cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ[code]
OTS logfile created on: 21/04/2015 12:05:50 - Run 1
OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\Usuario\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 742,20 Gb Free Space | 79,69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USUARIO-PC
Current User Name: Usuario
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Usuario\Desktop\OTS.exe -> [2015/04/21 12:01:06 | 000,646,656 | ---- | M] (OldTimer Tools)
avgui.exe -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe -> [2015/04/15 13:17:20 | 003,745,232 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -> [2015/04/15 13:10:56 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
netservice.exe -> C:\Users\Usuario\AppData\Roaming\NetService\netservice.exe -> [2015/03/20 04:26:00 | 000,211,824 | ---- | M] (QNT)
mbamservice.exe -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -> [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation)
mbamscheduler.exe -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
mbam.exe -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe -> [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation)
nvscpapisvr.exe -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2014/07/02 14:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation)
armsvc.exe -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated)

[Modules - No Company Name]
pepflashplayer.dll -> C:\Users\Usuario\AppData\Local\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll -> [2015/04/13 18:55:41 | 014,980,424 | ---- | M] ()
libglesv2.dll -> C:\Users\Usuario\AppData\Local\Google\Chrome\Application\42.0.2311.90\libglesv2.dll -> [2015/04/13 18:55:40 | 001,252,680 | ---- | M] ()
libegl.dll -> C:\Users\Usuario\AppData\Local\Google\Chrome\Application\42.0.2311.90\libegl.dll -> [2015/04/13 18:55:39 | 000,080,712 | ---- | M] ()

[Win32 Services - Safe List]
64bit-(VIAKaraokeService) [Auto | Running] -> C:\Windows\SysNative\ViakaraokeSrv.exe -> [2010/12/22 10:22:52 | 000,027,760 | ---- | M] (VIA Technologies, Inc.)
64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation)
(AVGIDSAgent) AVGIDSAgent [Auto | Stopped] -> C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -> [2015/04/15 13:21:40 | 003,438,032 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avgwd) Watchdog do AVG [Auto | Running] -> C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -> [2015/04/15 13:10:56 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -> [2015/04/15 12:35:24 | 000,268,464 | ---- | M] (Adobe Systems Incorporated)
(NetTcpHandler) Net.Tcp Service Handler [Auto | Running] -> C:\Users\Usuario\AppData\Roaming\NetService\netservice.exe -> [2015/03/20 04:26:00 | 000,211,824 | ---- | M] (QNT)
(MBAMService) MBAMService [Auto | Running] -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -> [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation)
(MBAMScheduler) MBAMScheduler [Auto | Running] -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
(Stereo Service) NVIDIA Stereoscopic 3D Driver Service [Auto | Running] -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2014/07/02 14:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation)
(AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
64bit-(MBAMSwissArmy) MBAMSwissArmy [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -> [2015/04/21 11:36:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation)
64bit-(Avgldx64) AVG AVI Loader Driver [File_System | System | Running] -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2015/04/15 13:06:02 | 000,256,992 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(AVGIDSDriver) AVGIDSDriver [File_System | System | Running] -> C:\Windows\SysNative\drivers\avgidsdrivera.sys -> [2015/04/09 14:11:14 | 000,284,128 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgtdia) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2015/04/07 12:39:26 | 000,291,296 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgmfx64) AVG Mini-Filter Resident Anti-Virus Shield [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2015/04/03 09:34:12 | 000,137,184 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgrkx64) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgrkx64.sys -> [2015/03/20 12:18:18 | 000,040,928 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgdiska) AVG Disk Driver [File_System | System | Running] -> C:\Windows\SysNative\drivers\avgdiska.sys -> [2015/03/11 12:16:06 | 000,162,784 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgloga) AVG Logging Driver [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgloga.sys -> [2015/03/11 12:13:36 | 000,344,544 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(AVGIDSHA) AVGIDSHA [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgidsha.sys -> [2015/03/11 12:13:28 | 000,213,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(MBAMWebAccessControl) MBAMWebAccessControl [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\mwac.sys -> [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation)
64bit-(MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\mbam.sys -> [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation)
64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2014/08/11 17:31:46 | 000,197,408 | ---- | M] (NVIDIA Corporation)
64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.)
64bit-(VIAHdAudAddService) VIA High Definition Audio Driver Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\viahduaa.sys -> [2010/12/22 10:22:44 | 002,156,656 | ---- | M] (VIA Technologies, Inc.)
64bit-(Synth3dVsc) Synth3dVsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\Synth3dVsc.sys -> [2010/11/20 04:33:58 | 000,088,960 | ---- | M] (Microsoft Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2010/11/20 04:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2010/11/20 04:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(tsusbhub) tsusbhub [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\tsusbhub.sys -> [2010/11/20 02:07:12 | 000,117,248 | ---- | M] (Microsoft Corporation)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(TsUsbGD) %TsUsbGD.DeviceDesc.Generic% [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbGD.sys -> [2010/11/20 02:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation)
64bit-(terminpt) Microsoft Remote Desktop Input Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\terminpt.sys -> [2010/11/20 02:03:44 | 000,034,816 | ---- | M] (Microsoft Corporation)
64bit-(RdpVideoMiniport) Remote Desktop Video Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpvideominiport.sys -> [2010/11/20 02:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation)
64bit-(dmvsc) dmvsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\dmvsc.sys -> [2010/11/20 00:57:44 | 000,071,168 | ---- | M] (Microsoft Corporation)
64bit-(L1c) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\l1c51x64.sys -> [2010/06/25 04:07:56 | 000,071,792 | ---- | M] (Atheros Communications, Inc.)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> www.google.com ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> www.google.com ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\] > -> ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\: Main\\"Default_Page_URL" -> www.google.com ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\: Main\\"Start Page" -> http://www.google.com/ ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/pt-br/?ocid=iehp ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\: Main\\"Start Page Redirect Cache AcceptLangs" -> pt-br ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 82 91 0F 65 22 72 D0 01 [binary data] ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2015/04/20 19:34:36 | 000,000,035 | ---- | M] - 1 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live ID Sign-in Helper] -> [2009/08/18 12:50:40 | 000,532,336 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG_UI" -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe ["C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY] -> [2015/04/15 13:17:20 | 003,745,232 | ---- | M] (AVG Technologies CZ, s.r.o.)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/20 03:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/20 03:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"CCleaner Monitoring" -> C:\Program Files (x86)\CCleaner\CCleaner64.exe ["C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR] -> [2015/03/13 08:10:26 | 007,451,928 | ---- | M] (Piriform Ltd)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
\\"NoActiveDesktopChanges" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
\\"SoftwareSASGeneration" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [221] -> File not found
\\"NoLowDiskSpaceChecks" -> [1] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xportar para o Microsoft Excel -> [res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 000,040,424 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 201.6.2.39 201.6.2.139 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{F468CC11-79EF-4FC9-A486-B23A535FF978}\\DhcpNameServer -> 201.6.2.39 201.6.2.139 (Atheros AR8151 PCI-E Gigabit Ethernet Controller) ->
IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
"Use My Stylesheet" -> Reg Error: Invalid data type.
