cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ[code]
OTS logfile created on: 08/04/2015 08:20:28 - Run 1
OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\SFB\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 25,00% Memory free
6,00 Gb Paging File | 3,00 Gb Available in Paging File | 46,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,31 Gb Total Space | 201,89 Gb Free Space | 70,02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 232,88 Gb Total Space | 45,60 Gb Free Space | 19,58% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SFB-PC
Current User Name: SFB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\SFB\Downloads\OTS.exe -> [2015/04/08 08:19:08 | 000,646,656 | ---- | M] (OldTimer Tools)
chrome.exe -> C:\Arquivos de Programas\Google\Chrome\Application\chrome.exe -> [2015/03/30 18:07:57 | 000,809,288 | ---- | M] (Google Inc.)
mbamservice.exe -> C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamservice.exe -> [2015/03/17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation)
mbamscheduler.exe -> C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2015/03/17 06:14:06 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
mbam.exe -> C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbam.exe -> [2015/03/17 06:14:00 | 006,212,408 | ---- | M] (Malwarebytes Corporation)
taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2015/03/10 03:18:29 | 000,049,152 | ---- | M] (Microsoft Corporation)
nav.exe -> C:\Arquivos de Programas\Norton AntiVirus\Engine\21.7.0.11\nav.exe -> [2015/03/07 03:12:11 | 000,262,928 | R--- | M] (Symantec Corporation)
googledrivesync.exe -> C:\Arquivos de Programas\Google\Drive\googledrivesync.exe -> [2015/02/19 14:24:24 | 026,232,152 | ---- | M] (Google)
core.exe -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe -> [2015/02/13 15:47:22 | 000,507,704 | ---- | M] (GAS Tecnologia LTDA)
googlecrashhandler.exe -> C:\Arquivos de Programas\Google\Update\1.3.26.9\GoogleCrashHandler.exe -> [2015/02/08 19:36:59 | 000,232,264 | ---- | M] (Google Inc.)
fcupdateservice.exe -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -> [2015/01/16 18:53:16 | 000,243,880 | ---- | M] (Foxit Software Inc.)
gbpsv.exe -> C:\Arquivos de Programas\GbPlugin\gbpsv.exe -> [2015/01/13 17:02:16 | 000,555,320 | ---- | M] (GAS Tecnologia)
bsplayer.exe -> C:\Arquivos de Programas\Webteh\BSPlayer\bsplayer.exe -> [2014/11/20 05:22:54 | 002,038,784 | ---- | M] (AB Team)
motohelperagent.exe -> C:\Arquivos de Programas\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe -> [2014/09/17 12:18:00 | 000,964,912 | ---- | M] (Motorola Mobility LLC)
foxit reader.exe -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\Foxit Reader.exe -> [2014/08/03 13:23:18 | 037,955,136 | ---- | M] ()
skypec2cautoupdatesvc.exe -> C:\Arquivos de Programas\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -> [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation)
skypec2cpnrsvc.exe -> C:\Arquivos de Programas\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -> [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation)
foxit reader updater.exe -> C:\Users\SFB\AppData\Local\Temp\Foxit Reader Updater.exe -> [2014/06/18 16:37:22 | 011,274,816 | ---- | M] (Foxit Corporation)
motohelperservice.exe -> C:\Arquivos de Programas\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -> [2014/04/08 11:56:40 | 000,137,528 | ---- | M] (Motorola Mobility LLC)
conhost.exe -> C:\Windows\System32\conhost.exe -> [2013/08/01 21:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation)
adsync.exe -> C:\Arquivos de Programas\Autodesk\Autodesk Sync\AdSync.exe -> [2013/02/05 01:18:40 | 000,894,344 | ---- | M] (Autodesk, Inc.)
connect.service.contentservice.exe -> C:\Arquivos de Programas\Autodesk\Content Service\Connect.Service.ContentService.exe -> [2012/12/13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.)
forwarddaemon.exe -> C:\Arquivos de Programas\Motorola\MotForwardDaemon\ForwardDaemon.exe -> [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola)
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
wmpnetwk.exe -> C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -> [2010/11/20 09:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation)
sttray.exe -> C:\Arquivos de Programas\IDT\WDM\sttray.exe -> [2010/04/07 09:35:04 | 000,495,708 | ---- | M] (IDT, Inc.)
stacsv.exe -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\stacsv.exe -> [2010/04/07 09:35:04 | 000,229,458 | ---- | M] (IDT, Inc.)
quickset.exe -> C:\Arquivos de Programas\Dell\QuickSet\quickset.exe -> [2010/01/15 10:26:52 | 003,873,648 | ---- | M] (Dell Inc.)
pdvddxsrv.exe -> C:\Arquivos de Programas\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> [2009/12/29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.)
installfilterservice.exe -> C:\Arquivos de Programas\STMicroelectronics\Accelerometer\InstallFilterService.exe -> [2009/11/29 22:41:08 | 000,060,928 | ---- | M] ()
uns.exe -> C:\Arquivos de Programas\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -> [2009/11/04 18:45:46 | 002,320,920 | ---- | M] (Intel Corporation)
lms.exe -> C:\Arquivos de Programas\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -> [2009/11/04 18:45:44 | 000,268,824 | ---- | M] (Intel Corporation)
btstackserver.exe -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\BTStackServer.exe -> [2009/10/20 09:11:58 | 002,364,704 | ---- | M] (Broadcom Corporation.)
bttray.exe -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\BTTray.exe -> [2009/10/20 09:11:58 | 000,795,936 | ---- | M] (Broadcom Corporation.)
btwdins.exe -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btwdins.exe -> [2009/10/20 09:11:58 | 000,595,232 | ---- | M] (Broadcom Corporation.)
ff_protection.exe -> C:\Arquivos de Programas\STMicroelectronics\Accelerometer\FF_Protection.exe -> [2009/07/22 07:52:12 | 002,384,896 | ---- | M] ()
devicedisplayobjectprovider.exe -> C:\Windows\System32\DeviceDisplayObjectProvider.exe -> [2009/07/13 22:14:16 | 000,086,528 | ---- | M] (Microsoft Corporation)
webcamdell2.exe -> C:\Arquivos de Programas\Dell Webcam\Dell Webcam Central\WebcamDell2.exe -> [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd)
aestsrv.exe -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\AEstSrv.exe -> [2009/03/03 07:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation)
seaport.exe -> C:\Arquivos de Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.)
