CompositeBus - ok
11:22:16.0675 0x11dc  COMSysApp - ok
11:22:16.0722 0x11dc  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
11:22:16.0726 0x11dc  cpudrv64 - ok
11:22:16.0747 0x11dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:22:16.0750 0x11dc  crcdisk - ok
11:22:16.0789 0x11dc  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:22:16.0799 0x11dc  CryptSvc - ok
11:22:16.0848 0x11dc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:22:16.0871 0x11dc  CSC - ok
11:22:16.0909 0x11dc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:22:16.0928 0x11dc  CscService - ok
11:22:17.0020 0x11dc  dbupdate - ok
11:22:17.0024 0x11dc  dbupdatem - ok
11:22:17.0061 0x11dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:22:17.0074 0x11dc  DcomLaunch - ok
11:22:17.0105 0x11dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:22:17.0112 0x11dc  defragsvc - ok
11:22:17.0146 0x11dc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:22:17.0149 0x11dc  DfsC - ok
11:22:17.0179 0x11dc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:22:17.0187 0x11dc  Dhcp - ok
11:22:17.0218 0x11dc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:22:17.0219 0x11dc  discache - ok
11:22:17.0246 0x11dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:22:17.0248 0x11dc  Disk - ok
11:22:17.0271 0x11dc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:22:17.0273 0x11dc  dmvsc - ok
11:22:17.0310 0x11dc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:22:17.0315 0x11dc  Dnscache - ok
11:22:17.0348 0x11dc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:22:17.0354 0x11dc  dot3svc - ok
11:22:17.0407 0x11dc  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:22:17.0416 0x11dc  Dot4 - ok
11:22:17.0441 0x11dc  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:22:17.0443 0x11dc  Dot4Print - ok
11:22:17.0484 0x11dc  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:22:17.0488 0x11dc  dot4usb - ok
11:22:17.0511 0x11dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:22:17.0522 0x11dc  DPS - ok
11:22:17.0566 0x11dc  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:22:17.0567 0x11dc  drmkaud - ok
11:22:17.0602 0x11dc  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:22:17.0609 0x11dc  dtsoftbus01 - ok
11:22:17.0658 0x11dc  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:22:17.0678 0x11dc  DXGKrnl - ok
11:22:17.0725 0x11dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:22:17.0729 0x11dc  EapHost - ok
11:22:17.0812 0x1224  Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
11:22:17.0851 0x11dc  [ 8947C98CC212AEEE1FABEC4582F652EE, 998B8A768CF7B6B4C4AFDD219259023C6EDD54282B4C14753EDA2B0C54DFF690 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:22:17.0917 0x11dc  ebdrv - ok
11:22:17.0941 0x11dc  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS             C:\Windows\System32\lsass.exe
11:22:17.0943 0x11dc  EFS - ok
11:22:18.0038 0x11dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:22:18.0052 0x11dc  ehRecvr - ok
11:22:18.0086 0x11dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:22:18.0089 0x11dc  ehSched - ok
11:22:18.0124 0x11dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:22:18.0135 0x11dc  elxstor - ok
11:22:18.0197 0x11dc  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
11:22:18.0238 0x11dc  EpsonBidirectionalService - ok
11:22:18.0242 0x11dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:22:18.0243 0x11dc  ErrDev - ok
11:22:18.0300 0x11dc  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\Windows\system32\DRIVERS\EsgScanner.sys
11:22:18.0301 0x11dc  EsgScanner - ok
11:22:18.0332 0x11dc  [ 3DBC10CBC436288801FAEE66DE91AE47, CE50732C43AEB8ACF977DF7CF609C88CB022E596EBE0C0AA9DDBC4D6BB25B804 ] EtronHub3       C:\Windows\System32\Drivers\EtronHub3.sys
11:22:18.0337 0x11dc  EtronHub3 - ok
11:22:18.0368 0x11dc  [ 1EDF0CF390B84266FD7FFED38AB7DCAC, E0C34BFC031006195B6943DFEC32963675FBAC2A440F651AF3125ED98381E035 ] EtronSTOR       C:\Windows\System32\Drivers\EtronSTOR.sys
11:22:18.0372 0x11dc  EtronSTOR - ok
11:22:18.0388 0x11dc  [ DE261095A2220D400D9603E1E42D4185, F5C4493EDCE92EC46BC7940764F719131FE27AE695201EDF143D678881CD239D ] EtronXHCI       C:\Windows\System32\Drivers\EtronXHCI.sys
11:22:18.0394 0x11dc  EtronXHCI - ok
11:22:18.0441 0x11dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:22:18.0454 0x11dc  EventSystem - ok
11:22:18.0500 0x11dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:22:18.0507 0x11dc  exfat - ok
11:22:18.0528 0x11dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:22:18.0535 0x11dc  fastfat - ok
11:22:18.0627 0x11dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:22:18.0651 0x11dc  Fax - ok
11:22:18.0686 0x11dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:22:18.0688 0x11dc  fdc - ok
11:22:18.0718 0x11dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:22:18.0720 0x11dc  fdPHost - ok
11:22:18.0729 0x11dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:22:18.0731 0x11dc  FDResPub - ok
11:22:18.0745 0x11dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:22:18.0747 0x11dc  FileInfo - ok
11:22:18.0753 0x11dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:22:18.0754 0x11dc  Filetrace - ok
11:22:18.0813 0x11dc  [ 85A063C15DC49543700B73084E16CF06, 50A946B03296D674550570BD7301EEA972F6CAF0F4ACCB05EA2303977739E39A ] file_tracker    C:\Windows\system32\DRIVERS\file_tracker.sys
11:22:18.0818 0x11dc  file_tracker - ok
11:22:18.0834 0x11dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:22:18.0836 0x11dc  flpydisk - ok
11:22:18.0856 0x11dc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:22:18.0862 0x11dc  FltMgr - ok
11:22:18.0890 0x11dc  [ AFCF6AAE1602877AB261F64D853F5385, E16BB9A5E6605B5AFB4B44904285540C98EEBDA74D1A731B9D247AA098EA0FE4 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
11:22:18.0893 0x11dc  fltsrv - ok
11:22:18.0945 0x11dc  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
11:22:18.0969 0x11dc  FontCache - ok
11:22:19.0040 0x11dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:22:19.0044 0x11dc  FontCache3.0.0.0 - ok
11:22:19.0061 0x11dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:22:19.0063 0x11dc  FsDepends - ok
11:22:19.0072 0x11dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:22:19.0074 0x11dc  Fs_Rec - ok
11:22:19.0111 0x11dc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:22:19.0117 0x11dc  fvevol - ok
11:22:19.0144 0x11dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:22:19.0146 0x11dc  gagp30kx - ok
11:22:19.0196 0x11dc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:22:19.0214 0x11dc  gpsvc - ok
11:22:19.0304 0x11dc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:22:19.0312 0x11dc  gupdate - ok
11:22:19.0325 0x11dc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:22:19.0327 0x11dc  gupdatem - ok
11:22:19.0396 0x11dc  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:22:19.0498 0x1e88  Object required for P2P: [ 1694434F5B9AB16772C7A8E2EF9134CA ] aswHwid
11:22:19.0508 0x11dc  gusvc - ok
11:22:19.0570 0x11dc  [ 3CC07DAD48FA53193AE2F85DD8200B5E, 1982E674EC144EC63AB2B7C668EA5AC6FEDA97AD775E50F74CC2B4C16DDB19B2 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
11:22:19.0572 0x11dc  hcmon - ok
11:22:19.0586 0x11dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:22:19.0588 0x11dc  hcw85cir - ok
11:22:19.0626 0x11dc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:22:19.0635 0x11dc  HdAudAddService - ok
11:22:19.0662 0x11dc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:22:19.0665 0x11dc  HDAudBus - ok
11:22:19.0678 0x11dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:22:19.0679 0x11dc  HidBatt - ok
11:22:19.0696 0x11dc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:22:19.0699 0x11dc  HidBth - ok
11:22:19.0733 0x11dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:22:19.0735 0x11dc  HidIr - ok
11:22:19.0752 0x11dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:22:19.0755 0x11dc  hidserv - ok
11:22:19.0804 0x11dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:22:19.0806 0x11dc  HidUsb - ok
11:22:19.0821 0x11dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:22:19.0826 0x11dc  hkmsvc - ok
11:22:19.0846 0x11dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:22:19.0852 0x11dc  HomeGroupListener - ok
11:22:19.0884 0x11dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:22:19.0890 0x11dc  HomeGroupProvider - ok