"User Stylesheet" ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2010/11/20 04:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2010/11/20 04:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 22:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2010/11/20 03:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
userinit.exe -> C:\Windows\SysWow64\userinit.exe -> [2010/11/20 03:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
/pagefile -> -> File not found
*MultiFile Done* -> ->
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{068795B5-C9C4-4E6D-A7E6-106ED7EE44A0} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{2F26D1AF-95C4-428B-B827-F67EAC7C3E78} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{3D7BFD58-BC4E-4BDF-916E-366BF47C32B3} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{4C5281EA-25C9-4AC9-A4F9-E660622E0B1F} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
{532AA79E-C326-40D3-BCF3-420EA9ECA078} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{630D2E44-872D-4317-9C95-8DF35172B790} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
{7FAC2CAB-BA56-4388-9532-EA7E28575FAC} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
{83B5F207-560C-410F-AFA3-5137EB54DC69} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
{843E1246-E288-4626-93A8-FC605A1C6B5F} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{908F94F1-1DC9-4F5A-86F5-F96A627B83BD} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{94CE38D1-D1FF-4F05-B722-7DDA505D4287} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
{9537D319-4BF0-4EAA-A0CB-3A87951EE777} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
{977D22FA-4036-4B5A-A9BD-1D2FF9B017AA} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{A4D47394-FC79-468B-BFA7-D26952E9AE3B} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
{AC637032-80FE-4533-804C-06C18B201D02} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{BBE92D47-1E38-4A2C-9ABD-9F6D90974B57} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
{BD371BC4-3B16-49F7-973D-932E75BF7607} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
{C1516CFF-237D-4E3A-86AE-F60DDA34F265} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{CA2AD309-0EAA-41E9-A88E-82190AB89EF7} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
{CEBB687C-80B2-490E-97BB-4616B921B8CD} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
{D98C5001-8785-4186-B2DB-A21ADA343C97} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{E0DD6EB1-48AB-424B-99FA-0AA92498C3C2} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
{F4B5ACAC-7D6F-4E50-B978-E622DE023B30} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
{FB48519F-5962-4499-9AE4-576FD8262187} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{01144F0C-F3B5-4B51-81C8-65DF5AD4B10D} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{0A83F60F-2AC7-40B2-A083-B310C7092555} -> profile=private | protocol=6 | dir=in | action=allow | name=verificador pessoal de email | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
{0B6353BC-5323-486E-BC2A-D1213DD230DF} -> profile=private | protocol=17 | dir=in | action=allow | name=comunicador de rede hp | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
{14D38F1E-0B60-451B-8634-B23751964903} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{194F6B72-B257-44CC-99CF-523731CAB490} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |
{20822F67-7956-4B4D-B79D-35A6A2701409} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |
{22535542-AABE-4DB5-AFB9-0A8F76A24FC6} -> profile=private | protocol=17 | dir=in | action=allow | name=proteção online | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
{2CCBF509-4105-45FD-8A08-3C25AE71980A} -> profile=private | protocol=17 | dir=in | action=allow | name=serviço do bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
{30BF45E6-26B5-48CC-8FDB-526472D729A5} -> dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe |
{3B4D10EC-52F6-48DE-9A02-6733ECBD6AC7} -> profile=private | protocol=6 | dir=in | action=allow | name=avg diagnostics 2015 | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
{3E1CBA31-7A72-4506-8E65-525CF57F0982} -> profile=private | protocol=6 | dir=in | action=allow | name=serviço do bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
{4217340B-1F7C-41D5-B870-A12352C037F5} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |
{66FC23AA-CE82-478C-A595-791316CDC002} -> profile=private | protocol=17 | dir=in | action=allow | name=avg diagnostics 2015 | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
{6815EF35-56F7-4F6F-B7BB-E1EEC83442C6} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{6ED8629C-F2E2-47B9-836D-A50A2F581EDA} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{6FAF92A2-25F8-4955-9565-C9E63B496E1C} -> profile=private | protocol=17 | dir=in | action=allow | name=instalador do avg | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
{73BA71A5-18E6-463A-83C3-95B36A01377B} -> profile=private | protocol=17 | dir=in | action=allow | name=configuração de dispositivo hp | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
{7CF6B3BA-243C-4661-A86D-98B4D7F422CD} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{839B873B-76C6-4094-B1D8-17BD800370BE} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
{9DA1A625-490A-4DFA-AB3D-033D3DD59F0B} -> profile=private | protocol=6 | dir=in | action=allow | name=serviço do bonjour | app=c:\program files\bonjour\mdnsresponder.exe |
{A19F04E2-0742-4260-9FE8-DACF19FE1FFF} -> profile=private | protocol=6 | dir=in | action=allow | name=instalador do avg | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
{B4F19C7C-4E85-4A4F-A813-39276C474BDC} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{B74CFD4B-A823-416B-87D3-E1CCC19B5145} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{BEBA63D7-A67B-4CF6-A068-463FCAD925E9} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |
{C9B6E589-12C7-4538-9885-673830EFC9A7} -> profile=private | protocol=6 | dir=in | action=allow | name=proteção online | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
{D43D2129-DDC3-4265-A823-D5B2A203A6A7} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{D59115D4-3D5D-48FD-93B2-C1674B97BBE3} -> dir=in | action=allow | name=webkit | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
{DADDEB8E-D902-414C-9D16-2E787CF4392F} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
{DD449438-2418-4A48-82D4-BF1F20CB387A} -> profile=private | protocol=17 | dir=in | action=allow | name=serviço do bonjour | app=c:\program files\bonjour\mdnsresponder.exe |
{E046164E-43B6-497A-BF80-14040D011F46} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |
{E60D3B88-62CB-45C0-A6EF-BCA16B29CDD8} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
{E639FC26-DA63-404D-BE75-A7AC59684DC0} -> profile=private | protocol=17 | dir=in | action=allow | name=verificador pessoal de email | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
{F10EFD4E-182A-4D4B-833A-7FEA60E15F67} -> profile=private | protocol=6 | dir=in | action=allow | name=comunicador de rede hp | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
{F450A026-F7FE-4EAC-AA4E-B99CB1C3D9AC} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
{F80C47D1-5818-4BFB-8FBD-54D69ED2EE18} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
{FB1972A0-0FE4-46AD-9262-841CC1DC7360} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
{FE77F231-14EF-473F-BD1F-668E07A72B36} -> profile=private | protocol=6 | dir=in | action=allow | name=configuração de dispositivo hp | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Driver de CD-ROM ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010/11/20 00:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.html [@ = CRSBRWSHTML] -> Reg Error: Key error. -> File not found
.url [@ = InternetShortcut] -> C:\Windows\SysNative\rundll32.exe -> [2009/07/13 22:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009/07/13 22:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* ->
.html [@ = CRSBRWSHTML] -> Reg Error: Key error. -> File not found
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
AppMgmt -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< 64bit-Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/26 20:34:20 | 000,108,856 | ---- | M] (Microsoft Corporation)
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/26 21:41:48 | 000,044,344 | ---- | M] (Microsoft Corporation)
< 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
< 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" -> [28 4D B2 76 41 04 CA 01 [binary data]] -> File not found
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
\\"DisableNotifications" -> [0] -> File not found
\\"EnableFirewall" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> ->
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" -> [0] -> File not found
\\"EnableFirewall" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
64bit-NameSpace_Catalog5\Catalog_Entries64\000000000007 [WindowsLive NSP] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -> [2009/08/18 12:48:02 | 000,168,304 | ---- | M] (Microsoft Corporation)
64bit-NameSpace_Catalog5\Catalog_Entries64\000000000008 [WindowsLive Local NSP] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -> [2009/08/18 12:48:02 | 000,168,304 | ---- | M] (Microsoft Corporation)
64bit-NameSpace_Catalog5\Catalog_Entries64\000000000009 [mdnsNSP] -> C:\Arquivos de Programas\Bonjour\mdnsNSP.dll -> [2011/08/30 23:05:32 | 000,132,968 | ---- | M] (Apple Inc.)
NameSpace_Catalog5\Catalog_Entries\000000000009 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2011/08/30 23:05:02 | 000,121,704 | ---- | M] (Apple Inc.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{29ED9231-6FD0-4F71-9D70-FA41F0EBFE44} -> Estudo de melhoria do produto HP Photosmart Plus B210 series
{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C} -> Apple Mobile Device Support
{4DD09931-ACDD-4087-9EF7-E1E2FCFA694D} -> AVG 2015
{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} -> Bonjour
{8C775E70-A791-4DA8-BCC3-6AB7136F4484} -> Visual Studio 2012 x64 Redistributables
{90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007
{90120000-002A-0416-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
{9B48B0AC-C813-4174-9042-476A887592C7} -> Windows Live ID Sign-in Assistant
{AA03215C-3605-45CD-B0CC-1B826F5A1F5E} -> Software básico do dispositivo HP Photosmart Plus B210 series
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision -> NVIDIA Driver do 3D Vision 340.52
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel -> Painel de controle da NVIDIA 340.52
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver -> NVIDIA Driver de gráficos 340.52