groovemonitor.exe -> C:\Arquivos de Programas\Microsoft Office\Office12\GrooveMonitor.exe -> [2006/10/27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation)
reminder.exe -> C:\Arquivos de Programas\Microsoft Money\System\REMINDER.EXE -> [1998/07/25 00:00:00 | 000,036,864 | ---- | M] (Microsoft Corporation)

[Modules - No Company Name]
_ssl.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_ssl.pyd -> [2015/04/07 16:30:30 | 001,161,216 | ---- | M] ()
wx._gdi_.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._gdi_.pyd -> [2015/04/07 16:30:30 | 000,805,888 | ---- | M] ()
pywintypes27.dll -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\pywintypes27.dll -> [2015/04/07 16:30:30 | 000,110,080 | ---- | M] ()
_multiprocessing.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_multiprocessing.pyd -> [2015/04/07 16:30:30 | 000,027,136 | ---- | M] ()
hashobjs_ext.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\hashobjs_ext.pyd -> [2015/04/07 16:30:30 | 000,007,168 | ---- | M] ()
wx._core_.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._core_.pyd -> [2015/04/07 16:30:29 | 001,175,040 | ---- | M] ()
wx._controls_.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._controls_.pyd -> [2015/04/07 16:30:29 | 001,062,400 | ---- | M] ()
wx._windows_.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._windows_.pyd -> [2015/04/07 16:30:29 | 000,811,008 | ---- | M] ()
wx._misc_.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._misc_.pyd -> [2015/04/07 16:30:29 | 000,735,232 | ---- | M] ()
_hashlib.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_hashlib.pyd -> [2015/04/07 16:30:29 | 000,713,216 | ---- | M] ()
unicodedata.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\unicodedata.pyd -> [2015/04/07 16:30:29 | 000,686,080 | ---- | M] ()
pysqlite2._sqlite.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\pysqlite2._sqlite.pyd -> [2015/04/07 16:30:29 | 000,682,496 | ---- | M] ()
windows._lib_cacheinvalidation.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\windows._lib_cacheinvalidation.pyd -> [2015/04/07 16:30:29 | 000,525,640 | ---- | M] ()
pythoncom27.dll -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\pythoncom27.dll -> [2015/04/07 16:30:29 | 000,364,544 | ---- | M] ()
win32com.shell.shell.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32com.shell.shell.pyd -> [2015/04/07 16:30:29 | 000,320,512 | ---- | M] ()
win32gui.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32gui.pyd -> [2015/04/07 16:30:29 | 000,167,936 | ---- | M] ()
_elementtree.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_elementtree.pyd -> [2015/04/07 16:30:29 | 000,128,512 | ---- | M] ()
pyexpat.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\pyexpat.pyd -> [2015/04/07 16:30:29 | 000,127,488 | ---- | M] ()
wx._wizard.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._wizard.pyd -> [2015/04/07 16:30:29 | 000,122,368 | ---- | M] ()
win32file.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32file.pyd -> [2015/04/07 16:30:29 | 000,119,808 | ---- | M] ()
win32security.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32security.pyd -> [2015/04/07 16:30:29 | 000,108,544 | ---- | M] ()
win32api.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32api.pyd -> [2015/04/07 16:30:29 | 000,098,816 | ---- | M] ()
_ctypes.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_ctypes.pyd -> [2015/04/07 16:30:29 | 000,087,552 | ---- | M] ()
wx._animate.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._animate.pyd -> [2015/04/07 16:30:29 | 000,078,336 | ---- | M] ()
wx._html2.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\wx._html2.pyd -> [2015/04/07 16:30:29 | 000,070,656 | ---- | M] ()
_socket.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_socket.pyd -> [2015/04/07 16:30:29 | 000,045,568 | ---- | M] ()
win32inet.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32inet.pyd -> [2015/04/07 16:30:29 | 000,038,912 | ---- | M] ()
win32process.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32process.pyd -> [2015/04/07 16:30:29 | 000,035,840 | ---- | M] ()
win32pdh.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32pdh.pyd -> [2015/04/07 16:30:29 | 000,025,600 | ---- | M] ()
win32pipe.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32pipe.pyd -> [2015/04/07 16:30:29 | 000,024,064 | ---- | M] ()
win32ts.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32ts.pyd -> [2015/04/07 16:30:29 | 000,022,528 | ---- | M] ()
_yappi.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\_yappi.pyd -> [2015/04/07 16:30:29 | 000,020,480 | ---- | M] ()
win32event.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32event.pyd -> [2015/04/07 16:30:29 | 000,018,432 | ---- | M] ()
win32profile.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32profile.pyd -> [2015/04/07 16:30:29 | 000,017,408 | ---- | M] ()
win32crypt.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\win32crypt.pyd -> [2015/04/07 16:30:29 | 000,011,264 | ---- | M] ()
select.pyd -> C:\Users\SFB\AppData\Local\Temp\_MEI36482\select.pyd -> [2015/04/07 16:30:29 | 000,010,240 | ---- | M] ()
pdf.dll -> C:\Arquivos de Programas\Google\Chrome\Application\41.0.2272.118\pdf.dll -> [2015/03/30 18:07:56 | 009,279,304 | ---- | M] ()
libglesv2.dll -> C:\Arquivos de Programas\Google\Chrome\Application\41.0.2272.118\libglesv2.dll -> [2015/03/30 18:07:54 | 001,174,856 | ---- | M] ()
libegl.dll -> C:\Arquivos de Programas\Google\Chrome\Application\41.0.2272.118\libegl.dll -> [2015/03/30 18:07:54 | 000,080,200 | ---- | M] ()
ssj2mdu.dll -> C:\Windows\System32\spool\drivers\w32x86\3\ssj2mdu.dll -> [2014/12/22 10:19:04 | 000,998,912 | ---- | M] ()
foxit reader.exe -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\Foxit Reader.exe -> [2014/08/03 13:23:18 | 037,955,136 | ---- | M] ()
commentssummary.fpi -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\plugins\CommentsSummary.fpi -> [2014/04/22 13:38:00 | 007,000,576 | ---- | M] ()
speech.fpi -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\plugins\Speech.fpi -> [2014/04/14 13:35:26 | 001,746,432 | ---- | M] ()
qca_ad_2.dll -> C:\Arquivos de Programas\Autodesk\Autodesk Sync\qca_Ad_2.dll -> [2013/02/05 00:21:38 | 000,744,992 | ---- | M] ()
qjson.dll -> C:\Arquivos de Programas\Autodesk\Autodesk Sync\QJson.dll -> [2013/02/05 00:21:38 | 000,106,016 | ---- | M] ()
qoauth_ad_1.dll -> C:\Arquivos de Programas\Autodesk\Autodesk Sync\qoauth_Ad_1.dll -> [2013/02/05 00:21:38 | 000,049,184 | ---- | M] ()
qtsolutions_mfcmigrationframework_ad_2.dll -> C:\Arquivos de Programas\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll -> [2013/02/05 00:21:38 | 000,039,456 | ---- | M] ()
ffmpeg.dll -> C:\Users\SFB\AppData\Roaming\BSplayer\FFDShow\ffmpeg.dll -> [2012/04/09 00:42:58 | 004,427,264 | ---- | M] ()
ffdshow.ax -> C:\Users\SFB\AppData\Roaming\BSplayer\FFDShow\ffdshow.ax -> [2012/04/09 00:40:34 | 003,470,848 | ---- | M] ()
ff_liba52.dll -> C:\Users\SFB\AppData\Roaming\BSplayer\FFDShow\ff_liba52.dll -> [2012/04/09 00:39:28 | 000,115,200 | ---- | M] ()
btkeyind.dll -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\BTKeyInd.dll -> [2009/10/20 09:12:10 | 000,132,384 | ---- | M] ()
ac3filter_intl.dll -> C:\Users\SFB\AppData\Roaming\BSplayer\AC3 Filter\ac3filter_intl.dll -> [2009/08/11 21:21:20 | 001,021,440 | ---- | M] ()
ac3filter.ax -> C:\Users\SFB\AppData\Roaming\BSplayer\AC3 Filter\ac3filter.ax -> [2009/08/11 21:19:04 | 000,797,184 | ---- | M] ()
ff_protection.exe -> C:\Arquivos de Programas\STMicroelectronics\Accelerometer\FF_Protection.exe -> [2009/07/22 07:52:12 | 002,384,896 | ---- | M] ()
rarext.dll -> C:\Arquivos de Programas\WinRAR\RarExt.dll -> [2008/09/16 19:18:06 | 000,132,608 | ---- | M] ()
ac3filter.acm -> C:\Windows\System32\ac3filter.acm -> [2008/07/09 06:05:50 | 000,421,888 | ---- | M] ()
oldskin.dll -> C:\Arquivos de Programas\Webteh\BSPlayer\plugins\oldskin.dll -> [2005/08/14 17:09:38 | 000,111,616 | ---- | M] ()

[Win32 Services - Safe List]
(MBAMService) MBAMService [Auto | Running] -> C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -> [2015/03/17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation)
(MBAMScheduler) MBAMScheduler [Auto | Running] -> C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2015/03/17 06:14:06 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -> [2015/03/13 10:25:59 | 000,268,464 | ---- | M] (Adobe Systems Incorporated)
(MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -> [2015/03/09 16:47:03 | 000,148,080 | ---- | M] (Mozilla Foundation)
(chromoting) Serviço Área de trabalho remota do Google Chrome [On_Demand | Stopped] -> C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe -> [2015/03/08 20:36:40 | 000,056,648 | ---- | M] (Google Inc.)
(NAV) Norton AntiVirus [Unknown | Running] -> C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe -> [2015/03/07 03:12:11 | 000,262,928 | R--- | M] (Symantec Corporation)
(Warsaw Technology) Warsaw Technology [Auto | Running] -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe -> [2015/02/13 15:47:22 | 000,507,704 | ---- | M] (GAS Tecnologia LTDA)
(FoxitCloudUpdateService) Foxit Cloud Safe Update Service [Auto | Running] -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -> [2015/01/16 18:53:16 | 000,243,880 | ---- | M] (Foxit Software Inc.)
(GbpSv) Gbp Service [Unknown | Running] -> C:\Arquivos de Programas\GbPlugin\gbpsv.exe -> [2015/01/13 17:02:16 | 000,555,320 | ---- | M] (GAS Tecnologia)
(FlexNet Licensing Service) FlexNet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2015/01/08 10:29:42 | 001,064,312 | ---- | M] (Flexera Software LLC)
(SkypeUpdate) Skype Updater [Auto | Stopped] -> C:\Program Files\Skype\Updater\Updater.exe -> [2015/01/02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies)
(WatAdminSvc) Serviço de Tecnologias de Ativação do Windows [Unknown | Stopped] -> C:\Windows\System32\Wat\WatAdminSvc.exe -> [2014/12/29 03:01:38 | 001,343,400 | ---- | M] (Microsoft Corporation)
(c2cautoupdatesvc) Skype Click to Call Updater [Auto | Running] -> C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -> [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation)
(c2cpnrsvc) Skype Click to Call PNR Service [Auto | Running] -> C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -> [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation)
(Motorola Device Manager) Motorola Device Manager Service [Auto | Running] -> C:\Arquivos de Programas\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -> [2014/04/08 11:56:40 | 000,137,528 | ---- | M] (Motorola Mobility LLC)
(BITCOMET_HELPER_SERVICE) BitComet Disk Boost Service [On_Demand | Stopped] -> C:\Program Files\BitComet\tools\BitCometService.exe -> [2013/11/29 04:23:38 | 001,296,728 | ---- | M] (www.BitComet.com)
(WinDefend) Windows Defender [On_Demand | Stopped] -> C:\Arquivos de Programas\Windows Defender\MpSvc.dll -> [2013/05/27 01:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation)
(Autodesk Content Service) Autodesk Content Service [Auto | Running] -> C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -> [2012/12/13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.)