11:22:20.0115 0x11dc  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        D:\PROGRAMAS\HP\Digital Imaging\bin\hpqcxs08.dll
11:22:20.0238 0x11dc  hpqcxs08 - ok
11:22:20.0286 0x11dc  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        D:\PROGRAMAS\HP\Digital Imaging\bin\hpqddsvc.dll
11:22:20.0324 0x11dc  hpqddsvc - ok
11:22:20.0358 0x11dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:22:20.0360 0x11dc  HpSAMD - ok
11:22:20.0405 0x11dc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:22:20.0419 0x11dc  HTTP - ok
11:22:20.0460 0x11dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:22:20.0461 0x11dc  hwpolicy - ok
11:22:20.0491 0x11dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:22:20.0498 0x11dc  i8042prt - ok
11:22:20.0559 0x11dc  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:22:20.0578 0x11dc  iaStor - ok
11:22:20.0620 0x11dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:22:20.0630 0x11dc  iaStorV - ok
11:22:20.0785 0x11dc  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
11:22:20.0832 0x11dc  IconMan_R - ok
11:22:20.0953 0x11dc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:22:20.0971 0x11dc  idsvc - ok
11:22:20.0990 0x11dc  IEEtwCollectorService - ok
11:22:21.0012 0x11dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:22:21.0014 0x11dc  iirsp - ok
11:22:21.0058 0x11dc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:22:21.0076 0x11dc  IKEEXT - ok
11:22:21.0236 0x11dc  [ 8CAA2A543155675D09B0D5239E31EC99, 033CF96E110136A59E01C4D26FE3681862C0993938959059A37A34DC1C0E1D49 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:22:21.0309 0x11dc  IntcAzAudAddService - ok
11:22:21.0415 0x11dc  [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:22:21.0429 0x11dc  IntcDAud - ok
11:22:21.0468 0x11dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:22:21.0469 0x11dc  intelide - ok
11:22:21.0811 0x11dc  [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
11:22:22.0088 0x11dc  intelkmd - ok
11:22:22.0110 0x11dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:22:22.0112 0x11dc  intelppm - ok
11:22:22.0141 0x11dc  [ E45575812630B049CE0F679D87561A4D, 2645B87960DAA51295530ECF5518E5872B17520293068E7DEA064FEAE3884E87 ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys
11:22:22.0143 0x11dc  ioatdma1 - ok
11:22:22.0169 0x11dc  [ 2C23820DD9E81199E60F553EB50BC449, AF3847AD90A79E9D22DC67F4ED52B1D3FAF7C6420D60F2044C1FB49FD338BB70 ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys
11:22:22.0172 0x11dc  ioatdma2 - ok
11:22:22.0203 0x11dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:22:22.0207 0x11dc  IPBusEnum - ok
11:22:22.0219 0x11dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:22:22.0221 0x11dc  IpFilterDriver - ok
11:22:22.0248 0x11dc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:22:22.0261 0x11dc  iphlpsvc - ok
11:22:22.0276 0x11dc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:22:22.0278 0x11dc  IPMIDRV - ok
11:22:22.0290 0x11dc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:22:22.0294 0x11dc  IPNAT - ok
11:22:22.0323 0x11dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:22:22.0325 0x11dc  IRENUM - ok
11:22:22.0337 0x11dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:22:22.0339 0x11dc  isapnp - ok
11:22:22.0372 0x11dc  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:22:22.0384 0x11dc  iScsiPrt - ok
11:22:22.0401 0x11dc  [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
11:22:22.0411 0x11dc  iusb3hub - ok
11:22:22.0457 0x11dc  [ F1E93FE111924D0BC853155AADF8048B, 2DFD5B3D042286A0FD5E482C81FAE339E4F05C0A6DFF43061D8502C4551125F7 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
11:22:22.0475 0x11dc  iusb3xhc - ok
11:22:22.0498 0x11dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:22:22.0500 0x11dc  kbdclass - ok
11:22:22.0510 0x11dc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:22:22.0512 0x11dc  kbdhid - ok
11:22:22.0522 0x11dc  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso          C:\Windows\system32\lsass.exe
11:22:22.0524 0x11dc  KeyIso - ok
11:22:22.0557 0x11dc  [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:22:22.0559 0x11dc  KSecDD - ok
11:22:22.0576 0x11dc  [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:22:22.0580 0x11dc  KSecPkg - ok
11:22:22.0595 0x11dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:22:22.0597 0x11dc  ksthunk - ok
11:22:22.0634 0x11dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:22:22.0645 0x11dc  KtmRm - ok
11:22:22.0687 0x11dc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:22:22.0697 0x11dc  LanmanServer - ok
11:22:22.0736 0x11dc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:22:22.0742 0x11dc  LanmanWorkstation - ok
11:22:22.0807 0x11dc  [ 0C6949FED8886C642ED17EE802223181, 1E68138815924E2F750B0D4D83D6FB63C9EED354CE05ECBCB874C5A6AFBBED25 ] legendasdrv     C:\Windows\system32\drivers\legendasdrv.sys
11:22:22.0970 0x11dc  legendasdrv - ok
11:22:23.0110 0x11dc  [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
11:22:23.0167 0x11dc  LiveUpdateSvc - ok
11:22:23.0192 0x11dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:22:23.0194 0x11dc  lltdio - ok
11:22:23.0217 0x11dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:22:23.0225 0x11dc  lltdsvc - ok
11:22:23.0242 0x11dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:22:23.0245 0x11dc  lmhosts - ok
11:22:23.0319 0x11dc  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:22:23.0327 0x11dc  LMS - ok
11:22:23.0363 0x11dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:22:23.0367 0x11dc  LSI_FC - ok
11:22:23.0387 0x11dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:22:23.0391 0x11dc  LSI_SAS - ok
11:22:23.0418 0x11dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:22:23.0421 0x11dc  LSI_SAS2 - ok
11:22:23.0439 0x11dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:22:23.0443 0x11dc  LSI_SCSI - ok
11:22:23.0457 0x11dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:22:23.0460 0x11dc  luafv - ok
11:22:23.0485 0x11dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:22:23.0490 0x11dc  Mcx2Svc - ok
11:22:23.0505 0x11dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:22:23.0507 0x11dc  megasas - ok
11:22:23.0522 0x11dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:22:23.0530 0x11dc  MegaSR - ok
11:22:23.0559 0x11dc  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:22:23.0561 0x11dc  MEIx64 - ok
11:22:23.0597 0x11dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:22:23.0601 0x11dc  MMCSS - ok
11:22:23.0825 0x11dc  [ D9652739D1007B9B5CE34CEF38E095C5, 20AFFEA3B2E7F254A58CDD9F4F9D51D94710C20E98A650BE33FD446A474D7D12 ] mmsminisrv      C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
11:22:23.0960 0x11dc  mmsminisrv - ok
11:22:23.0981 0x11dc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:22:23.0983 0x11dc  Modem - ok
11:22:24.0027 0x11dc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:22:24.0029 0x11dc  monitor - ok
11:22:24.0053 0x11dc  [ 95314C3A08589471983C2C8173F23CDA, 05D30728D7204ABA2437259ECF929A94E6573F7621BAF35D76EBA26F5489A6CF ] MonitorFunction C:\Windows\system32\DRIVERS\TVMonitor.sys
11:22:24.0055 0x11dc  MonitorFunction - ok
11:22:24.0088 0x11dc  [ 4BD239A90FAFC80CA91AF2DD644D719A, D26D48AB392426544C9E57593BB72F9416E7EFF73769C94A9A4614099EA31E18 ] motandroidusb   C:\Windows\system32\Drivers\motoandroid.sys
11:22:24.0091 0x11dc  motandroidusb - ok
11:22:24.0122 0x11dc  [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
11:22:24.0130 0x11dc  motccgp - ok
11:22:24.0185 0x11dc  [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
11:22:24.0189 0x11dc  Motorola Device Manager - ok
11:22:24.0197 0x11dc  [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
11:22:24.0199 0x11dc  MotoSwitchService - ok
11:22:24.0243 0x11dc  [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
11:22:24.0246 0x11dc  Motousbnet - ok
11:22:24.0275 0x11dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:22:24.0279 0x11dc  mouclass - ok
11:22:24.0307 0x11dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:22:24.0310 0x11dc  mouhid - ok
11:22:24.0348 0x11dc  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:22:24.0350 0x11dc  mountmgr - ok
11:22:24.0408 0x11dc  [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:22:24.0412 0x11dc  MozillaMaintenance - ok
11:22:24.0488 0x11dc  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:22:24.0498 0x11dc  MpFilter - ok
11:22:24.0535 0x11dc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:22:24.0542 0x11dc  mpio - ok