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB -> NVIDIA Driver de controle do 3D Vision 340.50
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX -> NVIDIA Software do sistema PhysX 9.13.1220
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver -> NVIDIA Driver de áudio HD 1.3.30.1
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer -> NVIDIA Install Application
{B38CFE4C-C9C4-460B-8353-F56DF2AC3877} -> AVG 2015
{CFFF260C-F510-45BB-8F8E-1D4AC1232786} -> Adobe Photoshop Lightroom 3.3 64-bit
{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0} -> iTunes
AVG -> AVG 2015
CCleaner -> CCleaner
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{20D4A895-748C-4D88-871C-FDB1695B0169} -> Platform
{46F044A5-CE8B-4196-984E-5BD6525E361D} -> Suporte para Aplicativos Apple
{4908C75E-E5E2-43F7-B1DF-023CBA831046} -> Nero 7 Ultra Edition
{787D1A33-A97B-4245-87C0-7174609A540C} -> HP Update
{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} -> Apple Software Update
{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40} -> HP Photosmart Plus B210 series Ajuda
{80407BA7-7763-4395-AB98-5233F1B34E65} -> NVIDIA PhysX
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{90120000-0014-0000-0000-0000000FF1CE} -> Microsoft Office Professional 2007
{90120000-0015-0416-0000-0000000FF1CE} -> Microsoft Office Access MUI (Portuguese (Brazil)) 2007
{90120000-0016-0416-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
{90120000-0018-0416-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
{90120000-0019-0416-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
{90120000-001A-0416-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
{90120000-001B-0416-0000-0000000FF1CE} -> Microsoft Office Word MUI (Portuguese (Brazil)) 2007
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0416-0000-0000000FF1CE} -> Microsoft Office Proof (Portuguese (Brazil)) 2007
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-002C-0416-0000-0000000FF1CE} -> Microsoft Office Proofing (Portuguese (Brazil)) 2007
{90120000-006E-0416-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} -> Visual Studio 2012 x86 Redistributables
{AC76BA86-7AD7-1046-7B44-AB0000000001} -> Adobe Reader XI - Português
{B67BAFBA-4C9F-48FA-9496-933E3B255044} -> QuickTime
Adobe Flash Player ActiveX -> Adobe Flash Player 17 ActiveX
HP Photo Creations -> HP Photo Creations
InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} -> VIA Gerenciador de dispositivo de plataforma
KLiteCodecPack_is1 -> K-Lite Mega Codec Pack 8.2.0
Malwarebytes Anti-Malware_is1 -> Malwarebytes Anti-Malware versão 2.0.4.1028
NVIDIAStereo -> NVIDIA Stereoscopic 3D Driver
PRO -> Microsoft Office Professional 2007
Winamp -> Winamp
WinRAR archiver -> WinRAR 4.20 (32-bit)
ZHPDiag_is1 -> ZHPDiag 2015
ZHPFix_is1 -> ZHPFix 2015
< Uninstall List [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< Uninstall List [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< Uninstall List [HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\] > -> HKEY_USERS\S-1-5-21-2449596501-158867882-4163514491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
Google Chrome -> Google Chrome
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 20/04/2015 22:29:57 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 7040 -> Description =
Application [ Error ] 20/04/2015 22:29:57 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 7042 -> Description =
Application [ Error ] 20/04/2015 22:29:57 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 9002 -> Description =
Application [ Error ] 20/04/2015 22:29:57 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 3029 -> Description =
Application [ Error ] 20/04/2015 22:30:08 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 3029 -> Description =
Application [ Error ] 20/04/2015 22:30:08 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 3028 -> Description =
Application [ Error ] 20/04/2015 22:30:08 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 3058 -> Description =
Application [ Error ] 20/04/2015 22:30:08 Computer Name = Usuario-PC | Source = Windows Search Service | ID = 7010 -> Description =
Application [ Error ] 20/04/2015 23:14:06 Computer Name = Usuario-PC | Source = VSS | ID = 8194 -> Description =
Application [ Error ] 21/04/2015 01:21:10 Computer Name = Usuario-PC | Source = VSS | ID = 8194 -> Description =
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Apple Mobile Device foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço Serviço do Bonjour foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço MBAMScheduler foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço MBAMService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço Machine Debug Manager foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Net.Tcp Service Handler foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço VIA Karaoke digital mixer Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Live ID Sign-in Assistant foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
System [ Error ] 21/04/2015 02:42:09 Computer Name = Usuario-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Usuario\Desktop\OTS.exe -> [2015/04/21 12:01:05 | 000,646,656 | ---- | C] (OldTimer Tools)
Google Chrome -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome -> [2015/04/21 10:35:27 | 000,000,000 | ---D | C]
CrashDumps -> C:\Users\Usuario\AppData\Local\CrashDumps -> [2015/04/21 03:52:18 | 000,000,000 | ---D | C]
check-browsers-lnk_1.1.0.39.exe -> C:\Users\Usuario\Desktop\check-browsers-lnk_1.1.0.39.exe -> [2015/04/20 20:46:48 | 000,438,072 | ---- | C] (Alex Dragokas)
FRST -> C:\FRST -> [2015/04/20 18:43:23 | 000,000,000 | ---D | C]
FRST64.exe -> C:\Users\Usuario\Desktop\FRST64.exe -> [2015/04/20 18:42:32 | 002,099,712 | ---- | C] (Farbar)
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2015/04/20 01:10:14 | 000,000,000 | -HSD | C]
Temp -> C:\Windows\Temp -> [2015/04/20 01:06:15 | 000,000,000 | ---D | C]
Temp -> C:\Users\Usuario\AppData\Local\Temp -> [2015/04/20 01:06:15 | 000,000,000 | ---D | C]
RegBackup -> C:\RegBackup -> [2015/04/19 23:20:46 | 000,000,000 | ---D | C]
JRT.exe -> C:\Users\Usuario\Desktop\JRT.exe -> [2015/04/19 23:19:53 | 002,684,539 | ---- | C] (Thisisu)
Prefetch -> C:\Windows\Prefetch -> [2015/04/19 23:05:48 | 000,000,000 | ---D | C]
ZHPFix -> C:\Program Files (x86)\ZHPFix -> [2015/04/19 23:02:27 | 000,000,000 | ---D | C]
ZHPFix.exe -> C:\Users\Usuario\Desktop\ZHPFix.exe -> [2015/04/19 23:01:42 | 003,521,467 | ---- | C] (Nicolas Coolman )
ZHP -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP -> [2015/04/19 22:06:26 | 000,000,000 | ---D | C]
ZHPDiag -> C:\Program Files (x86)\ZHPDiag -> [2015/04/19 22:06:25 | 000,000,000 | ---D | C]
ZHP -> C:\Users\Usuario\AppData\Roaming\ZHP -> [2015/04/19 22:06:25 | 000,000,000 | ---D | C]
CCleaner -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner -> [2015/04/19 21:30:38 | 000,000,000 | ---D | C]
PureRa.exe -> C:\Users\Usuario\Desktop\PureRa.exe -> [2015/04/19 21:27:19 | 000,076,565 | ---- | C] (RaProducts.org)
AVG2015 -> C:\Users\Usuario\AppData\Roaming\AVG2015 -> [2015/04/19 15:10:27 | 000,000,000 | ---D | C]
TuneUp Software -> C:\Users\Usuario\AppData\Roaming\TuneUp Software -> [2015/04/19 15:09:24 | 000,000,000 | ---D | C]
AVG -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG -> [2015/04/19 15:09:24 | 000,000,000 | ---D | C]
$AVG -> C:\$AVG -> [2015/04/19 15:09:01 | 000,000,000 | -H-D | C]
AVG2015 -> C:\ProgramData\AVG2015 -> [2015/04/19 15:09:01 | 000,000,000 | ---D | C]
AVG -> C:\Program Files (x86)\AVG -> [2015/04/19 15:08:32 | 000,000,000 | ---D | C]
Microsoft -> C:\Windows\SysWow64\Microsoft -> [2015/04/19 15:03:41 | 000,000,000 | --SD | C]
Common Files -> C:\ProgramData\Common Files -> [2015/04/19 15:00:58 | 000,000,000 | -H-D | C]
MFAData -> C:\Users\Usuario\AppData\Local\MFAData -> [2015/04/19 15:00:58 | 000,000,000 | ---D | C]
MFAData -> C:\ProgramData\MFAData -> [2015/04/19 15:00:58 | 000,000,000 | ---D | C]
Avg2015 -> C:\Users\Usuario\AppData\Local\Avg2015 -> [2015/04/19 15:00:58 | 000,000,000 | ---D | C]
MBAMSwissArmy.sys -> C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -> [2015/04/19 14:40:53 | 000,129,752 | ---- | C] (Malwarebytes Corporation)
Malwarebytes Anti-Malware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware -> [2015/04/19 14:40:15 | 000,000,000 | ---D | C]
mbamchameleon.sys -> C:\Windows\SysNative\drivers\mbamchameleon.sys -> [2015/04/19 14:40:13 | 000,093,400 | ---- | C] (Malwarebytes Corporation)
mwac.sys -> C:\Windows\SysNative\drivers\mwac.sys -> [2015/04/19 14:40:13 | 000,063,704 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2015/04/19 14:40:13 | 000,025,816 | ---- | C] (Malwarebytes Corporation)
Malwarebytes Anti-Malware -> C:\Program Files (x86)\Malwarebytes Anti-Malware -> [2015/04/19 14:40:13 | 000,000,000 | ---D | C]
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2015/04/19 14:40:13 | 000,000,000 | ---D | C]
RogueKiller -> C:\ProgramData\RogueKiller -> [2015/04/18 23:23:39 | 000,000,000 | ---D | C]
Diagnostics -> C:\Users\Usuario\AppData\Local\Diagnostics -> [2015/04/18 22:02:47 | 000,000,000 | ---D | C]
zoek_backup -> C:\zoek_backup -> [2015/04/18 20:00:37 | 000,000,000 | ---D | C]
vbox -> C:\Windows\SysWow64\vbox -> [2015/04/18 19:02:11 | 000,000,000 | ---D | C]
vbox -> C:\Windows\SysNative\vbox -> [2015/04/18 19:02:11 | 000,000,000 | ---D | C]
log -> C:\Windows\SysNative\log -> [2015/04/18 18:50:46 | 000,000,000 | ---D | C]
Macromedia -> C:\Users\Usuario\AppData\Roaming\Macromedia -> [2015/04/18 15:59:31 | 000,000,000 | ---D | C]
appmgmt -> C:\Windows\SysNative\appmgmt -> [2015/04/18 15:55:51 | 000,000,000 | ---D | C]
FreeSoundcloudDownloader -> C:\Users\Usuario\Documents\FreeSoundcloudDownloader -> [2015/04/18 15:28:00 | 000,000,000 | ---D | C]
Skype -> C:\Users\Usuario\AppData\Local\Skype -> [2015/04/18 15:27:00 | 000,000,000 | ---D | C]
Skype -> C:\Users\Usuario\AppData\Roaming\Skype -> [2015/04/18 15:26:58 | 000,000,000 | ---D | C]
Skype -> C:\ProgramData\Skype -> [2015/04/18 15:26:23 | 000,000,000 | ---D | C]
RunDir -> C:\Users\Usuario\AppData\Roaming\RunDir -> [2015/04/18 15:24:39 | 000,000,000 | ---D | C]
NetService -> C:\Users\Usuario\AppData\Roaming\NetService -> [2015/04/18 15:24:39 | 000,000,000 | ---D | C]
Programs -> C:\Users\Usuario\AppData\Local\Programs -> [2015/04/18 15:24:37 | 000,000,000 | ---D | C]
AdwCleaner -> C:\AdwCleaner -> [2015/04/18 14:04:03 | 000,000,000 | ---D | C]
iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2015/04/16 23:06:15 | 000,000,000 | ---D | C]
GEARAspiWDM.sys -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2015/04/16 23:06:05 | 000,033,240 | ---- | C] (GEAR Software Inc.)