(PST Service) PST Service [Auto | Running] -> C:\Arquivos de Programas\Motorola\MotForwardDaemon\ForwardDaemon.exe -> [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola)
(STacSV) Audio Service [Auto | Running] -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\stacsv.exe -> [2010/04/07 09:35:04 | 000,229,458 | ---- | M] (IDT, Inc.)
(InstallFilterService) FF Install Filter Service [Auto | Running] -> C:\Arquivos de Programas\STMicroelectronics\Accelerometer\InstallFilterService.exe -> [2009/11/29 22:41:08 | 000,060,928 | ---- | M] ()
(UNS) Intel(R) Management & Security Application User Notification Service [Auto | Running] -> C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -> [2009/11/04 18:45:46 | 002,320,920 | ---- | M] (Intel Corporation)
(LMS) Intel(R) Management and Security Application Local Management Service [Auto | Running] -> C:\Arquivos de Programas\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -> [2009/11/04 18:45:44 | 000,268,824 | ---- | M] (Intel Corporation)
(btwdins) Bluetooth Service [Auto | Running] -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btwdins.exe -> [2009/10/20 09:11:58 | 000,595,232 | ---- | M] (Broadcom Corporation.)
(StorSvc) Serviço de Armazenamento [On_Demand | Stopped] -> C:\Windows\System32\StorSvc.dll -> [2009/07/13 22:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation)
(SensrSvc) Brilho Adaptável [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation)
(PeerDistSvc) BranchCache [On_Demand | Stopped] -> C:\Windows\System32\PeerDistSvc.dll -> [2009/07/13 22:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation)
(AESTFilters) Andrea ST Filters Service [Auto | Running] -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\AEstSrv.exe -> [2009/03/03 07:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation)

[Driver Services - Safe List]
(MBAMSwissArmy) MBAMSwissArmy [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\MBAMSwissArmy.sys -> [2015/04/08 07:59:24 | 000,119,512 | ---- | M] (Malwarebytes Corporation)
(IDSVix86) IDSVix86 [Kernel | System | Running] -> C:\Arquivos de Programas\Norton AntiVirus\NortonData\21.0.0.100\Definitions\IPSDefs\20150407.001\IDSvix86.sys -> [2015/03/27 09:51:25 | 000,505,048 | ---- | M] (Symantec Corporation)
(MBAMWebAccessControl) MBAMWebAccessControl [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mwac.sys -> [2015/03/17 06:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation)
(MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mbam.sys -> [2015/03/17 06:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation)
(WinDivert1.1) WinDivert1.1 [Kernel | Disabled | Running] -> C:\Windows\System32\WinDivert32.sys -> [2015/02/13 15:47:22 | 000,030,936 | ---- | M] (Basil's Projects)
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\Arquivos de Programas\Norton AntiVirus\NortonData\21.0.0.100\Definitions\VirusDefs\20150407.017\NAVEX15.SYS -> [2015/02/11 16:34:54 | 001,636,696 | ---- | M] (Symantec Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Arquivos de Programas\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2015/02/11 16:34:54 | 000,378,672 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Arquivos de Programas\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2015/02/11 16:34:54 | 000,111,408 | ---- | M] (Symantec Corporation)
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\Arquivos de Programas\Norton AntiVirus\NortonData\21.0.0.100\Definitions\VirusDefs\20150407.017\NAVENG.SYS -> [2015/02/11 16:34:54 | 000,095,704 | ---- | M] (Symantec Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SYMEVENT.SYS -> [2015/02/11 16:07:42 | 000,142,936 | ---- | M] (Symantec Corporation)
(BHDrvx86) BHDrvx86 [Kernel | System | Running] -> C:\Arquivos de Programas\Norton AntiVirus\NortonData\21.0.0.100\Definitions\BASHDefs\20150321.001\BHDrvx86.sys -> [2015/02/03 02:08:20 | 001,164,504 | ---- | M] (Symantec Corporation)
(GbpKm) Gbp KernelMode [Kernel | Boot | Running] -> C:\Windows\system32\drivers\gbpkm.sys -> [2015/01/13 17:02:16 | 000,046,552 | ---- | M] (GAS Tecnologia)
(ndisrd) GAS Tecnologia Filter Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\gbpndisrdn.sys -> [2015/01/08 10:33:55 | 000,029,400 | ---- | M] (GAS Tecnologia)
(dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\dtsoftbus01.sys -> [2014/12/26 14:53:17 | 000,242,240 | ---- | M] (DT Soft Ltd)
(SymNetS) Symantec Network Security WFP Driver [Kernel | System | Running] -> C:\Windows\System32\Drivers\NAV\1507000.00B\SYMNETS.SYS -> [2014/08/25 23:26:58 | 000,447,704 | ---- | M] (Symantec Corporation)
(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\system32\drivers\NAV\1507000.00B\SYMEFA.SYS -> [2014/08/25 23:26:57 | 000,936,152 | ---- | M] (Symantec Corporation)
(SRTSP) Symantec Real Time Storage Protection [File_System | On_Demand | Running] -> C:\Windows\System32\Drivers\NAV\1507000.00B\SRTSP.SYS -> [2014/08/25 23:20:22 | 000,664,792 | ---- | M] (Symantec Corporation)
(SRTSPX) Symantec Real Time Storage Protection (PEL) [Kernel | System | Running] -> C:\Windows\system32\drivers\NAV\1507000.00B\SRTSPX.SYS -> [2014/08/25 23:20:22 | 000,032,984 | ---- | M] (Symantec Corporation)
(SymIRON) Symantec Iron Driver [Kernel | System | Running] -> C:\Windows\system32\drivers\NAV\1507000.00B\Ironx86.SYS -> [2014/08/06 16:48:16 | 000,209,624 | ---- | M] (Symantec Corporation)
(ccSet_NAV) NAV Settings Manager [Kernel | System | Running] -> C:\Windows\system32\drivers\NAV\1507000.00B\ccSetx86.sys -> [2014/02/20 20:14:34 | 000,127,064 | ---- | M] (Symantec Corporation)
(SymDS) Symantec Data Store [Kernel | Boot | Running] -> C:\Windows\system32\drivers\NAV\1507000.00B\SYMDS.SYS -> [2013/08/01 00:19:50 | 000,367,704 | R--- | M] (Symantec Corporation)
(vmbus) Barramento da Máquina Virtual [Kernel | Boot | Running] -> C:\Windows\system32\drivers\vmbus.sys -> [2010/11/20 09:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation)
(storflt) Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco [Kernel | Boot | Running] -> C:\Windows\system32\drivers\vmstorfl.sys -> [2010/11/20 09:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation)
(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\storvsc.sys -> [2010/11/20 09:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation)
(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\TsUsbFlt.sys -> [2010/11/20 07:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation)
(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2010/11/20 06:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation)
(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\VMBusHID.sys -> [2010/11/20 06:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation)
(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\vms3cap.sys -> [2010/11/20 06:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation)
(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\stwrt.sys -> [2010/04/07 09:35:04 | 000,423,936 | ---- | M] (IDT, Inc.)
(IntcDAud) Áudio do vídeo Intel(R) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\IntcDAud.sys -> [2010/02/03 11:36:34 | 000,232,960 | ---- | M] (Intel(R) Corporation)
(Impcd) Impcd [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Impcd.sys -> [2009/10/27 01:39:04 | 000,125,696 | ---- | M] (Intel Corporation)
(HECI) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HECI.sys -> [2009/09/17 17:54:14 | 000,041,088 | ---- | M] (Intel Corporation)
(RSUSBSTOR) RtsUStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\RtsUStor.sys -> [2009/08/10 16:06:08 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.)
(vwifimp) Microsoft Virtual WiFi Miniport Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\vwifimp.sys -> [2009/07/13 20:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation)
(CtClsFlt) Creative Camera Class Upper Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CtClsFlt.sys -> [2009/06/15 13:05:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.)