11:22:24.0555 0x11dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:22:24.0559 0x11dc  mpsdrv - ok
11:22:24.0623 0x11dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:22:24.0644 0x11dc  MpsSvc - ok
11:22:24.0679 0x11dc  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:22:24.0682 0x11dc  MRxDAV - ok
11:22:24.0717 0x11dc  [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:22:24.0721 0x11dc  mrxsmb - ok
11:22:24.0779 0x11dc  [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:22:24.0789 0x11dc  mrxsmb10 - ok
11:22:24.0806 0x11dc  [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:22:24.0809 0x11dc  mrxsmb20 - ok
11:22:24.0822 0x11dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:22:24.0823 0x11dc  msahci - ok
11:22:24.0853 0x11dc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:22:24.0857 0x11dc  msdsm - ok
11:22:24.0876 0x11dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:22:24.0881 0x11dc  MSDTC - ok
11:22:24.0892 0x11dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:22:24.0893 0x11dc  Msfs - ok
11:22:24.0903 0x11dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:22:24.0917 0x11dc  mshidkmdf - ok
11:22:24.0944 0x11dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:22:24.0945 0x11dc  msisadrv - ok
11:22:24.0977 0x11dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:22:24.0982 0x11dc  MSiSCSI - ok
11:22:24.0985 0x11dc  msiserver - ok
11:22:25.0015 0x11dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:22:25.0016 0x11dc  MSKSSRV - ok
11:22:25.0133 0x11dc  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:22:25.0135 0x11dc  MsMpSvc - ok
11:22:25.0153 0x11dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:22:25.0156 0x11dc  MSPCLOCK - ok
11:22:25.0169 0x11dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:22:25.0171 0x11dc  MSPQM - ok
11:22:25.0204 0x11dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:22:25.0218 0x11dc  MsRPC - ok
11:22:25.0234 0x11dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:22:25.0236 0x11dc  mssmbios - ok
11:22:25.0254 0x11dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:22:25.0255 0x11dc  MSTEE - ok
11:22:25.0270 0x11dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:22:25.0272 0x11dc  MTConfig - ok
11:22:25.0288 0x11dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:22:25.0290 0x11dc  Mup - ok
11:22:25.0331 0x11dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:22:25.0344 0x11dc  napagent - ok
11:22:25.0407 0x11dc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:22:25.0425 0x11dc  NativeWifiP - ok
11:22:25.0509 0x11dc  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:22:25.0528 0x11dc  NDIS - ok
11:22:25.0544 0x11dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:22:25.0546 0x11dc  NdisCap - ok
11:22:25.0574 0x11dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:22:25.0576 0x11dc  NdisTapi - ok
11:22:25.0589 0x11dc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:22:25.0591 0x11dc  Ndisuio - ok
11:22:25.0602 0x11dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:22:25.0608 0x11dc  NdisWan - ok
11:22:25.0624 0x11dc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:22:25.0627 0x11dc  NDProxy - ok
11:22:25.0704 0x11dc  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:22:25.0713 0x11dc  Net Driver HPZ12 - ok
11:22:25.0722 0x11dc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:22:25.0724 0x11dc  NetBIOS - ok
11:22:25.0750 0x11dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:22:25.0756 0x11dc  NetBT - ok
11:22:25.0772 0x11dc  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon        C:\Windows\system32\lsass.exe
11:22:25.0780 0x11dc  Netlogon - ok
11:22:25.0818 0x11dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:22:25.0833 0x11dc  Netman - ok
11:22:25.0891 0x11dc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:22:25.0895 0x11dc  NetMsmqActivator - ok
11:22:25.0921 0x11dc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:22:25.0924 0x11dc  NetPipeActivator - ok
11:22:25.0953 0x11dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:22:25.0964 0x11dc  netprofm - ok
11:22:26.0017 0x11dc  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
11:22:26.0045 0x11dc  netr28ux - ok
11:22:26.0053 0x11dc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:22:26.0056 0x11dc  NetTcpActivator - ok
11:22:26.0089 0x11dc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:22:26.0093 0x11dc  NetTcpPortSharing - ok
11:22:26.0353 0x11dc  [ B9C587BDAA61A689883439D5AE6FE7F3, 4AA75BFDD18E0F7D250D1726556FA4F1B0CFE93EA1C38BA43F0EBE046B566E4F ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
11:22:26.0537 0x11dc  NETwNs64 - ok
11:22:26.0583 0x11dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:22:26.0585 0x11dc  nfrd960 - ok
11:22:26.0618 0x11dc  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:22:26.0622 0x11dc  NisDrv - ok
11:22:26.0662 0x1224  Object send P2P result: true
11:22:26.0688 0x11dc  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
11:22:26.0698 0x11dc  NisSrv - ok
11:22:26.0721 0x11dc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:22:26.0730 0x11dc  NlaSvc - ok
11:22:26.0773 0x11dc  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf             C:\Windows\system32\drivers\npf.sys
11:22:26.0789 0x11dc  npf - ok
11:22:26.0814 0x11dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:22:26.0815 0x11dc  Npfs - ok
11:22:26.0847 0x11dc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:22:26.0864 0x11dc  nsi - ok
11:22:26.0876 0x11dc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:22:26.0879 0x11dc  nsiproxy - ok
11:22:27.0014 0x11dc  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:22:27.0046 0x11dc  Ntfs - ok
11:22:27.0057 0x11dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:22:27.0059 0x11dc  Null - ok
11:22:27.0103 0x11dc  [ B227E75AD10A142DD326B4CC8D73A6D9, CA76D73381ADAB04E86D417788D4EDAAE8343B90DCC9690ED5FFB1C0B1F09057 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:22:27.0110 0x11dc  nusb3hub - ok
11:22:27.0189 0x11dc  [ 55959DB860E4E484681586824D09E52C, EEA42F7DF194A84F207A8DC3BA9BF9ACDBFFFA9C611DA9289528C7F64599563F ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:22:27.0200 0x11dc  nusb3xhc - ok
11:22:27.0219 0x11dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:22:27.0231 0x11dc  nvraid - ok
11:22:27.0238 0x11dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:22:27.0243 0x11dc  nvstor - ok
11:22:27.0267 0x11dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:22:27.0271 0x11dc  nv_agp - ok
11:22:27.0289 0x11dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:22:27.0303 0x11dc  ohci1394 - ok
11:22:27.0353 0x11dc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:22:27.0364 0x11dc  ose - ok
11:22:27.0398 0x11dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:22:27.0409 0x11dc  p2pimsvc - ok
11:22:27.0480 0x11dc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:22:27.0540 0x11dc  p2psvc - ok
11:22:27.0569 0x11dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:22:27.0575 0x11dc  Parport - ok
11:22:27.0596 0x11dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:22:27.0600 0x11dc  partmgr - ok
11:22:27.0653 0x11dc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:22:27.0665 0x11dc  PcaSvc - ok
11:22:27.0725 0x11dc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:22:27.0733 0x11dc  pci - ok
11:22:27.0749 0x11dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:22:27.0752 0x11dc  pciide - ok
11:22:27.0772 0x11dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:22:27.0784 0x11dc  pcmcia - ok
11:22:27.0802 0x11dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:22:27.0803 0x11dc  pcw - ok
11:22:27.0913 0x11dc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:22:27.0935 0x11dc  PEAUTH - ok
11:22:28.0003 0x11dc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:22:28.0032 0x11dc  PeerDistSvc - ok
11:22:28.0116 0x11dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:22:28.0120 0x11dc  PerfHost - ok
11:22:28.0233 0x11dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:22:28.0265 0x11dc  pla - ok
11:22:28.0297 0x1e88  Object send P2P result: true
11:22:28.0297 0x1e88  Object required for P2P: [ 786E8BCDFF674068F3C950615FC2E71C ] aswKbd
11:22:28.0323 0x11dc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:22:28.0334 0x11dc  PlugPlay - ok
11:22:28.0470 0x11dc  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:22:28.0479 0x11dc  Pml Driver HPZ12 - ok