DRVSTORE -> C:\Windows\SysNative\DRVSTORE -> [2015/04/16 23:06:05 | 000,000,000 | ---D | C]
iPod -> C:\Program Files\iPod -> [2015/04/16 23:05:52 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files\iTunes -> [2015/04/16 23:05:51 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files (x86)\iTunes -> [2015/04/16 23:05:51 | 000,000,000 | ---D | C]
34BE82C4-E596-4e99-A191-52C6199EBF69 -> C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 -> [2015/04/16 23:05:51 | 000,000,000 | ---D | C]
Apple -> C:\Program Files\Common Files\Apple -> [2015/04/16 23:05:13 | 000,000,000 | ---D | C]
Bonjour -> C:\Program Files\Bonjour -> [2015/04/16 23:05:04 | 000,000,000 | ---D | C]
Bonjour -> C:\Program Files (x86)\Bonjour -> [2015/04/16 23:05:04 | 000,000,000 | ---D | C]
Apple Computer -> C:\Users\Usuario\AppData\Local\Apple Computer -> [2015/04/16 19:53:59 | 000,000,000 | ---D | C]
Apple Computer -> C:\Users\Usuario\AppData\Roaming\Apple Computer -> [2015/04/16 19:53:52 | 000,000,000 | ---D | C]
QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2015/04/16 19:52:39 | 000,000,000 | ---D | C]
QuickTime -> C:\Program Files (x86)\QuickTime -> [2015/04/16 19:52:26 | 000,000,000 | ---D | C]
Apple Computer -> C:\ProgramData\Apple Computer -> [2015/04/16 19:52:26 | 000,000,000 | ---D | C]
Apple -> C:\Program Files (x86)\Common Files\Apple -> [2015/04/16 19:51:47 | 000,000,000 | ---D | C]
Apple -> C:\Users\Usuario\AppData\Local\Apple -> [2015/04/16 19:51:42 | 000,000,000 | ---D | C]
Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2015/04/16 19:51:40 | 000,000,000 | ---D | C]
Apple -> C:\ProgramData\Apple -> [2015/04/16 19:51:40 | 000,000,000 | ---D | C]
Nero 7 Ultra Edition -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition -> [2015/04/16 14:16:39 | 000,000,000 | ---D | C]
Nero -> C:\ProgramData\Nero -> [2015/04/16 14:15:29 | 000,000,000 | ---D | C]
Exportação sem título -> C:\Users\Usuario\Desktop\Exportação sem título -> [2015/04/15 18:39:35 | 000,000,000 | ---D | C]
fotos novas -> C:\Users\Usuario\Desktop\fotos novas -> [2015/04/15 18:02:47 | 000,000,000 | ---D | C]
Adobe -> C:\Program Files\Common Files\Adobe -> [2015/04/15 17:55:57 | 000,000,000 | ---D | C]
Adobe -> C:\Program Files\Adobe -> [2015/04/15 17:55:57 | 000,000,000 | ---D | C]
Winamp -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp -> [2015/04/15 14:54:28 | 000,000,000 | ---D | C]
Winamp -> C:\Users\Usuario\AppData\Roaming\Winamp -> [2015/04/15 14:54:25 | 000,000,000 | ---D | C]
Winamp -> C:\Program Files (x86)\Winamp -> [2015/04/15 14:54:25 | 000,000,000 | ---D | C]
CATALOGA MUSICAS -> C:\Users\Usuario\Desktop\CATALOGA MUSICAS -> [2015/04/15 14:53:25 | 000,000,000 | ---D | C]
MP3Gain -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain -> [2015/04/15 14:52:49 | 000,000,000 | ---D | C]
MP3Gain -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain -> [2015/04/15 14:52:49 | 000,000,000 | ---D | C]
MP3Gain -> C:\Program Files (x86)\MP3Gain -> [2015/04/15 14:52:49 | 000,000,000 | ---D | C]
CCleaner -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner -> [2015/04/15 14:51:51 | 000,000,000 | ---D | C]
CCleaner -> C:\Program Files (x86)\CCleaner -> [2015/04/15 14:51:51 | 000,000,000 | ---D | C]
avgldx64.sys -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2015/04/15 13:06:02 | 000,256,992 | ---- | C] (AVG Technologies CZ, s.r.o.)
Microsoft -> C:\Program Files (x86)\Microsoft -> [2015/04/15 12:58:16 | 000,000,000 | ---D | C]
Microsoft Silverlight -> C:\Program Files (x86)\Microsoft Silverlight -> [2015/04/15 12:58:11 | 000,000,000 | ---D | C]
HP Photo Creations -> C:\ProgramData\HP Photo Creations -> [2015/04/15 12:57:45 | 000,000,000 | ---D | C]
HP Photo Creations -> C:\Program Files (x86)\HP Photo Creations -> [2015/04/15 12:57:45 | 000,000,000 | ---D | C]
HPDiscoPM8e11.dll -> C:\Windows\SysNative\HPDiscoPM8e11.dll -> [2015/04/15 12:57:11 | 000,361,320 | ---- | C] (Hewlett-Packard Co.)
HP -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP -> [2015/04/15 12:57:10 | 000,000,000 | ---D | C]
HP -> C:\ProgramData\HP -> [2015/04/15 12:56:58 | 000,000,000 | ---D | C]
HP -> C:\Program Files (x86)\HP -> [2015/04/15 12:56:55 | 000,000,000 | ---D | C]
HP -> C:\Program Files\HP -> [2015/04/15 12:56:25 | 000,000,000 | ---D | C]
HP -> C:\Users\Usuario\AppData\Local\HP -> [2015/04/15 12:56:12 | 000,000,000 | ---D | C]
Nero Home -> C:\Users\Usuario\Documents\Nero Home -> [2015/04/15 12:52:37 | 000,000,000 | ---D | C]
WinRAR -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR -> [2015/04/15 12:43:46 | 000,000,000 | ---D | C]
WinRAR -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR -> [2015/04/15 12:43:46 | 000,000,000 | ---D | C]
avgidsdrivera.sys -> C:\Windows\SysNative\drivers\avgidsdrivera.sys -> [2015/04/09 14:11:14 | 000,284,128 | ---- | C] (AVG Technologies CZ, s.r.o.)
IS TECHNO -> C:\Users\Usuario\Desktop\IS TECHNO -> [2015/04/08 16:09:07 | 000,000,000 | ---D | C]
AVAST Software -> C:\ProgramData\AVAST Software -> [2015/04/08 15:40:03 | 000,000,000 | ---D | C]
WinRAR -> C:\Users\Usuario\AppData\Roaming\WinRAR -> [2015/04/08 15:38:15 | 000,000,000 | ---D | C]
WinRAR -> C:\Program Files (x86)\WinRAR -> [2015/04/08 15:38:14 | 000,000,000 | ---D | C]
Ahead -> C:\Users\Usuario\AppData\Local\Ahead -> [2015/04/08 15:37:56 | 000,000,000 | ---D | C]
Ahead -> C:\Users\Usuario\AppData\Roaming\Ahead -> [2015/04/08 15:37:00 | 000,000,000 | ---D | C]
Nero -> C:\Program Files (x86)\Nero -> [2015/04/08 15:36:40 | 000,000,000 | ---D | C]
Ahead -> C:\Program Files (x86)\Common Files\Ahead -> [2015/04/08 15:36:40 | 000,000,000 | ---D | C]
d3dx9_30.dll -> C:\Windows\SysWow64\d3dx9_30.dll -> [2015/04/08 15:36:11 | 002,388,176 | ---- | C] (Microsoft Corporation)
d3dx9_28.dll -> C:\Windows\SysWow64\d3dx9_28.dll -> [2015/04/08 15:36:11 | 002,323,664 | ---- | C] (Microsoft Corporation)
K-Lite Codec Pack -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack -> [2015/04/08 15:34:32 | 000,000,000 | ---D | C]
mp3fhg.acm -> C:\Windows\SysWow64\mp3fhg.acm -> [2015/04/08 15:34:31 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS)
ac3acm.acm -> C:\Windows\SysWow64\ac3acm.acm -> [2015/04/08 15:34:31 | 000,151,552 | ---- | C] (fccHandler)
K-Lite Codec Pack -> C:\Program Files (x86)\K-Lite Codec Pack -> [2015/04/08 15:34:29 | 000,000,000 | ---D | C]
Adobe -> C:\Program Files (x86)\Common Files\Adobe -> [2015/04/08 15:33:50 | 000,000,000 | ---D | C]
Adobe -> C:\Program Files (x86)\Adobe -> [2015/04/08 15:33:50 | 000,000,000 | ---D | C]
Adobe -> C:\ProgramData\Adobe -> [2015/04/08 15:33:30 | 000,000,000 | ---D | C]
Microsoft Office -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office -> [2015/04/08 15:32:23 | 000,000,000 | ---D | C]
Microsoft Works -> C:\Program Files (x86)\Microsoft Works -> [2015/04/08 15:31:53 | 000,000,000 | ---D | C]
Microsoft Visual Studio -> C:\Program Files (x86)\Microsoft Visual Studio -> [2015/04/08 15:31:49 | 000,000,000 | ---D | C]
DESIGNER -> C:\Program Files (x86)\Common Files\DESIGNER -> [2015/04/08 15:31:49 | 000,000,000 | ---D | C]