(CtAudDrv) Provides advanced audio effects for audio devices. [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\CtAudDrv.sys -> [2009/05/28 10:48:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://g.msn.com/USSMB/5 ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://g.msn.com/USSMB/5 ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Users\SFB\AppData\Roaming\Mozilla\FireFox\Profiles\k8bi6p3b.default\prefs.js ->
browser.search.countryCode -> "BR" ->
browser.search.highlightCount -> 4 ->
browser.search.region -> "BR" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Mozilla Firefox 36.0.1\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components -> C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS ->
HKLM\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins -> C:\Arquivos de Programas\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2015/03/31 12:25:29 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Users\SFB\AppData\Roaming\mozilla\Extensions -> [2015/03/03 14:40:09 | 000,000,000 | ---D | M]
-> C:\Users\SFB\AppData\Roaming\mozilla\Firefox\Profiles\k8bi6p3b.default\extensions -> [2015/03/15 11:48:30 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Arquivos de Programas\Mozilla Firefox\browser\extensions -> [2015/04/07 13:30:50 | 000,000,000 | ---D | M]
Default -> C:\Arquivos de Programas\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2015/03/09 16:47:04 | 000,000,000 | ---D | M]
GBBD Banco do Brasil -> C:\USERS\SFB\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\BB\XPI -> [2015/03/30 09:26:52 | 000,000,000 | ---D | M]
< FireFox Components [Program Folders] > ->
< HOSTS File > ([2015/04/08 07:53:45 | 000,000,822 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll [Lync Browser Helper] -> [2012/10/01 20:33:44 | 000,139,368 | ---- | M] (Microsoft Corporation)
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> C:\Arquivos de Programas\BitComet\tools\BitCometBHO_1.5.4.11.dll [BitComet Helper] -> [2013/11/29 04:23:38 | 000,767,280 | ---- | M] (BitComet)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Arquivos de Programas\Norton AntiVirus\Engine\21.7.0.11\ips\ipsbho.dll [Norton Vulnerability Protection] -> [2015/03/05 00:25:05 | 000,392,344 | R--- | M] (Symantec Corporation)
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Arquivos de Programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [Search Helper] -> [2009/01/14 17:49:24 | 000,092,504 | ---- | M] (Microsoft Corp.)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2006/10/27 00:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Arquivos de Programas\Java\jre7\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2015/02/11 16:20:52 | 000,462,760 | ---- | M] (Oracle Corporation)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Auxiliar de Conexão do Windows Live] -> [2009/01/22 15:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype Click to Call for Internet Explorer] -> [2014/07/14 18:20:52 | 001,709,152 | ---- | M] (Microsoft Corporation)
{B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\URLREDIR.DLL [Office Document Cache Handler] -> [2012/10/01 20:31:22 | 000,704,664 | ---- | M] (Microsoft Corporation)
{C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Arquivos de Programas\GbPlugin\gbieh.dll [GbIehObj Class] -> [2015/01/13 17:02:16 | 001,836,928 | ---- | M] (Banco do Brasil)
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\GROOVEEX.DLL [Microsoft SkyDrive Pro Browser Helper] -> [2012/10/01 20:33:32 | 001,720,976 | ---- | M] (Microsoft Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Arquivos de Programas\Java\jre7\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2015/02/11 16:20:52 | 000,171,944 | ---- | M] (Oracle Corporation)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Arquivos de Programas\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 18:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Arquivos de Programas\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Arquivos de Programas\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DBRMTray" -> C:\dell\DBRM\Reminder\DbrmTrayicon.exe [C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe] -> [2010/05/20 13:39:42 | 000,206,336 | ---- | M] (Microsoft)
"Dell Webcam Central" -> C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe ["C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2] -> [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd)
"Diebold - Warsaw" -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe [C:\Program Files\Diebold\Warsaw\core.exe] -> [2015/02/13 15:47:22 | 000,507,704 | ---- | M] (GAS Tecnologia LTDA)
"FreeFallProtection" -> C:\Arquivos de Programas\STMicroelectronics\Accelerometer\FF_Protection.exe [C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe] -> [2009/07/22 07:52:12 | 002,384,896 | ---- | M] ()
"PDVDDXSrv" -> C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> [2009/12/29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.)
"QuickSet" -> C:\Arquivos de Programas\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\QuickSet.exe] -> [2010/01/15 10:26:52 | 003,873,648 | ---- | M] (Dell Inc.)
"SysTrayApp" -> C:\Arquivos de Programas\IDT\WDM\sttray.exe [%ProgramFiles%\IDT\WDM\sttray.exe] -> [2010/04/07 09:35:04 | 000,495,708 | ---- | M] (IDT, Inc.)
< RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"DBRMTray" -> C:\dell\DBRM\Reminder\TrayApp.exe [C:\Dell\DBRM\Reminder\TrayApp.exe] -> [2010/02/04 20:22:28 | 000,007,168 | ---- | M] (Microsoft)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Autodesk Sync" -> C:\Arquivos de Programas\Autodesk\Autodesk Sync\AdSync.exe [C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe] -> [2013/02/05 01:18:40 | 000,894,344 | ---- | M] (Autodesk, Inc.)
"DAEMON Tools Lite" -> C:\Program Files\DAEMON Tools Lite\DTLite.exe ["C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2012/04/17 12:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"GoogleChromeAutoLaunch_943FBAACB0AF531E192D860BD0C10441" -> C:\Program Files\Google\Chrome\Application\chrome.exe ["C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window] -> [2015/03/30 18:07:57 | 000,809,288 | ---- | M] (Google Inc.)
"GoogleDriveSync" -> C:\Program Files\Google\Drive\googledrivesync.exe ["C:\Program Files\Google\Drive\googledrivesync.exe" /autostart] -> [2015/02/19 14:24:24 | 026,232,152 | ---- | M] (Google)
"Reminder" -> C:\Arquivos de Programas\Microsoft Money\System\REMINDER.EXE [C:\Program Files\Microsoft Money\System\reminder.exe] -> [1998/07/25 00:00:00 | 000,036,864 | ---- | M] (Microsoft Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"" -> [] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&B&aixar &com o BitComet -> C:\Program Files\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm] -> [2013/12/31 04:27:32 | 014,276,784 | ---- | M] (www.BitComet.com)
&B&aixar tudo usando o BitComet -> C:\Program Files\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm] -> [2013/12/31 04:27:32 | 014,276,784 | ---- | M] (www.BitComet.com)
&Enviar para o OneNote -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [res://C:\PROGRA~1\MIF5BA~1\Office15\ONBttnIE.dll/105] -> [2012/10/01 20:32:48 | 000,588,448 | ---- | M] (Microsoft Corporation)
E&xportar para o Microsoft Excel -> C:\Arquivos de Programas\Microsoft Office\Office15\EXCEL.EXE [res://C:\PROGRA~1\MIF5BA~1\Office15\EXCEL.EXE/3000] -> [2012/10/01 20:32:48 | 025,584,768 | ---- | M] (Microsoft Corporation)
Enviar imagem para Dispositivo &Bluetooth... -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2008/12/10 11:36:32 | 000,001,430 | ---- | M] ()