11:22:28.0498 0x11dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:22:28.0504 0x11dc  PNRPAutoReg - ok
11:22:28.0552 0x11dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:22:28.0559 0x11dc  PNRPsvc - ok
11:22:28.0589 0x11dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:22:28.0603 0x11dc  PolicyAgent - ok
11:22:28.0628 0x11dc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:22:28.0635 0x11dc  Power - ok
11:22:28.0693 0x11dc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:22:28.0703 0x11dc  PptpMiniport - ok
11:22:28.0747 0x11dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:22:28.0760 0x11dc  Processor - ok
11:22:28.0848 0x11dc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:22:28.0860 0x11dc  ProfSvc - ok
11:22:28.0879 0x11dc  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:22:28.0881 0x11dc  ProtectedStorage - ok
11:22:28.0926 0x11dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:22:28.0937 0x11dc  Psched - ok
11:22:29.0052 0x11dc  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
11:22:31.0050 0x11dc  PST Service - ok
11:22:31.0093 0x11dc  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
11:22:31.0096 0x11dc  pwdrvio - ok
11:22:31.0146 0x11dc  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
11:22:31.0156 0x11dc  pwdspio - ok
11:22:31.0216 0x11dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:22:31.0249 0x11dc  ql2300 - ok
11:22:31.0273 0x11dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:22:31.0276 0x11dc  ql40xx - ok
11:22:31.0303 0x11dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:22:31.0311 0x11dc  QWAVE - ok
11:22:31.0327 0x11dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:22:31.0329 0x11dc  QWAVEdrv - ok
11:22:31.0493 0x11dc  [ 07D344FB15CF58CEB1D5C7958B67B934, 952CEA805B1DAB818CE5B0E4AD8661CB3E159B3E927F156CA38011403891EBE9 ] RapportIaso     c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys
11:22:31.0507 0x11dc  RapportIaso - ok
11:22:31.0535 0x11dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:22:31.0536 0x11dc  RasAcd - ok
11:22:31.0576 0x11dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:22:31.0579 0x11dc  RasAgileVpn - ok
11:22:31.0597 0x11dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:22:31.0602 0x11dc  RasAuto - ok
11:22:31.0613 0x11dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:22:31.0617 0x11dc  Rasl2tp - ok
11:22:31.0634 0x11dc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:22:31.0644 0x11dc  RasMan - ok
11:22:31.0653 0x11dc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:22:31.0656 0x11dc  RasPppoe - ok
11:22:31.0666 0x11dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:22:31.0669 0x11dc  RasSstp - ok
11:22:31.0688 0x11dc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:22:31.0695 0x11dc  rdbss - ok
11:22:31.0711 0x11dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:22:31.0712 0x11dc  rdpbus - ok
11:22:31.0757 0x11dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:22:31.0759 0x11dc  RDPCDD - ok
11:22:31.0797 0x11dc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:22:31.0807 0x11dc  RDPDR - ok
11:22:31.0818 0x11dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:22:31.0820 0x11dc  RDPENCDD - ok
11:22:31.0835 0x11dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:22:31.0836 0x11dc  RDPREFMP - ok
11:22:31.0896 0x11dc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:22:31.0900 0x11dc  RdpVideoMiniport - ok
11:22:31.0944 0x11dc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:22:31.0952 0x11dc  RDPWD - ok
11:22:31.0966 0x11dc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:22:31.0971 0x11dc  rdyboost - ok
11:22:32.0004 0x11dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:22:32.0008 0x11dc  RemoteAccess - ok
11:22:32.0038 0x11dc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:22:32.0044 0x11dc  RemoteRegistry - ok
11:22:32.0092 0x11dc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:22:32.0097 0x11dc  RFCOMM - ok
11:22:32.0112 0x11dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:22:32.0117 0x11dc  RpcEptMapper - ok
11:22:32.0143 0x11dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:22:32.0145 0x11dc  RpcLocator - ok
11:22:32.0170 0x11dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:22:32.0180 0x11dc  RpcSs - ok
11:22:32.0230 0x11dc  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
11:22:32.0238 0x11dc  RSPCIESTOR - ok
11:22:32.0257 0x11dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:22:32.0260 0x11dc  rspndr - ok
11:22:32.0303 0x11dc  [ 5BDAF690FE82D8E531328DE7E766FB7A, 1DC78D6532566AE21317FA02150CCB3AD17AD0069688E43A1C48109941D36082 ] RT-USB          C:\Windows\system32\drivers\RT-USB64.SYS
11:22:32.0305 0x11dc  RT-USB - ok
11:22:32.0359 0x11dc  [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:22:32.0378 0x11dc  RTL8167 - ok
11:22:32.0419 0x11dc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:22:32.0421 0x11dc  s3cap - ok
11:22:32.0439 0x11dc  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs           C:\Windows\system32\lsass.exe
11:22:32.0441 0x11dc  SamSs - ok
11:22:32.0466 0x11dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:22:32.0469 0x11dc  sbp2port - ok
11:22:32.0502 0x11dc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:22:32.0508 0x11dc  SCardSvr - ok
11:22:32.0522 0x11dc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:22:32.0524 0x11dc  scfilter - ok
11:22:32.0575 0x11dc  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:22:32.0602 0x11dc  Schedule - ok
11:22:32.0647 0x11dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:22:32.0649 0x11dc  SCPolicySvc - ok
11:22:32.0663 0x11dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:22:32.0669 0x11dc  SDRSVC - ok
11:22:32.0702 0x11dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:22:32.0704 0x11dc  secdrv - ok
11:22:32.0734 0x11dc  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:22:32.0737 0x11dc  seclogon - ok
11:22:32.0753 0x11dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:22:32.0757 0x11dc  SENS - ok
11:22:32.0766 0x11dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:22:32.0770 0x11dc  SensrSvc - ok
11:22:32.0804 0x11dc  [ 8167B3DF18CF957BB87F328F131D5570, 10D9F7691BF67773D8F1276D3A63D43FB2CF5F618B701F0E1DC11E348CB12E79 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
11:22:32.0839 0x11dc  Ser2pl - ok
11:22:32.0860 0x11dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:22:32.0861 0x11dc  Serenum - ok
11:22:32.0871 0x11dc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
11:22:32.0874 0x11dc  Serial - ok
11:22:32.0886 0x11dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:22:32.0888 0x11dc  sermouse - ok
11:22:33.0039 0x11dc  [ D2E25B1FE392E6E1C9A149F17920C318, F2FB3BC29ECF2F59A99CC33C57227B7DBC22E9935678877F06803EBA742CFDD8 ] Serviio         D:\PROGRAMAS\Serviio\bin\ServiioService.exe
11:22:33.0057 0x11dc  Serviio - ok
11:22:33.0079 0x1e88  Object send P2P result: true
11:22:33.0088 0x11dc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:22:33.0094 0x11dc  SessionEnv - ok
11:22:33.0148 0x11dc  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
11:22:33.0152 0x11dc  SFEP - ok
11:22:33.0164 0x11dc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:22:33.0166 0x11dc  sffdisk - ok
11:22:33.0172 0x11dc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:22:33.0175 0x11dc  sffp_mmc - ok
11:22:33.0185 0x11dc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:22:33.0187 0x11dc  sffp_sd - ok
11:22:33.0213 0x11dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:22:33.0215 0x11dc  sfloppy - ok
11:22:33.0267 0x11dc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:22:33.0278 0x11dc  SharedAccess - ok
11:22:33.0315 0x11dc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:22:33.0334 0x11dc  ShellHWDetection - ok
11:22:33.0355 0x11dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:22:33.0357 0x11dc  SiSRaid2 - ok
11:22:33.0367 0x11dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:22:33.0370 0x11dc  SiSRaid4 - ok
11:22:33.0461 0x11dc  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:22:33.0469 0x11dc  SkypeUpdate - ok
11:22:33.0494 0x11dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:22:33.0497 0x11dc  Smb - ok
11:22:33.0530 0x11dc  [ 273D023EC708A54623518A059DA1E043, F96A8406D68BD3D0F5E4E3C04FDB804FF8E4BACBA1BCD7F35C3DEA41A0F56168 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