PCHEALTH -> C:\Windows\PCHEALTH -> [2015/04/08 15:31:45 | 000,000,000 | ---D | C]
Microsoft.NET -> C:\Program Files (x86)\Microsoft.NET -> [2015/04/08 15:31:45 | 000,000,000 | ---D | C]
Microsoft Office -> C:\Program Files\Microsoft Office -> [2015/04/08 15:30:46 | 000,000,000 | ---D | C]
Microsoft Help -> C:\Users\Usuario\AppData\Local\Microsoft Help -> [2015/04/08 15:30:31 | 000,000,000 | ---D | C]
Microsoft Office -> C:\Program Files (x86)\Microsoft Office -> [2015/04/08 15:30:30 | 000,000,000 | ---D | C]
Microsoft Help -> C:\ProgramData\Microsoft Help -> [2015/04/08 15:30:30 | 000,000,000 | ---D | C]
MSOCache -> C:\MSOCache -> [2015/04/08 15:30:02 | 000,000,000 | RH-D | C]
Google -> C:\Users\Usuario\AppData\Local\Google -> [2015/04/08 15:23:44 | 000,000,000 | ---D | C]
Deployment -> C:\Users\Usuario\AppData\Local\Deployment -> [2015/04/08 15:23:36 | 000,000,000 | ---D | C]
Apps -> C:\Users\Usuario\AppData\Local\Apps -> [2015/04/08 15:23:36 | 000,000,000 | ---D | C]
Adobe -> C:\Users\Usuario\AppData\Roaming\Adobe -> [2015/04/08 15:23:28 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation -> [2015/04/08 14:58:27 | 000,000,000 | ---D | C]
NVIDIA -> C:\ProgramData\NVIDIA -> [2015/04/08 14:56:27 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\Program Files (x86)\NVIDIA Corporation -> [2015/04/08 14:56:20 | 000,000,000 | ---D | C]
nvStreaming.exe -> C:\Windows\SysWow64\nvStreaming.exe -> [2015/04/08 14:56:17 | 000,609,240 | ---- | C] (NVIDIA Corporation)
nvcpl.dll -> C:\Windows\SysNative\nvcpl.dll -> [2015/04/08 14:56:01 | 006,783,776 | ---- | C] (NVIDIA Corporation)
nvsvc64.dll -> C:\Windows\SysNative\nvsvc64.dll -> [2015/04/08 14:56:01 | 003,522,392 | ---- | C] (NVIDIA Corporation)
nvsvcr.dll -> C:\Windows\SysNative\nvsvcr.dll -> [2015/04/08 14:56:01 | 002,559,960 | ---- | C] (NVIDIA Corporation)
nvmctray.dll -> C:\Windows\SysNative\nvmctray.dll -> [2015/04/08 14:56:01 | 000,386,520 | ---- | C] (NVIDIA Corporation)
nvshext.dll -> C:\Windows\SysNative\nvshext.dll -> [2015/04/08 14:56:01 | 000,062,808 | ---- | C] (NVIDIA Corporation)
OpenCL.dll -> C:\Windows\SysNative\OpenCL.dll -> [2015/04/08 14:55:52 | 000,075,040 | ---- | C] (Khronos Group)
OpenCL.dll -> C:\Windows\SysWow64\OpenCL.dll -> [2015/04/08 14:55:52 | 000,061,912 | ---- | C] (Khronos Group)
NVIDIA Corporation -> C:\ProgramData\NVIDIA Corporation -> [2015/04/08 14:55:48 | 000,000,000 | ---D | C]
nvoglv64.dll -> C:\Windows\SysNative\nvoglv64.dll -> [2015/04/08 14:55:03 | 031,512,520 | ---- | C] (NVIDIA Corporation)
nvoglv32.dll -> C:\Windows\SysWow64\nvoglv32.dll -> [2015/04/08 14:55:03 | 024,196,896 | ---- | C] (NVIDIA Corporation)
nvcompiler.dll -> C:\Windows\SysNative\nvcompiler.dll -> [2015/04/08 14:55:03 | 022,994,208 | ---- | C] (NVIDIA Corporation)
nvwgf2umx.dll -> C:\Windows\SysNative\nvwgf2umx.dll -> [2015/04/08 14:55:03 | 018,626,304 | ---- | C] (NVIDIA Corporation)
nvd3dumx.dll -> C:\Windows\SysNative\nvd3dumx.dll -> [2015/04/08 14:55:03 | 017,555,104 | ---- | C] (NVIDIA Corporation)
nvwgf2um.dll -> C:\Windows\SysWow64\nvwgf2um.dll -> [2015/04/08 14:55:03 | 016,122,344 | ---- | C] (NVIDIA Corporation)
nvcompiler.dll -> C:\Windows\SysWow64\nvcompiler.dll -> [2015/04/08 14:55:03 | 015,294,296 | ---- | C] (NVIDIA Corporation)
nvd3dum.dll -> C:\Windows\SysWow64\nvd3dum.dll -> [2015/04/08 14:55:03 | 014,498,552 | ---- | C] (NVIDIA Corporation)
nvopencl.dll -> C:\Windows\SysNative\nvopencl.dll -> [2015/04/08 14:55:03 | 013,922,752 | ---- | C] (NVIDIA Corporation)
nvcuda.dll -> C:\Windows\SysNative\nvcuda.dll -> [2015/04/08 14:55:03 | 013,835,208 | ---- | C] (NVIDIA Corporation)
nvopencl.dll -> C:\Windows\SysWow64\nvopencl.dll -> [2015/04/08 14:55:03 | 011,283,344 | ---- | C] (NVIDIA Corporation)
nvcuda.dll -> C:\Windows\SysWow64\nvcuda.dll -> [2015/04/08 14:55:03 | 011,222,048 | ---- | C] (NVIDIA Corporation)
nvcuvid.dll -> C:\Windows\SysNative\nvcuvid.dll -> [2015/04/08 14:55:03 | 004,247,000 | ---- | C] (NVIDIA Corporation)
nvcuvid.dll -> C:\Windows\SysWow64\nvcuvid.dll -> [2015/04/08 14:55:03 | 003,989,960 | ---- | C] (NVIDIA Corporation)
nvapi64.dll -> C:\Windows\SysNative\nvapi64.dll -> [2015/04/08 14:55:03 | 003,196,816 | ---- | C] (NVIDIA Corporation)
nvapi.dll -> C:\Windows\SysWow64\nvapi.dll -> [2015/04/08 14:55:03 | 002,814,656 | ---- | C] (NVIDIA Corporation)
nvdispco6434052.dll -> C:\Windows\SysNative\nvdispco6434052.dll -> [2015/04/08 14:55:03 | 001,890,080 | ---- | C] (NVIDIA Corporation)
nvdispgenco6434052.dll -> C:\Windows\SysNative\nvdispgenco6434052.dll -> [2015/04/08 14:55:03 | 001,539,928 | ---- | C] (NVIDIA Corporation)
nvhdagenco6420103.dll -> C:\Windows\SysNative\nvhdagenco6420103.dll -> [2015/04/08 14:55:03 | 001,515,296 | ---- | C] (NVIDIA Corporation)
NvIFR64.dll -> C:\Windows\SysNative\NvIFR64.dll -> [2015/04/08 14:55:03 | 000,944,928 | ---- | C] (NVIDIA Corporation)
NvIFR.dll -> C:\Windows\SysWow64\NvIFR.dll -> [2015/04/08 14:55:03 | 000,907,096 | ---- | C] (NVIDIA Corporation)
NvFBC64.dll -> C:\Windows\SysNative\NvFBC64.dll -> [2015/04/08 14:55:03 | 000,903,624 | ---- | C] (NVIDIA Corporation)
NvFBC.dll -> C:\Windows\SysWow64\NvFBC.dll -> [2015/04/08 14:55:03 | 000,869,152 | ---- | C] (NVIDIA Corporation)
nvhda64v.sys -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2015/04/08 14:55:03 | 000,197,408 | ---- | C] (NVIDIA Corporation)
nvhdap64.dll -> C:\Windows\SysNative\nvhdap64.dll -> [2015/04/08 14:55:03 | 000,031,520 | ---- | C] (NVIDIA Corporation)
NVIDIA Corporation -> C:\Program Files\NVIDIA Corporation -> [2015/04/08 14:54:08 | 000,000,000 | ---D | C]
FlashPlayerApp.exe -> C:\Windows\SysWow64\FlashPlayerApp.exe -> [2015/04/08 14:37:58 | 000,778,416 | ---- | C] (Adobe Systems Incorporated)
FlashPlayerCPLApp.cpl -> C:\Windows\SysWow64\FlashPlayerCPLApp.cpl -> [2015/04/08 14:37:58 | 000,142,512 | ---- | C] (Adobe Systems Incorporated)
Macromed -> C:\Windows\SysWow64\Macromed -> [2015/04/08 14:37:57 | 000,000,000 | ---D | C]
Macromed -> C:\Windows\SysNative\Macromed -> [2015/04/08 14:37:49 | 000,000,000 | ---D | C]
Adobe -> C:\Users\Usuario\AppData\Local\Adobe -> [2015/04/08 14:37:04 | 000,000,000 | ---D | C]
InstallShield Installation Information -> C:\Program Files (x86)\InstallShield Installation Information -> [2015/04/08 14:32:11 | 000,000,000 | ---D | C]
viahduaa.sys -> C:\Windows\SysNative\drivers\viahduaa.sys -> [2015/04/08 14:31:34 | 002,156,656 | ---- | C] (VIA Technologies, Inc.)
VIAPropPageExt.dll -> C:\Windows\SysNative\VIAPropPageExt.dll -> [2015/04/08 14:31:34 | 000,993,392 | ---- | C] (VIA Technologies, Inc.)
ViaKaraokeApo.dll -> C:\Windows\SysNative\ViaKaraokeApo.dll -> [2015/04/08 14:31:34 | 000,920,176 | ---- | C] (VIA Technologies, Inc.)
VIASysFx.dll -> C:\Windows\SysNative\VIASysFx.dll -> [2015/04/08 14:31:34 | 000,550,512 | ---- | C] (VIA Technologies, Inc.)
Dts2APO.dll -> C:\Windows\SysNative\Dts2APO.dll -> [2015/04/08 14:31:34 | 000,248,944 | ---- | C] (Windows (R) Codename Longhorn DDK provider)
ViaMicArrayAPO.dll -> C:\Windows\SysNative\ViaMicArrayAPO.dll -> [2015/04/08 14:31:34 | 000,202,864 | ---- | C] (VIA Technologies, Inc.)