Enviar página para Dispositivo &Bluetooth ... -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2009/08/28 19:17:14 | 000,004,037 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll [Button: Incluir no Blog] -> [2009/07/26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Incluir no Blog no Windows Live Writer] -> [2009/07/26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [Button: Enviar para o OneNote] -> [2012/10/01 20:32:48 | 000,588,448 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2012/10/01 20:32:48 | 000,588,448 | ---- | M] (Microsoft Corporation)
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}:{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll [Button: Clique para Telefonar do Lync] -> [2012/10/01 20:33:44 | 000,139,368 | ---- | M] (Microsoft Corporation)
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}:{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll [Menu: Clique para Telefonar do Lync] -> [2012/10/01 20:33:44 | 000,139,368 | ---- | M] (Microsoft Corporation)
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [Button: &Anotações Vinculadas do OneNote] -> [2012/10/01 20:32:48 | 000,464,032 | ---- | M] (Microsoft Corporation)
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [Menu: &Anotações Vinculadas do OneNote] -> [2012/10/01 20:32:48 | 000,464,032 | ---- | M] (Microsoft Corporation)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype Click to Call settings] -> [2014/07/14 18:20:52 | 001,709,152 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 000,040,424 | ---- | M] (Microsoft Corporation)
{CCA281CA-C863-46ef-9331-5C8D4460577F}:c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015] -> [2009/08/28 19:17:14 | 000,004,037 | ---- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}:c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> c:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650] -> [2009/08/28 19:17:14 | 000,004,037 | ---- | M] ()
{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}:res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 [HKLM] -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [Button: BitComet] -> [2013/11/29 04:23:38 | 000,767,280 | ---- | M] (BitComet)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3 domain(s) found. ->
www_bancobrasil.com.br [*] -> Trusted sites ->
www14_bancobrasil.com.br [*] -> Trusted sites ->
www14_bancobrasil.com.br [https] -> Trusted sites ->
www2_bancobrasil.com.br [*] -> Trusted sites ->
www2_bancobrasil.com.br [https] -> Trusted sites ->
seg_bb.com.br [https] -> Trusted sites ->
www_bb.com.br [*] -> Trusted sites ->
www_bb.com.br [http] -> Trusted sites ->
espiritosanto_sharepoint.com [https] -> Trusted sites ->
espiritosanto-my_sharepoint.com [https] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.25.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{43676DA0-9529-4364-98BC-21CA25D0999E}\\DhcpNameServer -> 192.168.1.1 (Realtek PCIe GBE Family Controller) ->
{4CAEBE8B-827D-4428-AB0D-A99328A4130B}\\DhcpNameServer -> 192.168.25.1 (Miniplaca de Wireless-N de meia altura DW1520) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2010/11/20 09:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009/07/13 22:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GbPluginBb -> C:\Arquivos de Programas\GbPlugin\gbieh.dll -> [2015/01/13 17:02:16 | 001,836,928 | ---- | M] (Banco do Brasil)
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2006/10/27 00:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation)
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\Arquivos de Programas\GbPlugin\gbieh.dll [GbPlugin ShlObj] -> [2015/01/13 17:02:16 | 001,836,928 | ---- | M] (Banco do Brasil)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Driver de CD-ROM ->
"ImagePath" -> C:\Windows\system32\drivers\cdrom.sys [\SystemRoot\system32\drivers\cdrom.sys] -> [2010/11/20 05:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009/06/10 18:42:20 | 000,000,024 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->


[Files/Folders - Created Within 30 Days]
MBAMSwissArmy.sys -> C:\Windows\System32\drivers\MBAMSwissArmy.sys -> [2015/04/08 07:59:24 | 000,119,512 | ---- | C] (Malwarebytes Corporation)
Malwarebytes Anti-Malware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware -> [2015/04/08 07:59:01 | 000,000,000 | ---D | C]
mbamchameleon.sys -> C:\Windows\System32\drivers\mbamchameleon.sys -> [2015/04/08 07:58:58 | 000,092,888 | ---- | C] (Malwarebytes Corporation)
mwac.sys -> C:\Windows\System32\drivers\mwac.sys -> [2015/04/08 07:58:58 | 000,051,928 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2015/04/08 07:58:58 | 000,023,256 | ---- | C] (Malwarebytes Corporation)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes Anti-Malware -> [2015/04/08 07:58:58 | 000,000,000 | ---D | C]
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2015/04/08 07:58:58 | 000,000,000 | ---D | C]
LinhaDefensiva -> C:\LinhaDefensiva -> [2015/04/08 07:52:21 | 000,000,000 | ---D | C]
Dispositivos Bluetooth -> C:\Users\SFB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth -> [2015/04/08 07:45:26 | 000,000,000 | ---D | C]
SamsungPrinterLiveUpdateInstaller -> C:\Program Files\SamsungPrinterLiveUpdateInstaller -> [2015/04/07 16:41:47 | 000,000,000 | ---D | C]
SamsungPrinterLiveUpdate -> C:\Program Files\SamsungPrinterLiveUpdate -> [2015/04/07 16:41:47 | 000,000,000 | ---D | C]
Imprimir para PROVA DE SEGURANCA -> C:\Users\SFB\Desktop\Imprimir para PROVA DE SEGURANCA -> [2015/04/07 14:52:35 | 000,000,000 | ---D | C]
Tracing -> C:\Users\SFB\Tracing -> [2015/04/07 13:31:23 | 000,000,000 | ---D | C]
GWX -> C:\Windows\System32\GWX -> [2015/04/07 13:18:30 | 000,000,000 | --SD | C]
Modelos Personalizados do Office -> C:\Users\SFB\Documents\Modelos Personalizados do Office -> [2015/04/06 08:58:55 | 000,000,000 | ---D | C]
WinDivert.dll -> C:\Windows\System32\WinDivert.dll -> [2015/04/03 10:49:37 | 000,030,520 | ---- | C] (Basil's Projects)
Package Cache -> C:\ProgramData\Package Cache -> [2015/04/03 10:49:21 | 000,000,000 | ---D | C]
WinDivert32.sys -> C:\Windows\System32\WinDivert32.sys -> [2015/04/03 10:48:57 | 000,030,936 | ---- | C] (Basil's Projects)
GAS Tecnologia -> C:\Program Files\GAS Tecnologia -> [2015/04/03 10:48:57 | 000,000,000 | -H-D | C]
Diebold -> C:\Program Files\Diebold -> [2015/04/03 10:48:57 | 000,000,000 | ---D | C]
CM 01-02 -> C:\Users\SFB\Desktop\CM 01-02 -> [2015/04/03 10:20:31 | 000,000,000 | ---D | C]
MiniTool Power Data Recovery 6.8 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8 -> [2015/04/02 15:08:18 | 000,000,000 | ---D | C]
PowerDataRecovery -> C:\Program Files\PowerDataRecovery -> [2015/04/02 15:08:17 | 000,000,000 | ---D | C]
Arquivos recuperados HD Eduardo -> C:\Users\SFB\Desktop\Arquivos recuperados HD Eduardo -> [2015/04/02 15:00:59 | 000,000,000 | ---D | C]
Recuva -> C:\Program Files\Recuva -> [2015/04/02 14:51:10 | 000,000,000 | ---D | C]
Microsoft Office 2013 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 -> [2015/03/31 12:27:37 | 000,000,000 | ---D | C]
regid.1991-06.com.microsoft -> C:\ProgramData\regid.1991-06.com.microsoft -> [2015/03/31 12:26:01 | 000,000,000 | ---D | C]
Microsoft SQL Server -> C:\Program Files\Microsoft SQL Server -> [2015/03/31 12:25:12 | 000,000,000 | ---D | C]
Microsoft Analysis Services -> C:\Program Files\Microsoft Analysis Services -> [2015/03/31 12:20:48 | 000,000,000 | ---D | C]
money 99 -> C:\Users\SFB\Desktop\money 99 -> [2015/03/25 16:15:52 | 000,000,000 | ---D | C]
WMPhoto.dll -> C:\Windows\System32\WMPhoto.dll -> [2015/03/17 09:58:31 | 000,417,792 | ---- | C] (Microsoft Corporation)