11:22:33.0538 0x11dc  snapman - ok
11:22:33.0562 0x11dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:22:33.0566 0x11dc  SNMPTRAP - ok
11:22:33.0575 0x11dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:22:33.0577 0x11dc  spldr - ok
11:22:33.0616 0x11dc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:22:33.0630 0x11dc  Spooler - ok
11:22:33.0803 0x11dc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:22:33.0876 0x11dc  sppsvc - ok
11:22:33.0895 0x11dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:22:33.0900 0x11dc  sppuinotify - ok
11:22:33.0924 0x11dc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:22:33.0935 0x11dc  srv - ok
11:22:33.0961 0x11dc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:22:33.0970 0x11dc  srv2 - ok
11:22:33.0983 0x11dc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:22:33.0987 0x11dc  srvnet - ok
11:22:34.0029 0x11dc  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
11:22:34.0040 0x11dc  ssadbus - ok
11:22:34.0069 0x11dc  [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:22:34.0071 0x11dc  ssadmdfl - ok
11:22:34.0090 0x11dc  [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
11:22:34.0097 0x11dc  ssadmdm - ok
11:22:34.0165 0x11dc  [ DF11D259C10C9D0DFCCBA1093C5DB1BD, A9AEF5D88DDDCE27A4640FE82CED92A4957C42F8E9EEDFC52DC128A66E0B43ED ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
11:22:34.0177 0x11dc  sscdbus - ok
11:22:34.0207 0x11dc  [ 3EF9386DC95BF2AE60D08367E5E4E785, BC75B656EC8D9497F2A10A5A7B226CB06F1664C044BAF2C10AB0AD884A0E364A ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
11:22:34.0210 0x11dc  sscdmdfl - ok
11:22:34.0230 0x11dc  [ 00D2AA893C662A9EB9B779F6CA2B0DFB, D9DF6D5C7006A417F629C89FB94F735F807FB781242B5C7B1D82D08828FA2BA9 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
11:22:34.0237 0x11dc  sscdmdm - ok
11:22:34.0268 0x11dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:22:34.0279 0x11dc  SSDPSRV - ok
11:22:34.0291 0x11dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:22:34.0297 0x11dc  SstpSvc - ok
11:22:34.0331 0x11dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:22:34.0333 0x11dc  stexstor - ok
11:22:34.0377 0x11dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:22:34.0392 0x11dc  stisvc - ok
11:22:34.0427 0x11dc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:22:34.0429 0x11dc  storflt - ok
11:22:34.0445 0x11dc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:22:34.0447 0x11dc  storvsc - ok
11:22:34.0463 0x11dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:22:34.0464 0x11dc  swenum - ok
11:22:34.0487 0x11dc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:22:34.0501 0x11dc  swprv - ok
11:22:34.0806 0x11dc  [ 1173C0D87C37D145D65E2750875B721F, 97DFACC8C32D784C2F99A5F2C151296FE17DDD0C0D12FE11A5FA266C8AB3F9C7 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
11:22:34.0977 0x11dc  syncagentsrv - ok
11:22:35.0183 0x11dc  [ 84B1F69E0D44A179AF61BFA7292B0FC1, ABC12B4004FE29E1E49449FD50318D94B8450C07B98D8707F2BCFCE0F42D1063 ] SyncoveryVSSService D:\PROGRAMAS\Syncovery\SyncoveryVSS.exe
11:22:35.0593 0x11dc  SyncoveryVSSService - ok
11:22:35.0638 0x11dc  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
11:22:35.0641 0x11dc  Synth3dVsc - ok
11:22:35.0723 0x11dc  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:22:35.0766 0x11dc  SysMain - ok
11:22:35.0795 0x11dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:22:35.0801 0x11dc  TabletInputService - ok
11:22:35.0824 0x11dc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:22:35.0836 0x11dc  TapiSrv - ok
11:22:35.0853 0x11dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:22:35.0858 0x11dc  TBS - ok
11:22:35.0946 0x11dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:22:35.0983 0x11dc  Tcpip - ok
11:22:36.0128 0x11dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:22:36.0175 0x11dc  TCPIP6 - ok
11:22:36.0218 0x11dc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:22:36.0235 0x11dc  tcpipreg - ok
11:22:36.0272 0x11dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:22:36.0275 0x11dc  TDPIPE - ok
11:22:36.0292 0x11dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:22:36.0307 0x11dc  TDTCP - ok
11:22:36.0333 0x11dc  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:22:36.0338 0x11dc  tdx - ok
11:22:36.0633 0x11dc  [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
11:22:36.0768 0x11dc  TeamViewer - ok
11:22:36.0838 0x11dc  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
11:22:36.0843 0x11dc  teamviewervpn - ok
11:22:36.0901 0x11dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:22:36.0905 0x11dc  TermDD - ok
11:22:36.0936 0x11dc  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
11:22:36.0942 0x11dc  terminpt - ok
11:22:37.0001 0x11dc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:22:37.0020 0x11dc  TermService - ok
11:22:37.0068 0x11dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:22:37.0084 0x11dc  Themes - ok
11:22:37.0121 0x11dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:22:37.0127 0x11dc  THREADORDER - ok
11:22:37.0251 0x11dc  [ D00E6FC3615D6DF90B3B9A842B07C1E2, 10B713FE8C99566DF28788F111C58352BBE13C4C1F88A38829017BFA28046881 ] tib             C:\Windows\system32\DRIVERS\tib.sys
11:22:37.0298 0x11dc  tib - ok
11:22:37.0373 0x11dc  [ E8485EE510638CE24CD7427ABE7CF6B5, C5C51ED2A27CFAAA0892272C3B4A2D3B74268CD31E0AB2B6AEA5DF0D5378E4FC ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
11:22:37.0407 0x11dc  tib_mounter - ok
11:22:37.0447 0x11dc  [ 4A3AB9F8994A02BEE54D2D21EE38B03C, C1278B992448705E5AE162E1D9DCDA99E841C49C9B32B559A39EBCB1D02B27AC ] tnd             C:\Windows\system32\DRIVERS\tnd.sys
11:22:37.0476 0x11dc  tnd - ok
11:22:37.0551 0x11dc  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
11:22:37.0556 0x11dc  TPM - ok
11:22:37.0596 0x11dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:22:37.0609 0x11dc  TrkWks - ok
11:22:37.0653 0x11dc  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
11:22:37.0660 0x11dc  truecrypt - ok
11:22:37.0718 0x11dc  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
11:22:37.0803 0x11dc  TrueSight - ok
11:22:37.0854 0x11dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:22:37.0858 0x11dc  TrustedInstaller - ok
11:22:37.0899 0x11dc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:22:37.0905 0x11dc  tssecsrv - ok
11:22:37.0935 0x11dc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:22:37.0939 0x11dc  TsUsbFlt - ok
11:22:37.0955 0x11dc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:22:37.0957 0x11dc  TsUsbGD - ok
11:22:37.0991 0x11dc  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
11:22:37.0994 0x11dc  tsusbhub - ok
11:22:38.0037 0x11dc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:22:38.0041 0x11dc  tunnel - ok
11:22:38.0045 0x11dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:22:38.0048 0x11dc  uagp35 - ok
11:22:38.0067 0x11dc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:22:38.0074 0x11dc  udfs - ok
11:22:38.0116 0x11dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:22:38.0121 0x11dc  UI0Detect - ok
11:22:38.0195 0x11dc  [ 40DD904C5FA8B4F614DBAEA94D233169, 3F87B94B0C0EB40C7B67BAE0392D050EFA8F582EA718CD3E7B0E7BB193904C83 ] UimBus          C:\Windows\system32\DRIVERS\UimBus.sys
11:22:38.0235 0x11dc  UimBus - ok
11:22:38.0283 0x11dc  [ 020BEB8F3EACC80F13FD82B39B2AB855, 74307241C5EC3597D9AD09335B61844A24895EA125B5847289C5D264184E3367 ] Uim_DEVIM       C:\Windows\system32\DRIVERS\uim_devim.sys
11:22:38.0309 0x11dc  Uim_DEVIM - ok
11:22:38.0393 0x11dc  [ 887C749A1D91EAFBC7C1BCC69D5220D4, DD6B1C6A2C0CE546A71DC4E5007F77F885B56900AD868A6D5E773D7695BF38B6 ] Uim_IM          C:\Windows\system32\DRIVERS\uim_im.sys
11:22:38.0436 0x11dc  Uim_IM - ok
11:22:38.0463 0x11dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:22:38.0479 0x11dc  uliagpkx - ok
11:22:38.0512 0x11dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:22:38.0517 0x11dc  umbus - ok
11:22:38.0534 0x11dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:22:38.0549 0x11dc  UmPass - ok
11:22:38.0588 0x11dc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:22:38.0608 0x11dc  UmRdpService - ok
11:22:38.0840 0x11dc  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:22:38.0903 0x11dc  UNS - ok
11:22:38.0938 0x11dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:22:38.0948 0x11dc  upnphost - ok
11:22:38.0975 0x11dc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:22:38.0979 0x11dc  usbccgp - ok