ViaKaraokePropPageExt.dll -> C:\Windows\SysNative\ViaKaraokePropPageExt.dll -> [2015/04/08 14:31:34 | 000,116,848 | ---- | C] (VIA Technologies,Inc.)
Dts2PropPageExt.dll -> C:\Windows\SysNative\Dts2PropPageExt.dll -> [2015/04/08 14:31:34 | 000,091,760 | ---- | C] (VIA Technologies, Inc.)
ViaMicArrayPropPageExt.dll -> C:\Windows\SysNative\ViaMicArrayPropPageExt.dll -> [2015/04/08 14:31:34 | 000,086,640 | ---- | C] (VIA Technologies,Inc.)
nQPropPageExt.dll -> C:\Windows\SysNative\nQPropPageExt.dll -> [2015/04/08 14:31:34 | 000,086,016 | ---- | C] (QSound Labs, Inc.)
nQAPO.dll -> C:\Windows\SysNative\nQAPO.dll -> [2015/04/08 14:31:34 | 000,082,432 | ---- | C] (QSound Labs, Inc.)
ViakaraokeSrv.exe -> C:\Windows\SysNative\ViakaraokeSrv.exe -> [2015/04/08 14:31:34 | 000,027,760 | ---- | C] (VIA Technologies, Inc.)
difxapi.dll -> C:\Windows\difxapi.dll -> [2015/04/08 14:29:15 | 000,414,632 | ---- | C] (Microsoft Corporation)
VIA -> C:\Program Files (x86)\VIA -> [2015/04/08 14:29:14 | 000,000,000 | ---D | C]
InstallShield -> C:\Program Files (x86)\Common Files\InstallShield -> [2015/04/08 14:29:01 | 000,000,000 | ---D | C]
Installer -> C:\Windows\Installer -> [2015/04/08 14:29:00 | 000,000,000 | -HSD | C]
CSVer.dll -> C:\Windows\SysWow64\CSVer.dll -> [2015/04/08 14:28:13 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User)
Intel -> C:\Program Files (x86)\Intel -> [2015/04/08 14:28:13 | 000,000,000 | ---D | C]
Intel -> C:\Intel -> [2015/04/08 14:28:05 | 000,000,000 | ---D | C]
l1c51x64.sys -> C:\Windows\SysNative\drivers\l1c51x64.sys -> [2015/04/08 14:26:04 | 000,071,792 | ---- | C] (Atheros Communications, Inc.)
Startup -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup -> [2015/04/08 14:00:10 | 000,000,000 | R--D | C]
Searches -> C:\Users\Usuario\Searches -> [2015/04/08 14:00:10 | 000,000,000 | R--D | C]
Administrative Tools -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools -> [2015/04/08 14:00:10 | 000,000,000 | R--D | C]
Identities -> C:\Users\Usuario\AppData\Roaming\Identities -> [2015/04/08 14:00:02 | 000,000,000 | ---D | C]
Contacts -> C:\Users\Usuario\Contacts -> [2015/04/08 14:00:01 | 000,000,000 | R--D | C]
VirtualStore -> C:\Users\Usuario\AppData\Local\VirtualStore -> [2015/04/08 13:59:59 | 000,000,000 | ---D | C]
Temporary Internet Files -> C:\Users\Usuario\AppData\Local\Temporary Internet Files -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
SendTo -> C:\Users\Usuario\SendTo -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Recent -> C:\Users\Usuario\Recent -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Modelos -> C:\Users\Usuario\Modelos -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Minhas músicas -> C:\Users\Usuario\Documents\Minhas músicas -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Minhas imagens -> C:\Users\Usuario\Documents\Minhas imagens -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Meus vídeos -> C:\Users\Usuario\Documents\Meus vídeos -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Meus documentos -> C:\Users\Usuario\Meus documentos -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Menu Iniciar -> C:\Users\Usuario\Menu Iniciar -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Histórico -> C:\Users\Usuario\AppData\Local\Histórico -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Dados de aplicativos -> C:\Users\Usuario\Dados de aplicativos -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Dados de aplicativos -> C:\Users\Usuario\AppData\Local\Dados de aplicativos -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Cookies -> C:\Users\Usuario\Cookies -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Configurações locais -> C:\Users\Usuario\Configurações locais -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Ambiente de rede -> C:\Users\Usuario\Ambiente de rede -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Ambiente de impressão -> C:\Users\Usuario\Ambiente de impressão -> [2015/04/08 13:59:48 | 000,000,000 | -HSD | C]
Microsoft -> C:\Users\Usuario\AppData\Roaming\Microsoft -> [2015/04/08 13:59:47 | 000,000,000 | --SD | C]
Videos -> C:\Users\Usuario\Videos -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Saved Games -> C:\Users\Usuario\Saved Games -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Pictures -> C:\Users\Usuario\Pictures -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Music -> C:\Users\Usuario\Music -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Maintenance -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Links -> C:\Users\Usuario\Links -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Favorites -> C:\Users\Usuario\Favorites -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Downloads -> C:\Users\Usuario\Downloads -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Documents -> C:\Users\Usuario\Documents -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Desktop -> C:\Users\Usuario\Desktop -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
Accessories -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories -> [2015/04/08 13:59:47 | 000,000,000 | R--D | C]
AppData -> C:\Users\Usuario\AppData -> [2015/04/08 13:59:47 | 000,000,000 | -H-D | C]
Microsoft -> C:\Users\Usuario\AppData\Local\Microsoft -> [2015/04/08 13:59:47 | 000,000,000 | ---D | C]
Media Center Programs -> C:\Users\Usuario\AppData\Roaming\Media Center Programs -> [2015/04/08 13:59:47 | 000,000,000 | ---D | C]
SoftwareDistribution -> C:\Windows\SoftwareDistribution -> [2015/04/08 13:58:52 | 000,000,000 | ---D | C]
Sistema -> C:\Program Files\Common Files\Sistema -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Recovery -> C:\Recovery -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Modelos -> C:\ProgramData\Modelos -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Minhas músicas -> C:\Users\Public\Documents\Minhas músicas -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Minhas imagens -> C:\Users\Public\Documents\Minhas imagens -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Meus vídeos -> C:\Users\Public\Documents\Meus vídeos -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Menu Iniciar -> C:\ProgramData\Menu Iniciar -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Favoritos -> C:\ProgramData\Favoritos -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Documentos -> C:\ProgramData\Documentos -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Dados de aplicativos -> C:\ProgramData\Dados de aplicativos -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Arquivos de Programas -> C:\Arquivos de Programas -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
Arquivos Comuns -> C:\Program Files\Arquivos Comuns -> [2015/04/08 13:55:25 | 000,000,000 | -HSD | C]
System Volume Information -> C:\System Volume Information -> [2015/04/08 13:50:16 | 000,000,000 | -HSD | C]
avgtdia.sys -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2015/04/07 12:39:26 | 000,291,296 | ---- | C] (AVG Technologies CZ, s.r.o.)
avgmfx64.sys -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2015/04/03 09:34:12 | 000,137,184 | ---- | C] (AVG Technologies CZ, s.r.o.)