msmpeg2vdec.dll -> C:\Windows\System32\msmpeg2vdec.dll -> [2015/03/17 09:37:03 | 002,285,056 | ---- | C] (Microsoft Corporation)
Motorola -> C:\ProgramData\Motorola -> [2015/03/16 14:23:09 | 000,000,000 | ---D | C]
Temp -> C:\Temp -> [2015/03/16 14:08:54 | 000,000,000 | ---D | C]
Motorola Mobility -> C:\Users\SFB\AppData\Roaming\Motorola Mobility -> [2015/03/16 14:08:54 | 000,000,000 | ---D | C]
Motorola Device Manager -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager -> [2015/03/16 14:07:48 | 000,000,000 | ---D | C]
MSSoap -> C:\Program Files\Common Files\MSSoap -> [2015/03/16 14:07:47 | 000,000,000 | ---D | C]
Motorola Mobility -> C:\Program Files\Motorola Mobility -> [2015/03/16 14:07:47 | 000,000,000 | ---D | C]
Motorola -> C:\Program Files\Motorola -> [2015/03/16 14:07:47 | 000,000,000 | ---D | C]
MSXML 4.0 -> C:\Program Files\MSXML 4.0 -> [2015/03/16 14:07:31 | 000,000,000 | ---D | C]
Motorola Shared -> C:\Program Files\Common Files\Motorola Shared -> [2015/03/16 14:06:10 | 000,000,000 | ---D | C]
Motorola -> C:\Users\SFB\AppData\Roaming\Motorola -> [2015/03/16 14:05:14 | 000,000,000 | ---D | C]
fsutil.exe -> C:\Windows\System32\fsutil.exe -> [2015/03/16 09:23:21 | 000,074,240 | ---- | C] (Microsoft Corporation)
DWrite.dll -> C:\Windows\System32\DWrite.dll -> [2015/03/16 09:23:17 | 001,247,744 | ---- | C] (Microsoft Corporation)
d3d10warp.dll -> C:\Windows\System32\d3d10warp.dll -> [2015/03/16 09:23:14 | 001,987,584 | ---- | C] (Microsoft Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2015/03/16 09:22:33 | 002,616,320 | ---- | C] (Microsoft Corporation)
KBDYAK.DLL -> C:\Windows\System32\KBDYAK.DLL -> [2015/03/16 09:18:26 | 000,006,144 | ---- | C] (Microsoft Corporation)
KBDTAT.DLL -> C:\Windows\System32\KBDTAT.DLL -> [2015/03/16 09:18:26 | 000,006,144 | ---- | C] (Microsoft Corporation)
KBDRU1.DLL -> C:\Windows\System32\KBDRU1.DLL -> [2015/03/16 09:18:26 | 000,006,144 | ---- | C] (Microsoft Corporation)
KBDBASH.DLL -> C:\Windows\System32\KBDBASH.DLL -> [2015/03/16 09:18:26 | 000,006,144 | ---- | C] (Microsoft Corporation)
KBDRU.DLL -> C:\Windows\System32\KBDRU.DLL -> [2015/03/16 09:18:26 | 000,005,632 | ---- | C] (Microsoft Corporation)
d2d1.dll -> C:\Windows\System32\d2d1.dll -> [2015/03/16 09:18:21 | 003,419,136 | ---- | C] (Microsoft Corporation)
WUDFPlatform.dll -> C:\Windows\System32\WUDFPlatform.dll -> [2015/03/15 03:29:11 | 000,172,032 | ---- | C] (Microsoft Corporation)
WUDFx.dll -> C:\Windows\System32\WUDFx.dll -> [2015/03/15 03:29:10 | 000,613,888 | ---- | C] (Microsoft Corporation)
WUDFCoinstaller.dll -> C:\Windows\System32\WUDFCoinstaller.dll -> [2015/03/15 03:29:10 | 000,038,912 | ---- | C] (Microsoft Corporation)
infocardapi.dll -> C:\Windows\System32\infocardapi.dll -> [2015/03/15 03:28:04 | 000,099,480 | ---- | C] (Microsoft Corporation)
icardres.dll -> C:\Windows\System32\icardres.dll -> [2015/03/15 03:27:59 | 000,008,856 | ---- | C] (Microsoft Corporation)
icardagt.exe -> C:\Windows\System32\icardagt.exe -> [2015/03/15 03:27:54 | 000,619,672 | ---- | C] (Microsoft Corporation)
TsWpfWrp.exe -> C:\Windows\System32\TsWpfWrp.exe -> [2015/03/15 03:27:52 | 000,035,480 | ---- | C] (Microsoft Corporation)
XpsPrint.dll -> C:\Windows\System32\XpsPrint.dll -> [2015/03/15 03:06:44 | 001,158,144 | ---- | C] (Microsoft Corporation)
XpsGdiConverter.dll -> C:\Windows\System32\XpsGdiConverter.dll -> [2015/03/15 03:06:44 | 000,364,544 | ---- | C] (Microsoft Corporation)
api-ms-win-downlevel-advapi32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,010,752 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-shlwapi-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,009,728 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-shlwapi-l2-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll -> [2015/03/15 03:06:44 | 000,005,632 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-ole32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,005,632 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-user32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-advapi32-l2-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll -> [2015/03/15 03:06:44 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-version-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-shell32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-downlevel-normaliz-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,002,560 | -H-- | C] (Microsoft Corporation)
d3d10.dll -> C:\Windows\System32\d3d10.dll -> [2015/03/15 03:06:43 | 001,080,832 | ---- | C] (Microsoft Corporation)
d3d10level9.dll -> C:\Windows\System32\d3d10level9.dll -> [2015/03/15 03:06:43 | 000,604,160 | ---- | C] (Microsoft Corporation)
dxgi.dll -> C:\Windows\System32\dxgi.dll -> [2015/03/15 03:06:43 | 000,293,376 | ---- | C] (Microsoft Corporation)
d3d10_1core.dll -> C:\Windows\System32\d3d10_1core.dll -> [2015/03/15 03:06:43 | 000,249,856 | ---- | C] (Microsoft Corporation)
d3d10core.dll -> C:\Windows\System32\d3d10core.dll -> [2015/03/15 03:06:43 | 000,220,160 | ---- | C] (Microsoft Corporation)
WindowsCodecsExt.dll -> C:\Windows\System32\WindowsCodecsExt.dll -> [2015/03/15 03:06:43 | 000,207,872 | ---- | C] (Microsoft Corporation)
UIAnimation.dll -> C:\Windows\System32\UIAnimation.dll -> [2015/03/15 03:06:43 | 000,187,392 | ---- | C] (Microsoft Corporation)
d3d10_1.dll -> C:\Windows\System32\d3d10_1.dll -> [2015/03/15 03:06:43 | 000,161,792 | ---- | C] (Microsoft Corporation)
atmfd.dll -> C:\Windows\System32\atmfd.dll -> [2015/03/14 13:37:57 | 000,299,008 | ---- | C] (Adobe Systems Incorporated)
fontsub.dll -> C:\Windows\System32\fontsub.dll -> [2015/03/14 13:37:57 | 000,070,656 | ---- | C] (Microsoft Corporation)
atmlib.dll -> C:\Windows\System32\atmlib.dll -> [2015/03/14 13:37:57 | 000,034,304 | ---- | C] (Adobe Systems)
dciman32.dll -> C:\Windows\System32\dciman32.dll -> [2015/03/14 13:37:57 | 000,010,240 | ---- | C] (Microsoft Corporation)
Google Earth -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth -> [2015/03/13 11:26:36 | 000,000,000 | ---D | C]
inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2015/03/13 10:59:19 | 001,466,368 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2015/03/13 10:59:18 | 001,638,912 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2015/03/13 10:59:18 | 000,627,712 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\System32\html.iec -> [2015/03/13 10:59:18 | 000,386,048 | ---- | C] (Microsoft Corporation)
dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2015/03/13 10:59:18 | 000,345,600 | ---- | C] (Microsoft Corporation)
dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2015/03/13 10:59:18 | 000,216,064 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\System32\ieui.dll -> [2015/03/13 10:59:18 | 000,176,640 | ---- | C] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2015/03/13 10:59:18 | 000,142,848 | ---- | C] (Microsoft Corporation)
url.dll -> C:\Windows\System32\url.dll -> [2015/03/13 10:59:18 | 000,132,096 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2015/03/13 10:59:18 | 000,064,512 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2015/03/13 10:59:18 | 000,048,640 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2015/03/13 10:59:18 | 000,016,384 | ---- | C] (Microsoft Corporation)
win32k.sys -> C:\Windows\System32\win32k.sys -> [2015/03/13 10:59:16 | 002,381,312 | ---- | C] (Microsoft Corporation)
ubpm.dll -> C:\Windows\System32\ubpm.dll -> [2015/03/13 10:58:52 | 000,171,520 | ---- | C] (Microsoft Corporation)
adtschema.dll -> C:\Windows\System32\adtschema.dll -> [2015/03/13 10:58:49 | 000,686,080 | ---- | C] (Microsoft Corporation)
ncrypt.dll -> C:\Windows\System32\ncrypt.dll -> [2015/03/13 10:58:49 | 000,221,184 | ---- | C] (Microsoft Corporation)