11:22:39.0007 0x11dc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:22:39.0011 0x11dc  usbcir - ok
11:22:39.0040 0x11dc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:22:39.0042 0x11dc  usbehci - ok
11:22:39.0063 0x11dc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:22:39.0071 0x11dc  usbhub - ok
11:22:39.0100 0x11dc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:22:39.0102 0x11dc  usbohci - ok
11:22:39.0138 0x11dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:22:39.0140 0x11dc  usbprint - ok
11:22:39.0175 0x11dc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:22:39.0177 0x11dc  usbscan - ok
11:22:39.0198 0x11dc  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
11:22:39.0200 0x11dc  usbser - ok
11:22:39.0237 0x11dc  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
11:22:39.0240 0x11dc  USBSTOR - ok
11:22:39.0244 0x11dc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:22:39.0246 0x11dc  usbuhci - ok
11:22:39.0266 0x11dc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:22:39.0271 0x11dc  usbvideo - ok
11:22:39.0307 0x11dc  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
11:22:39.0311 0x11dc  usb_rndisx - ok
11:22:39.0334 0x11dc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:22:39.0342 0x11dc  UxSms - ok
11:22:39.0412 0x11dc  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
11:22:39.0415 0x11dc  VAIO Event Service - ok
11:22:39.0428 0x11dc  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc        C:\Windows\system32\lsass.exe
11:22:39.0432 0x11dc  VaultSvc - ok
11:22:39.0448 0x11dc  VBoxAswDrv - ok
11:22:39.0491 0x11dc  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:22:39.0498 0x11dc  VBoxUSBMon - ok
11:22:39.0505 0x11dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:22:39.0508 0x11dc  vdrvroot - ok
11:22:39.0577 0x11dc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:22:39.0601 0x11dc  vds - ok
11:22:39.0618 0x11dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:22:39.0620 0x11dc  vga - ok
11:22:39.0625 0x11dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:22:39.0627 0x11dc  VgaSave - ok
11:22:39.0647 0x11dc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
11:22:39.0652 0x11dc  vhdmp - ok
11:22:39.0656 0x11dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:22:39.0658 0x11dc  viaide - ok
11:22:39.0741 0x11dc  [ C740CC9D52EB278A86F42075DA96CB19, 596D9730819A888D07358BA12AC76F17E02186DACFDCDBDA58E8EF4BB7CA51F0 ] VMAuthdService  D:\PROGRAMAS\VMWare\Workstation\vmware-authd.exe
11:22:39.0838 0x11dc  VMAuthdService - ok
11:22:39.0876 0x11dc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:22:39.0882 0x11dc  vmbus - ok
11:22:39.0890 0x11dc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:22:39.0892 0x11dc  VMBusHID - ok
11:22:39.0929 0x11dc  [ 6203C901DEFF10631AAD919B3BD1489B, 2CF99A56EEBB444A30736982647FBECC037D03F4EC3A7B06C147FF62876F438B ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
11:22:39.0931 0x11dc  vmci - ok
11:22:39.0962 0x11dc  [ E75DDD0A4768CF509C80E76B8428A644, 2823DB3D2A0A18B81103D2E4E44225B5C3609AF0B1DBD175E6C32D8A4FEE90C6 ] vmkbd2          C:\Windows\system32\drivers\VMkbd.sys
11:22:39.0964 0x11dc  vmkbd2 - ok
11:22:39.0979 0x11dc  [ AEF53B47E960F227BF7638A6A1A9D5C6, 21280177B404F27A5C9725AE50D6E8595CFFED59837741C9FEEF6013CE7C8CF6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:22:39.0982 0x11dc  VMnetAdapter - ok
11:22:40.0006 0x11dc  [ C234A1DC2F06A15B9210787F54253810, B1A25D9F84752294BEE643EB9E17CC0538E5C26B7C741E32F7AEFE6514B1F5C6 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:22:40.0009 0x11dc  VMnetBridge - ok
11:22:40.0014 0x11dc  VMnetDHCP - ok
11:22:40.0062 0x11dc  [ 25FBBC8C168AEE1753C330352EA6D009, A049D670B856BA53BE725C43A10131C9FDA59D7309AFC1C8826F043D83CD1673 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
11:22:40.0066 0x11dc  VMnetuserif - ok
11:22:40.0108 0x11dc  [ 415B167695C4B5960A13098622EF3D80, E68AE845A6967E68FB22EB0F4D95631D041DA906801202F7662B22EAD34B2371 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys
11:22:40.0113 0x11dc  vmusb - ok
11:22:40.0237 0x11dc  [ B55A8DADA1D825B73C811101B06E012F, BF529432E87FEE648C931FA6EFE7DCF9F87A7608265E0635D54B66EB57967A51 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:22:40.0259 0x11dc  VMUSBArbService - ok
11:22:40.0286 0x11dc  VMware NAT Service - ok
11:22:40.0289 0x11dc  VMwareHostd - ok
11:22:40.0294 0x11dc  [ D37CB37BF3FB6612BCA19D81EFA16122, 39A2D01F618DC75B0C80C8BEBD6C78ABEDA8D76151EDB4C57E6F33F8690DD47D ] vmx86           C:\Windows\system32\drivers\vmx86.sys
11:22:40.0297 0x11dc  vmx86 - ok
11:22:40.0320 0x11dc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:22:40.0323 0x11dc  volmgr - ok
11:22:40.0339 0x11dc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:22:40.0347 0x11dc  volmgrx - ok
11:22:40.0366 0x11dc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:22:40.0372 0x11dc  volsnap - ok
11:22:40.0384 0x11dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:22:40.0388 0x11dc  vsmraid - ok
11:22:40.0410 0x11dc  [ EF1E48D431223F670CFFD6169B1A136F, 7DEF32CA45019DD79438B93626C4F31BB903093D605F18F71E055319BF4BB41E ] vsock           C:\Windows\system32\drivers\vsock.sys
11:22:40.0412 0x11dc  vsock - ok
11:22:40.0519 0x11dc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:22:40.0569 0x11dc  VSS - ok
11:22:40.0632 0x11dc  [ 65EFAEC68FA234F36880533A79D7B1C1, CFACFC5F90F6C7910232209A133FB75FF112DEE68BB5EB2FF2F9B228BC93C55C ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
11:22:40.0633 0x11dc  vstor2-mntapi10-shared - ok
11:22:40.0637 0x11dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:22:40.0638 0x11dc  vwifibus - ok
11:22:40.0657 0x11dc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:22:40.0659 0x11dc  vwififlt - ok
11:22:40.0676 0x11dc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:22:40.0678 0x11dc  vwifimp - ok
11:22:40.0705 0x11dc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:22:40.0716 0x11dc  W32Time - ok
11:22:40.0729 0x11dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:22:40.0731 0x11dc  WacomPen - ok
11:22:40.0744 0x11dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:22:40.0747 0x11dc  WANARP - ok
11:22:40.0759 0x11dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:22:40.0761 0x11dc  Wanarpv6 - ok
11:22:40.0844 0x11dc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:22:40.0869 0x11dc  WatAdminSvc - ok
11:22:40.0914 0x11dc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:22:40.0946 0x11dc  wbengine - ok
11:22:40.0975 0x11dc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:22:40.0983 0x11dc  WbioSrvc - ok
11:22:41.0009 0x11dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:22:41.0019 0x11dc  wcncsvc - ok
11:22:41.0033 0x11dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:22:41.0037 0x11dc  WcsPlugInService - ok
11:22:41.0052 0x11dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:22:41.0053 0x11dc  Wd - ok
11:22:41.0081 0x11dc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:22:41.0097 0x11dc  Wdf01000 - ok
11:22:41.0116 0x11dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:22:41.0121 0x11dc  WdiServiceHost - ok
11:22:41.0125 0x11dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:22:41.0130 0x11dc  WdiSystemHost - ok
11:22:41.0160 0x11dc  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
11:22:41.0169 0x11dc  WebClient - ok
11:22:41.0178 0x11dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:22:41.0185 0x11dc  Wecsvc - ok
11:22:41.0197 0x11dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:22:41.0202 0x11dc  wercplsupport - ok
11:22:41.0226 0x11dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:22:41.0231 0x11dc  WerSvc - ok
11:22:41.0273 0x11dc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:22:41.0274 0x11dc  WfpLwf - ok
11:22:41.0298 0x11dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:22:41.0300 0x11dc  WIMMount - ok
11:22:41.0324 0x11dc  WinDefend - ok
11:22:41.0351 0x11dc  WinHttpAutoProxySvc - ok
11:22:41.0435 0x11dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:22:41.0451 0x11dc  Winmgmt - ok
11:22:41.0585 0x11dc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:22:41.0637 0x11dc  WinRM - ok
11:22:41.0672 0x11dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:22:41.0674 0x11dc  WinUsb - ok
11:22:41.0708 0x11dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:22:41.0728 0x11dc  Wlansvc - ok