[Files/Folders - Modified Within 30 Days]
OTS.exe -> C:\Users\Usuario\Desktop\OTS.exe -> [2015/04/21 12:01:06 | 000,646,656 | ---- | M] (OldTimer Tools)
GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000UA.job -> [2015/04/21 11:44:00 | 000,001,086 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2015/04/21 11:43:51 | 000,027,008 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2015/04/21 11:43:51 | 000,027,008 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2015/04/21 11:41:51 | 001,491,932 | ---- | M] ()
prfh0416.dat -> C:\Windows\SysNative\prfh0416.dat -> [2015/04/21 11:41:51 | 000,654,272 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2015/04/21 11:41:51 | 000,606,992 | ---- | M] ()
prfc0416.dat -> C:\Windows\SysNative\prfc0416.dat -> [2015/04/21 11:41:51 | 000,124,724 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2015/04/21 11:41:51 | 000,103,370 | ---- | M] ()
MBAMSwissArmy.sys -> C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -> [2015/04/21 11:36:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation)
bootstat.dat -> C:\Windows\bootstat.dat -> [2015/04/21 11:36:41 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/04/21 11:36:40 | 3220,037,632 | -HS- | M] ()
Google Chrome.lnk -> C:\Users\Usuario\Desktop\Google Chrome.lnk -> [2015/04/21 11:01:01 | 000,002,198 | ---- | M] ()
virus.png -> C:\Users\Usuario\Desktop\virus.png -> [2015/04/21 10:50:02 | 000,264,304 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000Core.job -> [2015/04/21 10:44:00 | 000,001,034 | ---- | M] ()
SFTGC.exe -> C:\Users\Usuario\Desktop\SFTGC.exe -> [2015/04/21 10:37:49 | 001,348,096 | ---- | M] ()
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2015/04/21 10:35:00 | 000,000,902 | ---- | M] ()
navegaki.png -> C:\Users\Usuario\Desktop\navegaki.png -> [2015/04/21 01:20:15 | 000,484,537 | ---- | M] ()
iexplore - Atalho.lnk -> C:\Users\Usuario\Desktop\iexplore - Atalho.lnk -> [2015/04/20 23:33:00 | 000,001,483 | ---- | M] ()
check-browsers-lnk_1.1.0.39.exe -> C:\Users\Usuario\Desktop\check-browsers-lnk_1.1.0.39.exe -> [2015/04/20 20:46:49 | 000,438,072 | ---- | M] (Alex Dragokas)
hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2015/04/20 19:34:36 | 000,000,035 | ---- | M] ()
FRST64.exe -> C:\Users\Usuario\Desktop\FRST64.exe -> [2015/04/20 18:42:35 | 002,099,712 | ---- | M] (Farbar)
zoek-delete.exe -> C:\Windows\zoek-delete.exe -> [2015/04/20 00:54:39 | 000,024,064 | ---- | M] ()
zoek.exe -> C:\Users\Usuario\Desktop\zoek.exe -> [2015/04/20 00:11:08 | 001,305,600 | ---- | M] ()
tweaking.com-regbackup-USUARIO-PC-Windows-7-Ultimate-(64-bit).dat -> C:\Windows\tweaking.com-regbackup-USUARIO-PC-Windows-7-Ultimate-(64-bit).dat -> [2015/04/19 23:20:55 | 000,000,207 | ---- | M] ()
JRT.exe -> C:\Users\Usuario\Desktop\JRT.exe -> [2015/04/19 23:19:57 | 002,684,539 | ---- | M] (Thisisu)
adwcleaner_4.201.exe -> C:\Users\Usuario\Desktop\adwcleaner_4.201.exe -> [2015/04/19 23:13:36 | 002,217,984 | ---- | M] ()
ZHPFix.lnk -> C:\Users\Public\Desktop\ZHPFix.lnk -> [2015/04/19 23:02:28 | 000,001,849 | ---- | M] ()
ZHPFix.exe -> C:\Users\Usuario\Desktop\ZHPFix.exe -> [2015/04/19 23:01:57 | 003,521,467 | ---- | M] (Nicolas Coolman )
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/04/19 22:10:49 | 000,000,512 | ---- | M] ()
ZHPFix.lnk -> C:\Users\Usuario\Desktop\ZHPFix.lnk -> [2015/04/19 22:06:28 | 000,001,987 | ---- | M] ()
ZHPDiag.lnk -> C:\Users\Usuario\Desktop\ZHPDiag.lnk -> [2015/04/19 22:06:28 | 000,001,860 | ---- | M] ()
CCleaner.lnk -> C:\Users\Public\Desktop\CCleaner.lnk -> [2015/04/19 21:30:38 | 000,001,017 | ---- | M] ()
ntuser.pol -> C:\Users\Usuario\ntuser.pol -> [2015/04/19 16:16:33 | 000,000,008 | RHS- | M] ()
ntuser.pol -> C:\ProgramData\ntuser.pol -> [2015/04/19 16:16:32 | 000,000,008 | RHS- | M] ()
repository.backup -> C:\Windows\repository.backup -> [2015/04/19 16:06:25 | 023,942,958 | ---- | M] ()
AVG 2015.lnk -> C:\Users\Public\Desktop\AVG 2015.lnk -> [2015/04/19 15:09:24 | 000,000,983 | ---- | M] ()
Malwarebytes Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> [2015/04/19 14:42:24 | 000,001,102 | ---- | M] ()
TrueSight.sys -> C:\Windows\SysNative\drivers\TrueSight.sys -> [2015/04/19 11:07:43 | 000,037,624 | ---- | M] ()
ZA-Scan.exe -> C:\Users\Usuario\Desktop\ZA-Scan.exe -> [2015/04/18 20:05:09 | 001,365,504 | ---- | M] ()
MP3Gain.lnk -> C:\Users\Usuario\Desktop\MP3Gain.lnk -> [2015/04/17 18:29:48 | 000,001,026 | ---- | M] ()
iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2015/04/16 23:06:15 | 000,001,783 | ---- | M] ()
QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2015/04/16 19:52:39 | 000,001,845 | ---- | M] ()
Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2015/04/16 14:16:39 | 000,002,782 | ---- | M] ()
Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2015/04/16 14:16:39 | 000,002,686 | ---- | M] ()
hpwebreg_xxxxxxxxxx.job -> C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job -> [2015/04/16 10:43:36 | 000,000,568 | ---- | M] ()
Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2015/04/15 18:03:26 | 000,000,000 | -H-- | M] ()
Lightroom 3.3 64-bit.lnk -> C:\Users\Public\Desktop\Lightroom 3.3 64-bit.lnk -> [2015/04/15 17:56:22 | 000,002,067 | ---- | M] ()
Winamp.lnk -> C:\Users\Public\Desktop\Winamp.lnk -> [2015/04/15 14:54:28 | 000,000,989 | ---- | M] ()
avgldx64.sys -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2015/04/15 13:06:02 | 000,256,992 | ---- | M] (AVG Technologies CZ, s.r.o.)
HP Photo Creations.lnk -> C:\Users\Public\Desktop\HP Photo Creations.lnk -> [2015/04/15 12:57:46 | 000,001,097 | ---- | M] ()
HP Photosmart Plus B210 series.lnk -> C:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk -> [2015/04/15 12:57:10 | 000,002,272 | ---- | M] ()
HP ePrintCenter - HP Photosmart Plus B210 series.lnk -> C:\Users\Public\Desktop\HP ePrintCenter - HP Photosmart Plus B210 series.lnk -> [2015/04/15 12:57:10 | 000,001,924 | ---- | M] ()
HP Photosmart Plus B210 series Scan.lnk -> C:\Users\Public\Desktop\HP Photosmart Plus B210 series Scan.lnk -> [2015/04/15 12:57:10 | 000,001,252 | ---- | M] ()
Compre suprimentos - HP Photosmart Plus B210 series.lnk -> C:\Users\Public\Desktop\Compre suprimentos - HP Photosmart Plus B210 series.lnk -> [2015/04/15 12:57:10 | 000,001,215 | ---- | M] ()
FlashPlayerApp.exe -> C:\Windows\SysWow64\FlashPlayerApp.exe -> [2015/04/15 12:35:24 | 000,778,416 | ---- | M] (Adobe Systems Incorporated)
FlashPlayerCPLApp.cpl -> C:\Windows\SysWow64\FlashPlayerCPLApp.cpl -> [2015/04/15 12:35:24 | 000,142,512 | ---- | M] (Adobe Systems Incorporated)
boleto.pdf -> C:\Users\Usuario\Desktop\boleto.pdf -> [2015/04/15 09:42:20 | 000,037,991 | ---- | M] ()
avgidsdrivera.sys -> C:\Windows\SysNative\drivers\avgidsdrivera.sys -> [2015/04/09 14:11:14 | 000,284,128 | ---- | M] (AVG Technologies CZ, s.r.o.)
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2015/04/08 16:08:09 | 000,346,656 | ---- | M] ()
GSetup.ini -> C:\Windows\GSetup.ini -> [2015/04/08 14:26:58 | 000,000,010 | ---- | M] ()
license.rtf -> C:\Windows\SysWow64\license.rtf -> [2015/04/08 13:53:07 | 000,146,800 | ---- | M] ()
license.rtf -> C:\Windows\SysNative\license.rtf -> [2015/04/08 13:53:07 | 000,146,800 | ---- | M] ()
Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2015/04/08 13:51:13 | 000,000,000 | -H-- | M] ()
avgtdia.sys -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2015/04/07 12:39:26 | 000,291,296 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgmfx64.sys -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2015/04/03 09:34:12 | 000,137,184 | ---- | M] (AVG Technologies CZ, s.r.o.)