msaudite.dll -> C:\Windows\System32\msaudite.dll -> [2015/03/13 10:58:49 | 000,146,432 | ---- | C] (Microsoft Corporation)
msobjs.dll -> C:\Windows\System32\msobjs.dll -> [2015/03/13 10:58:49 | 000,060,416 | ---- | C] (Microsoft Corporation)
auditpol.exe -> C:\Windows\System32\auditpol.exe -> [2015/03/13 10:58:49 | 000,050,176 | ---- | C] (Microsoft Corporation)
sspisrv.dll -> C:\Windows\System32\sspisrv.dll -> [2015/03/13 10:58:49 | 000,015,872 | ---- | C] (Microsoft Corporation)
drmv2clt.dll -> C:\Windows\System32\drmv2clt.dll -> [2015/03/13 10:54:56 | 000,988,160 | ---- | C] (Microsoft Corporation)
blackbox.dll -> C:\Windows\System32\blackbox.dll -> [2015/03/13 10:54:56 | 000,744,960 | ---- | C] (Microsoft Corporation)
mf.dll -> C:\Windows\System32\mf.dll -> [2015/03/13 10:54:54 | 003,209,728 | ---- | C] (Microsoft Corporation)
wmdrmsdk.dll -> C:\Windows\System32\wmdrmsdk.dll -> [2015/03/13 10:54:54 | 000,617,984 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2015/03/13 10:54:53 | 003,973,048 | ---- | C] (Microsoft Corporation)
drmmgrtn.dll -> C:\Windows\System32\drmmgrtn.dll -> [2015/03/13 10:54:53 | 000,406,016 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2015/03/13 10:54:52 | 003,917,760 | ---- | C] (Microsoft Corporation)
winload.exe -> C:\Windows\System32\winload.exe -> [2015/03/13 10:54:52 | 000,521,384 | ---- | C] (Microsoft Corporation)
evr.dll -> C:\Windows\System32\evr.dll -> [2015/03/13 10:54:52 | 000,489,984 | ---- | C] (Microsoft Corporation)
winresume.exe -> C:\Windows\System32\winresume.exe -> [2015/03/13 10:54:52 | 000,455,752 | ---- | C] (Microsoft Corporation)
AUDIOKSE.dll -> C:\Windows\System32\AUDIOKSE.dll -> [2015/03/13 10:54:52 | 000,442,880 | ---- | C] (Microsoft Corporation)
ci.dll -> C:\Windows\System32\ci.dll -> [2015/03/13 10:54:52 | 000,409,272 | ---- | C] (Microsoft Corporation)
quartz.dll -> C:\Windows\System32\quartz.dll -> [2015/03/13 10:54:51 | 001,329,664 | ---- | C] (Microsoft Corporation)
srcore.dll -> C:\Windows\System32\srcore.dll -> [2015/03/13 10:54:51 | 000,400,896 | ---- | C] (Microsoft Corporation)
mfplat.dll -> C:\Windows\System32\mfplat.dll -> [2015/03/13 10:54:51 | 000,354,816 | ---- | C] (Microsoft Corporation)
AudioEng.dll -> C:\Windows\System32\AudioEng.dll -> [2015/03/13 10:54:50 | 000,374,784 | ---- | C] (Microsoft Corporation)
EncDump.dll -> C:\Windows\System32\EncDump.dll -> [2015/03/13 10:54:50 | 000,275,968 | ---- | C] (Microsoft Corporation)
AudioSes.dll -> C:\Windows\System32\AudioSes.dll -> [2015/03/13 10:54:50 | 000,195,584 | ---- | C] (Microsoft Corporation)
qdvd.dll -> C:\Windows\System32\qdvd.dll -> [2015/03/13 10:54:49 | 000,519,680 | ---- | C] (Microsoft Corporation)
msscp.dll -> C:\Windows\System32\msscp.dll -> [2015/03/13 10:54:49 | 000,504,320 | ---- | C] (Microsoft Corporation)
rstrui.exe -> C:\Windows\System32\rstrui.exe -> [2015/03/13 10:54:49 | 000,262,656 | ---- | C] (Microsoft Corporation)
audiodg.exe -> C:\Windows\System32\audiodg.exe -> [2015/03/13 10:54:49 | 000,100,864 | ---- | C] (Microsoft Corporation)
appidapi.dll -> C:\Windows\System32\appidapi.dll -> [2015/03/13 10:54:49 | 000,050,688 | ---- | C] (Microsoft Corporation)
csrsrv.dll -> C:\Windows\System32\csrsrv.dll -> [2015/03/13 10:54:49 | 000,038,912 | ---- | C] (Microsoft Corporation)
msnetobj.dll -> C:\Windows\System32\msnetobj.dll -> [2015/03/13 10:54:48 | 000,265,216 | ---- | C] (Microsoft Corporation)
mfps.dll -> C:\Windows\System32\mfps.dll -> [2015/03/13 10:54:48 | 000,103,424 | ---- | C] (Microsoft Corporation)
rrinstaller.exe -> C:\Windows\System32\rrinstaller.exe -> [2015/03/13 10:54:48 | 000,050,176 | ---- | C] (Microsoft Corporation)
appidpolicyconverter.exe -> C:\Windows\System32\appidpolicyconverter.exe -> [2015/03/13 10:54:47 | 000,096,768 | ---- | C] (Microsoft Corporation)
pcadm.dll -> C:\Windows\System32\pcadm.dll -> [2015/03/13 10:54:47 | 000,028,160 | ---- | C] (Microsoft Corporation)
setbcdlocale.dll -> C:\Windows\System32\setbcdlocale.dll -> [2015/03/13 10:54:44 | 000,050,176 | ---- | C] (Microsoft Corporation)
mfpmp.exe -> C:\Windows\System32\mfpmp.exe -> [2015/03/13 10:54:44 | 000,023,040 | ---- | C] (Microsoft Corporation)
appidcertstorecheck.exe -> C:\Windows\System32\appidcertstorecheck.exe -> [2015/03/13 10:54:44 | 000,016,896 | ---- | C] (Microsoft Corporation)
msmmsp.dll -> C:\Windows\System32\msmmsp.dll -> [2015/03/13 10:54:44 | 000,010,752 | ---- | C] (Microsoft Corporation)
pcawrk.exe -> C:\Windows\System32\pcawrk.exe -> [2015/03/13 10:54:44 | 000,009,728 | ---- | C] (Microsoft Corporation)
pcalua.exe -> C:\Windows\System32\pcalua.exe -> [2015/03/13 10:54:44 | 000,008,192 | ---- | C] (Microsoft Corporation)
wmploc.DLL -> C:\Windows\System32\wmploc.DLL -> [2015/03/13 10:54:43 | 012,625,408 | ---- | C] (Microsoft Corporation)
pcaevts.dll -> C:\Windows\System32\pcaevts.dll -> [2015/03/13 10:54:43 | 000,008,704 | ---- | C] (Microsoft Corporation)
spwmp.dll -> C:\Windows\System32\spwmp.dll -> [2015/03/13 10:54:43 | 000,008,192 | ---- | C] (Microsoft Corporation)
apisetschema.dll -> C:\Windows\System32\apisetschema.dll -> [2015/03/13 10:54:43 | 000,006,656 | ---- | C] (Microsoft Corporation)
msdxm.ocx -> C:\Windows\System32\msdxm.ocx -> [2015/03/13 10:54:43 | 000,004,096 | ---- | C] (Microsoft Corporation)
dxmasf.dll -> C:\Windows\System32\dxmasf.dll -> [2015/03/13 10:54:43 | 000,004,096 | ---- | C] (Microsoft Corporation)
mferror.dll -> C:\Windows\System32\mferror.dll -> [2015/03/13 10:54:43 | 000,002,048 | ---- | C] (Microsoft Corporation)
FlashPlayerApp.exe -> C:\Windows\System32\FlashPlayerApp.exe -> [2015/03/13 10:25:59 | 000,778,928 | ---- | C] (Adobe Systems Incorporated)
FlashPlayerCPLApp.cpl -> C:\Windows\System32\FlashPlayerCPLApp.cpl -> [2015/03/13 10:25:59 | 000,142,512 | ---- | C] (Adobe Systems Incorporated)
tdh.dll -> C:\Windows\System32\tdh.dll -> [2015/03/10 03:19:45 | 000,619,520 | ---- | C] (Microsoft Corporation)
taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2015/03/10 03:18:29 | 000,049,152 | ---- | C] (Microsoft Corporation)
d3d11.dll -> C:\Windows\System32\d3d11.dll -> [2015/03/10 03:11:04 | 001,505,280 | ---- | C] (Microsoft Corporation)
Samsung -> C:\ProgramData\Samsung -> [2015/03/09 21:11:59 | 000,000,000 | ---D | C]
Deployment -> C:\Users\SFB\AppData\Local\Deployment -> [2015/03/09 21:03:41 | 000,000,000 | ---D | C]
Apps -> C:\Users\SFB\AppData\Local\Apps -> [2015/03/09 21:03:41 | 000,000,000 | ---D | C]
Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2015/03/09 16:46:58 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2015/04/08 08:10:03 | 000,000,902 | ---- | M] ()
prfh0416.dat -> C:\Windows\System32\prfh0416.dat -> [2015/04/08 08:09:53 | 000,703,580 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2015/04/08 08:09:53 | 000,652,148 | ---- | M] ()
prfc0416.dat -> C:\Windows\System32\prfc0416.dat -> [2015/04/08 08:09:53 | 000,146,366 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2015/04/08 08:09:53 | 000,121,080 | ---- | M] ()
MBAMSwissArmy.sys -> C:\Windows\System32\drivers\MBAMSwissArmy.sys -> [2015/04/08 07:59:24 | 000,119,512 | ---- | M] (Malwarebytes Corporation)
Malwarebytes Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> [2015/04/08 07:59:01 | 000,001,062 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2015/04/08 07:45:21 | 000,067,584 | --S- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2015/04/08 07:43:44 | 000,001,058 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2015/04/08 07:43:44 | 000,001,054 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2015/04/07 16:40:59 | 000,025,424 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2015/04/07 16:40:59 | 000,025,424 | -H-- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/04/07 16:29:18 | 2358,259,712 | -HS- | M] ()