11:22:41.0896 0x11dc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:22:41.0942 0x11dc  wlidsvc - ok
11:22:41.0961 0x11dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:22:41.0962 0x11dc  WmiAcpi - ok
11:22:41.0990 0x11dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:22:41.0995 0x11dc  wmiApSrv - ok
11:22:42.0024 0x11dc  WMPNetworkSvc - ok
11:22:42.0058 0x11dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:22:42.0066 0x11dc  WPCSvc - ok
11:22:42.0081 0x11dc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:22:42.0090 0x11dc  WPDBusEnum - ok
11:22:42.0102 0x11dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:22:42.0103 0x11dc  ws2ifsl - ok
11:22:42.0114 0x11dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:22:42.0119 0x11dc  wscsvc - ok
11:22:42.0122 0x11dc  WSearch - ok
11:22:42.0247 0x11dc  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:22:42.0302 0x11dc  wuauserv - ok
11:22:42.0359 0x11dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:22:42.0366 0x11dc  WudfPf - ok
11:22:42.0401 0x11dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:22:42.0410 0x11dc  WUDFRd - ok
11:22:42.0433 0x11dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:22:42.0438 0x11dc  wudfsvc - ok
11:22:42.0467 0x11dc  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:22:42.0475 0x11dc  WwanSvc - ok
11:22:42.0545 0x11dc  [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv          C:\Windows\system32\DRIVERS\XQHDrv.sys
11:22:42.0556 0x11dc  XQHDrv - ok
11:22:42.0618 0x11dc  ================ Scan global ===============================
11:22:42.0642 0x11dc  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:22:42.0678 0x11dc  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
11:22:42.0691 0x11dc  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
11:22:42.0728 0x11dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:22:42.0773 0x11dc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:22:42.0781 0x11dc  [ Global ] - ok
11:22:42.0784 0x11dc  ================ Scan MBR ==================================
11:22:42.0789 0x11dc  [ 305F3085C8E8571895F4C9340B6A4B8E ] \Device\Harddisk0\DR0
11:22:43.0052 0x11dc  \Device\Harddisk0\DR0 - ok
11:22:43.0053 0x11dc  ================ Scan VBR ==================================
11:22:43.0054 0x11dc  [ FC3F6AADB726EE63928451F74D8CFBCF ] \Device\Harddisk0\DR0\Partition1
11:22:43.0110 0x11dc  \Device\Harddisk0\DR0\Partition1 - ok
11:22:43.0113 0x11dc  [ BC9B23A108AC3ADC129E47BD71E1BAD3 ] \Device\Harddisk0\DR0\Partition2
11:22:43.0175 0x11dc  \Device\Harddisk0\DR0\Partition2 - ok
11:22:43.0200 0x11dc  [ 30F18221E6E5FFC1FA60682284B3BFB7 ] \Device\Harddisk0\DR0\Partition3
11:22:43.0263 0x11dc  \Device\Harddisk0\DR0\Partition3 - ok
11:22:43.0294 0x11dc  [ 8C5A40262459BFC46A3AC76FBC376005 ] \Device\Harddisk0\DR0\Partition4
11:22:43.0354 0x11dc  \Device\Harddisk0\DR0\Partition4 - ok
11:22:43.0367 0x11dc  [ 987775E2413BA4E42551A7C6F0AD9EDF ] \Device\Harddisk0\DR0\Partition5
11:22:43.0368 0x11dc  \Device\Harddisk0\DR0\Partition5 - ok
11:22:43.0384 0x11dc  [ 3A2034A997E555A73FB1403E674659A3 ] \Device\Harddisk0\DR0\Partition6
11:22:43.0385 0x11dc  \Device\Harddisk0\DR0\Partition6 - ok
11:22:43.0407 0x11dc  [ 9A6B1D946A4B97721EFFA0C5C93CDBF0 ] \Device\Harddisk0\DR0\Partition7
11:22:43.0408 0x11dc  \Device\Harddisk0\DR0\Partition7 - ok
11:22:43.0425 0x11dc  [ D1DBB2CDF0352C3D7997DA8A8BEF1C51 ] \Device\Harddisk0\DR0\Partition8
11:22:43.0427 0x11dc  \Device\Harddisk0\DR0\Partition8 - ok
11:22:43.0429 0x11dc  [ B64D037A043478B953001C964D480FBF ] \Device\Harddisk0\DR0\Partition9
11:22:43.0430 0x11dc  \Device\Harddisk0\DR0\Partition9 - ok
11:22:43.0431 0x11dc  ================ Scan generic autorun ======================
11:22:43.0540 0x11dc  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] C:\Program Files\Microsoft Security Client\msseces.exe
11:22:43.0566 0x11dc  MSC - ok
11:22:43.0925 0x11dc  [ 36F4C7EF5BFB395CE24F57507F66CE09, D56160E1831BAB58F790D927DED3C3E1651BA28C0C58CDAE1AE06C4B516BBDA2 ] D:\PROGRAMAS\avast\AvastUI.exe
11:22:44.0069 0x11dc  AvastUI.exe - ok
11:22:44.0171 0x11dc  [ BF0EE37A14144C88A9F6FDA7B44981BB, 91648E51C6DB3E61B3DFE196C878B33ED493C57218D3BB0374108DDC06990041 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
11:22:44.0189 0x11dc  EEventManager - ok
11:22:44.0233 0x11dc  [ C71198DEB30E40147C0041A65E9F61B4, 027F9BF3EAC5595E306C4F261983E782E37349DEB8EC9EA07553AEC10643235A ] D:\PROGRAMAS\VMWare\Workstation\vmware-tray.exe
11:22:44.0359 0x11dc  vmware-tray.exe - ok
11:22:44.0487 0x11dc  [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
11:22:44.0530 0x11dc  ISBMgr.exe - ok
11:22:44.0596 0x11dc  Dropbox - ok
11:22:44.0678 0x11dc  [ 6513807FEE68E6C32E67437EE3FFB6C8, 2AB388BD68E984C38EAAF2D42DE918A64B42DA229627FC0B1A896A8AD60B5F91 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:22:44.0679 0x1dcc  Object required for P2P: [ D9652739D1007B9B5CE34CEF38E095C5 ] mmsminisrv
11:22:44.0709 0x11dc  SunJavaUpdateSched - ok
11:22:44.0810 0x11dc  [ 515700D7682477FC2E0038EB5F19A611, 777B7388104F9B7489B6C62A7A59E309C1296B146AE3706E7DA3C928CC7FE320 ] C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe
11:22:44.0857 0x11dc  VAIO Boot Manager - ok
11:22:45.0014 0x11dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:22:45.0169 0x11dc  Sidebar - ok
11:22:45.0219 0x11dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:22:45.0230 0x11dc  mctadmin - ok
11:22:45.0266 0x11dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:22:45.0286 0x11dc  Sidebar - ok
11:22:45.0290 0x11dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:22:45.0293 0x11dc  mctadmin - ok
11:22:45.0380 0x11dc  [ C0A3DA8F5318EB371EA2C2279A04A369, 0892B840C5BD6C79E9BBA027011AB0F53FF0D6A34A0D2CF0B91E4D8745386C86 ] D:\PROGRAMAS\Touchpad Blocker\TouchpadBlocker.exe
11:22:48.0313 0x11dc  TouchpadBlocker.exe - ok
11:22:48.0459 0x11dc  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] D:\PROGRAMAS\DAEMON Tools Lite\DTLite.exe
11:22:48.0759 0x11dc  DAEMON Tools Lite - ok
11:22:48.0839 0x11dc  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] D:\PROGRAMAS\DAEMON Tools Lite\DTLite.exe
11:22:48.0896 0x11dc  DAEMON Tools Lite - ok
11:22:48.0976 0x11dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:22:49.0010 0x11dc  Sidebar - ok
11:22:49.0115 0x11dc  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] D:\PROGRAMAS\DAEMON Tools Lite\DTLite.exe
11:22:49.0170 0x11dc  DAEMON Tools Lite - ok
11:22:49.0203 0x11dc  MP3 Skype Recorder - ok
11:22:49.0225 0x11dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:22:49.0236 0x11dc  mctadmin - ok
11:22:49.0304 0x11dc  [ EF162817C730DB9355F6C28F2445D206, 84AC974BF163A6EB540744435FD65ADC951ECF1BFF77DBA7D2B5D9F389E1DAD7 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:22:49.0365 0x1dcc  Object send P2P result: true
11:22:49.0368 0x1dcc  Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
11:22:49.0402 0x11dc  WAB Migrate - ok
11:22:49.0403 0x11dc  Waiting for KSN requests completion. In queue: 306
11:22:50.0403 0x11dc  Waiting for KSN requests completion. In queue: 306
11:22:51.0403 0x11dc  Waiting for KSN requests completion. In queue: 306
11:22:52.0403 0x11dc  Waiting for KSN requests completion. In queue: 306
11:22:53.0403 0x11dc  Waiting for KSN requests completion. In queue: 306
11:22:54.0155 0x1dcc  Object send P2P result: true
11:22:54.0158 0x1dcc  Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
11:22:54.0403 0x11dc  Waiting for KSN requests completion. In queue: 193
11:22:55.0403 0x11dc  Waiting for KSN requests completion. In queue: 193
11:22:56.0403 0x11dc  Waiting for KSN requests completion. In queue: 193
11:22:57.0403 0x11dc  Waiting for KSN requests completion. In queue: 193
11:22:58.0403 0x11dc  Waiting for KSN requests completion. In queue: 193
11:22:59.0091 0x1dcc  Object send P2P result: true
11:22:59.0424 0x11dc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
11:22:59.0494 0x11dc  AV detected via SS2: avast! Antivirus, D:\PROGRAMAS\avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
11:22:59.0498 0x11dc  Win FW state via NFP2: enabled ( trusted )
11:23:14.0284 0x11dc  ============================================================
11:23:14.0284 0x11dc  Scan finished
11:23:14.0284 0x11dc  ============================================================
11:23:14.0309 0x158c  Detected object count: 0
11:23:14.0309 0x158c  Actual detected object count: 0
11:26:28.0818 0x13d4  Deinitialize success
 