[Files - No Company Name]
Google Chrome.lnk -> C:\Users\Usuario\Desktop\Google Chrome.lnk -> [2015/04/21 10:53:52 | 000,002,198 | ---- | C] ()
virus.png -> C:\Users\Usuario\Desktop\virus.png -> [2015/04/21 10:50:02 | 000,264,304 | ---- | C] ()
SFTGC.exe -> C:\Users\Usuario\Desktop\SFTGC.exe -> [2015/04/21 10:37:27 | 001,348,096 | ---- | C] ()
GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000UA.job -> [2015/04/21 10:34:27 | 000,001,086 | ---- | C] ()
GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449596501-158867882-4163514491-1000Core.job -> [2015/04/21 10:34:27 | 000,001,034 | ---- | C] ()
navegaki.png -> C:\Users\Usuario\Desktop\navegaki.png -> [2015/04/21 01:20:15 | 000,484,537 | ---- | C] ()
iexplore - Atalho.lnk -> C:\Users\Usuario\Desktop\iexplore - Atalho.lnk -> [2015/04/20 23:33:00 | 000,001,483 | ---- | C] ()
zoek-delete.exe -> C:\Windows\zoek-delete.exe -> [2015/04/20 01:06:16 | 000,024,064 | ---- | C] ()
zoek.exe -> C:\Users\Usuario\Desktop\zoek.exe -> [2015/04/20 00:11:05 | 001,305,600 | ---- | C] ()
tweaking.com-regbackup-USUARIO-PC-Windows-7-Ultimate-(64-bit).dat -> C:\Windows\tweaking.com-regbackup-USUARIO-PC-Windows-7-Ultimate-(64-bit).dat -> [2015/04/19 23:20:55 | 000,000,207 | ---- | C] ()
adwcleaner_4.201.exe -> C:\Users\Usuario\Desktop\adwcleaner_4.201.exe -> [2015/04/19 23:13:33 | 002,217,984 | ---- | C] ()
ZHPFix.lnk -> C:\Users\Public\Desktop\ZHPFix.lnk -> [2015/04/19 23:02:28 | 000,001,849 | ---- | C] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/04/19 22:10:49 | 000,000,512 | ---- | C] ()
ZHPFix.lnk -> C:\Users\Usuario\Desktop\ZHPFix.lnk -> [2015/04/19 22:06:28 | 000,001,987 | ---- | C] ()
ZHPDiag.lnk -> C:\Users\Usuario\Desktop\ZHPDiag.lnk -> [2015/04/19 22:06:28 | 000,001,860 | ---- | C] ()
CCleaner.lnk -> C:\Users\Public\Desktop\CCleaner.lnk -> [2015/04/19 21:30:38 | 000,001,017 | ---- | C] ()
repository.backup -> C:\Windows\repository.backup -> [2015/04/19 16:06:25 | 023,942,958 | ---- | C] ()
ZA-Scan.exe -> C:\Users\Usuario\Desktop\ZA-Scan.exe -> [2015/04/19 15:33:33 | 001,365,504 | ---- | C] ()
AVG 2015.lnk -> C:\Users\Public\Desktop\AVG 2015.lnk -> [2015/04/19 15:09:24 | 000,000,983 | ---- | C] ()
Malwarebytes Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> [2015/04/19 14:40:15 | 000,001,102 | ---- | C] ()
TrueSight.sys -> C:\Windows\SysNative\drivers\TrueSight.sys -> [2015/04/18 23:23:42 | 000,037,624 | ---- | C] ()
ntuser.pol -> C:\Users\Usuario\ntuser.pol -> [2015/04/18 16:01:58 | 000,000,008 | RHS- | C] ()
MP3Gain.lnk -> C:\Users\Usuario\Desktop\MP3Gain.lnk -> [2015/04/17 18:29:48 | 000,001,026 | ---- | C] ()
ntuser.pol -> C:\ProgramData\ntuser.pol -> [2015/04/17 12:31:26 | 000,000,008 | RHS- | C] ()
iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2015/04/16 23:06:15 | 000,001,783 | ---- | C] ()
QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2015/04/16 19:52:39 | 000,001,845 | ---- | C] ()
Apple Software Update.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> [2015/04/16 19:51:41 | 000,002,519 | ---- | C] ()
Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2015/04/16 14:16:39 | 000,002,782 | ---- | C] ()
Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2015/04/16 14:16:39 | 000,002,686 | ---- | C] ()
Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2015/04/15 18:03:26 | 000,000,000 | -H-- | C] ()
Adobe Photoshop Lightroom 3.3 64-bit.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 3.3 64-bit.lnk -> [2015/04/15 17:56:22 | 000,002,075 | ---- | C] ()
Lightroom 3.3 64-bit.lnk -> C:\Users\Public\Desktop\Lightroom 3.3 64-bit.lnk -> [2015/04/15 17:56:22 | 000,002,067 | ---- | C] ()
Winamp.lnk -> C:\Users\Public\Desktop\Winamp.lnk -> [2015/04/15 14:54:28 | 000,000,989 | ---- | C] ()
boleto.pdf -> C:\Users\Usuario\Desktop\boleto.pdf -> [2015/04/15 13:42:33 | 000,037,991 | ---- | C] ()
hpwebreg_xxxxxxxxxx.job -> C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job -> [2015/04/15 12:59:30 | 000,000,568 | ---- | C] ()
Windows Live ID.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk -> [2015/04/15 12:58:01 | 000,001,338 | ---- | C] ()
HP Photo Creations.lnk -> C:\Users\Public\Desktop\HP Photo Creations.lnk -> [2015/04/15 12:57:46 | 000,001,097 | ---- | C] ()
HP Photosmart Plus B210 series.lnk -> C:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk -> [2015/04/15 12:57:10 | 000,002,272 | ---- | C] ()
HP ePrintCenter - HP Photosmart Plus B210 series.lnk -> C:\Users\Public\Desktop\HP ePrintCenter - HP Photosmart Plus B210 series.lnk -> [2015/04/15 12:57:10 | 000,001,924 | ---- | C] ()
HP Photosmart Plus B210 series Scan.lnk -> C:\Users\Public\Desktop\HP Photosmart Plus B210 series Scan.lnk -> [2015/04/15 12:57:10 | 000,001,252 | ---- | C] ()
Compre suprimentos - HP Photosmart Plus B210 series.lnk -> C:\Users\Public\Desktop\Compre suprimentos - HP Photosmart Plus B210 series.lnk -> [2015/04/15 12:57:10 | 000,001,215 | ---- | C] ()
xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2015/04/08 15:34:31 | 000,650,752 | ---- | C] ()
xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2015/04/08 15:34:31 | 000,243,200 | ---- | C] ()
unrar.dll -> C:\Windows\SysWow64\unrar.dll -> [2015/04/08 15:34:31 | 000,175,616 | ---- | C] ()
ff_vfw.dll -> C:\Windows\SysWow64\ff_vfw.dll -> [2015/04/08 15:34:31 | 000,079,360 | ---- | C] ()
Adobe Reader XI.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> [2015/04/08 15:33:52 | 000,002,441 | ---- | C] ()
nvcoproc.bin -> C:\Windows\SysNative\nvcoproc.bin -> [2015/04/08 14:56:01 | 003,826,628 | ---- | C] ()
nvinfo.pb -> C:\Windows\SysNative\nvinfo.pb -> [2015/04/08 14:55:03 | 000,026,353 | ---- | C] ()
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2015/04/08 14:37:58 | 000,000,902 | ---- | C] ()
HD VDeck.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk -> [2015/04/08 14:31:44 | 000,001,214 | ---- | C] ()
GSetup.ini -> C:\Windows\GSetup.ini -> [2015/04/08 14:23:00 | 000,000,010 | ---- | C] ()
Media Center.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> [2015/04/08 13:52:45 | 000,001,345 | ---- | C] ()
Windows DVD Maker.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> [2015/04/08 13:52:37 | 000,001,326 | ---- | C] ()
Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2015/04/08 13:51:13 | 000,000,000 | -H-- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/04/08 13:50:16 | 3220,037,632 | -HS- | C] ()

[File - Lop Check]
AVG2015 -> C:\Users\Usuario\AppData\Roaming\AVG2015 -> [2015/04/19 15:10:27 | 000,000,000 | ---D | M]
NetService -> C:\Users\Usuario\AppData\Roaming\NetService -> [2015/04/18 15:24:39 | 000,000,000 | ---D | M]
RunDir -> C:\Users\Usuario\AppData\Roaming\RunDir -> [2015/04/18 16:01:52 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\Usuario\AppData\Roaming\TuneUp Software -> [2015/04/19 15:09:24 | 000,000,000 | ---D | M]
ZHP -> C:\Users\Usuario\AppData\Roaming\ZHP -> [2015/04/19 23:05:49 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/14 02:08:49 | 000,014,904 | ---- | M] ()
[Custom Scans]
< %systemdrive%\*.* >
hiberfil.sys -> C:\hiberfil.sys -> [2015/04/21 11:36:40 | 3220,037,632 | -HS- | M] ()
pagefile.sys -> C:\pagefile.sys -> [2015/04/21 11:36:40 | 4293,386,240 | -HS- | M] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/04/19 22:10:49 | 000,000,512 | ---- | M] ()
PureRa.txt -> C:\PureRa.txt -> [2015/04/19 21:28:45 | 000,002,970 | ---- | M] ()
zoek-results.log -> C:\zoek-results.log -> [2015/04/20 01:10:08 | 000,033,306 | ---- | M] ()
zoek-results2015-04-18-230138.log -> C:\zoek-results2015-04-18-230138.log -> [2015/04/18 20:01:38 | 000,000,492 | ---- | M] ()
zoek-results2015-04-18-230621.log -> C:\zoek-results2015-04-18-230621.log -> [2015/04/18 20:06:21 | 000,008,577 | ---- | M] ()
zoek-results2015-04-19-021914.log -> C:\zoek-results2015-04-19-021914.log -> [2015/04/18 23:19:14 | 000,008,155 | ---- | M] ()
zoek-results2015-04-19-140728.log -> C:\zoek-results2015-04-19-140728.log -> [2015/04/19 11:07:28 | 000,008,524 | ---- | M] ()
zoek-results2015-04-19-142857.log -> C:\zoek-results2015-04-19-142857.log -> [2015/04/19 11:28:57 | 000,009,227 | ---- | M] ()
zoek-results2015-04-19-183521.log -> C:\zoek-results2015-04-19-183521.log -> [2015/04/19 15:35:21 | 000,008,617 | ---- | M] ()
zoek-results2015-04-19-184709.log -> C:\zoek-results2015-04-19-184709.log -> [2015/04/19 15:47:09 | 000,000,659 | ---- | M] ()
zoek-results2015-04-19-191651.log -> C:\zoek-results2015-04-19-191651.log -> [2015/04/19 16:16:51 | 000,037,695 | ---- | M] ()
zoek-results2015-04-20-005126.log -> C:\zoek-results2015-04-20-005126.log -> [2015/04/19 21:51:26 | 000,008,199 | ---- | M] ()
zoek-results2015-04-20-034859.log -> C:\zoek-results2015-04-20-034859.log -> [2015/04/20 00:48:59 | 000,033,262 | ---- | M] ()
< %systemdrive%\drivers\*.exe >
< %systemroot%\system32\drivers\*.* /90 >
< %programfiles%\*.* >
desktop.ini -> C:\Program Files (x86)\desktop.ini -> [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] ()
< %localappdata%\*.exe >
< %localappdata%\*.txt >
< %localappdata%\*.ini >
< %localappdata%\*.dll >
< %localappdata%\*.dat >
GDIPFONTCACHEV1.DAT -> C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT -> [2015/04/08 15:40:03 | 000,084,912 | ---- | M] ()
< %userprofile%\*.exe >
< %userprofile%\*.txt >
< %userprofile%\*.ini >
ntuser.ini -> C:\Users\Usuario\ntuser.ini -> [2015/04/08 13:59:48 | 000,000,020 | -HS- | M] ()
< %userprofile%\*.dll >
< End of report >
[/code]

Publicité


Signaler le contenu de ce document

Publicité