Cat.DB -> C:\Windows\System32\drivers\NAV\1507000.00B\Cat.DB -> [2015/04/06 14:45:23 | 001,928,914 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2015/04/06 09:35:28 | 000,507,432 | ---- | M] ()
gerarFatura.pdf -> C:\Users\SFB\Desktop\gerarFatura.pdf -> [2015/04/05 21:52:19 | 000,051,192 | ---- | M] ()
.rnd -> C:\.rnd -> [2015/04/03 10:52:00 | 000,001,024 | ---- | M] ()
MiniTool Power Data Recovery 6.8.lnk -> C:\Users\Public\Desktop\MiniTool Power Data Recovery 6.8.lnk -> [2015/04/02 15:08:19 | 000,001,075 | ---- | M] ()
Recuva.lnk -> C:\Users\Public\Desktop\Recuva.lnk -> [2015/04/02 14:51:11 | 000,001,797 | ---- | M] ()
Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2015/04/02 14:36:40 | 000,002,129 | ---- | M] ()
085.D3 - PONTOS ELÉTRICOS E TELE Layout2 (1).pdf -> C:\Users\SFB\Desktop\085.D3 - PONTOS ELÉTRICOS E TELE Layout2 (1).pdf -> [2015/03/31 16:21:14 | 000,042,644 | ---- | M] ()
VT20150331.017 -> C:\Windows\System32\drivers\NAV\1507000.00B\VT20150331.017 -> [2015/03/31 09:11:32 | 000,082,335 | ---- | M] ()
Foamular.pdf -> C:\Users\SFB\Desktop\Foamular.pdf -> [2015/03/30 09:32:30 | 000,346,881 | ---- | M] ()
mwac.sys -> C:\Windows\System32\drivers\mwac.sys -> [2015/03/17 06:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation)
mbamchameleon.sys -> C:\Windows\System32\drivers\mbamchameleon.sys -> [2015/03/17 06:15:26 | 000,092,888 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2015/03/17 06:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation)
XpsPrint.dll -> C:\Windows\System32\XpsPrint.dll -> [2015/03/15 03:06:44 | 001,158,144 | ---- | M] (Microsoft Corporation)
XpsGdiConverter.dll -> C:\Windows\System32\XpsGdiConverter.dll -> [2015/03/15 03:06:44 | 000,364,544 | ---- | M] (Microsoft Corporation)
api-ms-win-downlevel-advapi32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,010,752 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-shlwapi-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,009,728 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-shlwapi-l2-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll -> [2015/03/15 03:06:44 | 000,005,632 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-ole32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,005,632 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-user32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,004,096 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-advapi32-l2-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll -> [2015/03/15 03:06:44 | 000,003,584 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-version-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,003,072 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-shell32-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,003,072 | -H-- | M] (Microsoft Corporation)
api-ms-win-downlevel-normaliz-l1-1-0.dll -> C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll -> [2015/03/15 03:06:44 | 000,002,560 | -H-- | M] (Microsoft Corporation)
d3d10.dll -> C:\Windows\System32\d3d10.dll -> [2015/03/15 03:06:43 | 001,080,832 | ---- | M] (Microsoft Corporation)
d3d10level9.dll -> C:\Windows\System32\d3d10level9.dll -> [2015/03/15 03:06:43 | 000,604,160 | ---- | M] (Microsoft Corporation)
dxgi.dll -> C:\Windows\System32\dxgi.dll -> [2015/03/15 03:06:43 | 000,293,376 | ---- | M] (Microsoft Corporation)
d3d10_1core.dll -> C:\Windows\System32\d3d10_1core.dll -> [2015/03/15 03:06:43 | 000,249,856 | ---- | M] (Microsoft Corporation)
d3d10core.dll -> C:\Windows\System32\d3d10core.dll -> [2015/03/15 03:06:43 | 000,220,160 | ---- | M] (Microsoft Corporation)
WindowsCodecsExt.dll -> C:\Windows\System32\WindowsCodecsExt.dll -> [2015/03/15 03:06:43 | 000,207,872 | ---- | M] (Microsoft Corporation)
UIAnimation.dll -> C:\Windows\System32\UIAnimation.dll -> [2015/03/15 03:06:43 | 000,187,392 | ---- | M] (Microsoft Corporation)
d3d10_1.dll -> C:\Windows\System32\d3d10_1.dll -> [2015/03/15 03:06:43 | 000,161,792 | ---- | M] (Microsoft Corporation)
Google Earth.lnk -> C:\Users\Public\Desktop\ Google Earth.lnk -> [2015/03/13 11:26:36 | 000,002,172 | ---- | M] ()
FlashPlayerApp.exe -> C:\Windows\System32\FlashPlayerApp.exe -> [2015/03/13 10:25:59 | 000,778,928 | ---- | M] (Adobe Systems Incorporated)
FlashPlayerCPLApp.cpl -> C:\Windows\System32\FlashPlayerCPLApp.cpl -> [2015/03/13 10:25:59 | 000,142,512 | ---- | M] (Adobe Systems Incorporated)
tdh.dll -> C:\Windows\System32\tdh.dll -> [2015/03/10 03:19:45 | 000,619,520 | ---- | M] (Microsoft Corporation)
taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2015/03/10 03:18:29 | 000,049,152 | ---- | M] (Microsoft Corporation)
d3d11.dll -> C:\Windows\System32\d3d11.dll -> [2015/03/10 03:11:04 | 001,505,280 | ---- | M] (Microsoft Corporation)
51 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp ->

[Files - No Company Name]
Malwarebytes Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> [2015/04/08 07:59:01 | 000,001,062 | ---- | C] ()
gerarFatura.pdf -> C:\Users\SFB\Desktop\gerarFatura.pdf -> [2015/04/05 21:52:28 | 000,051,192 | ---- | C] ()
.rnd -> C:\.rnd -> [2015/04/03 10:50:27 | 000,001,024 | ---- | C] ()
MiniTool Power Data Recovery 6.8.lnk -> C:\Users\Public\Desktop\MiniTool Power Data Recovery 6.8.lnk -> [2015/04/02 15:08:19 | 000,001,075 | ---- | C] ()
Recuva.lnk -> C:\Users\Public\Desktop\Recuva.lnk -> [2015/04/02 14:51:11 | 000,001,797 | ---- | C] ()
085.D3 - PONTOS ELÉTRICOS E TELE Layout2 (1).pdf -> C:\Users\SFB\Desktop\085.D3 - PONTOS ELÉTRICOS E TELE Layout2 (1).pdf -> [2015/03/31 16:21:12 | 000,042,644 | ---- | C] ()
Foamular.pdf -> C:\Users\SFB\Desktop\Foamular.pdf -> [2015/03/30 09:32:24 | 000,346,881 | ---- | C] ()
MsftWdf_User_01_11_00_Inbox_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf -> [2015/03/15 03:29:10 | 000,000,003 | ---- | C] ()
Google Earth.lnk -> C:\Users\Public\Desktop\ Google Earth.lnk -> [2015/03/13 11:26:36 | 000,002,172 | ---- | C] ()
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2015/03/13 10:26:00 | 000,000,902 | ---- | C] ()
unins000.exe -> C:\Users\SFB\AppData\Roaming\unins000.exe -> [2015/03/03 14:46:49 | 000,815,826 | ---- | C] ()
unins000.dat -> C:\Users\SFB\AppData\Roaming\unins000.dat -> [2015/03/03 14:46:49 | 000,017,603 | ---- | C] ()
PrintBrmUi.exe -> C:\Windows\System32\PrintBrmUi.exe -> [2015/03/01 11:08:36 | 000,066,048 | ---- | C] ()
SBuySupplies.exe -> C:\Windows\System32\SBuySupplies.exe -> [2015/02/20 08:01:26 | 000,212,600 | ---- | C] ()
us001lm.dll -> C:\Windows\System32\us001lm.dll -> [2015/02/20 08:01:24 | 000,018,432 | ---- | C] ()
us001ci.exe -> C:\Windows\System32\us001ci.exe -> [2015/02/20 08:01:22 | 000,158,016 | ---- | C] ()
Microsoft.SqlServer.Compact.351.32.bc -> C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc -> [2015/01/08 10:30:11 | 000,000,147 | ---- | C] ()
cpwmon2k.dll -> C:\Windows\System32\cpwmon2k.dll -> [2014/12/26 17:44:48 | 000,089,136 | ---- | C] ()
ssj2mlm.dll -> C:\Windows\System32\ssj2mlm.dll -> [2014/12/22 10:19:08 | 000,025,600 | ---- | C] ()
eed_ec.dll -> C:\Windows\System32\eed_ec.dll -> [2014/12/22 10:19:04 | 002,284,032 | ---- | C] ()
eed_sl.exe.config -> C:\Windows\System32\eed_sl.exe.config -> [2014/12/22 10:18:58 | 000,000,273 | ---- | C] ()

[Alternate Data Streams]
@Alternate Data Stream - 2 bytes -> C:\Windows\System32:C6327EC1_Bb.gbp
@Alternate Data Stream - 208 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst
< End of report >
[/code]

Publicité


Signaler le contenu de ce document

Publicité