Attached Files

  • Attached File  MBR.zip   586bytes   0 downloads

Edited by gauchotche, 23 May 2016 - 05:23 PM.


#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 24 May 2016 - 06:57 AM

All good.

Could be your router.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

#11 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 24 May 2016 - 07:12 AM

All good.

Could be your router.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

 

Yes, that fixed it! Could you please explain me how this "infection" works?? is it by changing DNS? If I use the same router but configure my DNS manually in Winows would it fix the problem?

thanks!



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 24 May 2016 - 07:37 AM


Run the Farbar tool and compare these setting now that it has been fixed.

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3576105890-103167945-1411994898-1000] => localhost:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.9.1
Tcpip\..\Interfaces\{9F955654-07FA-4450-B1D4-B2A5AA178751}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{A25C6119-7DC4-47E1-AE84-515A9BA958FE}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{A4F61397-C28C-41E4-B2F7-E3404CD779C5}: [DhcpNameServer] 192.168.9.1


If you need advice on your configuration I suggest you ask in the Networking forum this is not my forty.
http://www.bleepingcomputer.com/forums/f/21/networking/


If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#13 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 24 May 2016 - 07:58 AM

Run the Farbar tool and compare these setting now that it has been fixed.
 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3576105890-103167945-1411994898-1000] => localhost:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.9.1
Tcpip\..\Interfaces\{9F955654-07FA-4450-B1D4-B2A5AA178751}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{A25C6119-7DC4-47E1-AE84-515A9BA958FE}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{A4F61397-C28C-41E4-B2F7-E3404CD779C5}: [DhcpNameServer] 192.168.9.1


If you need advice on your configuration I suggest you ask in the Networking forum this is not my forty.
http://www.bleepingcomputer.com/forums/f/21/networking/


If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

 

I fixed it by connecting to another router / wifi. Thanks for all the help!



#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 PM

Posted 30 May 2016 - 08:24 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users