cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 03/07/2015 22:31:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Albari\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

7,98 Gb Total Physical Memory | 4,17 Gb Available Physical Memory | 52,25% Memory free
15,96 Gb Paging File | 11,68 Gb Available in Paging File | 73,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 515,24 Gb Free Space | 55,32% Space Free | Partition Type: NTFS
Drive E: | 7,42 Gb Total Space | 7,42 Gb Free Space | 99,97% Space Free | Partition Type: FAT32

Computer Name: ALBARI-SEVEN | User Name: Albari | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/07/03 22:21:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Albari\Desktop\OTL.exe
PRC - [2015/07/03 08:51:40 | 001,690,096 | ---- | M] (GlavSoft LLC.) -- C:\ProgramData\4c9c95ed\221e659e.exe
PRC - [2015/07/03 08:51:39 | 000,371,200 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\ProgramData\4c9c95ed\a9b62535.exe
PRC - [2015/06/26 16:27:22 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/06/25 23:02:17 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/06/19 10:01:24 | 000,866,936 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\30.0.1835.88_0\opera_crashreporter.exe
PRC - [2015/06/19 10:01:22 | 000,866,424 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\30.0.1835.88_0\opera.exe
PRC - [2015/06/12 07:58:00 | 000,173,848 | ---- | M] () -- C:\Users\Albari\AppData\Roaming\NetService\netservice.exe
PRC - [2015/06/03 18:06:12 | 002,754,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/06/03 18:06:06 | 001,893,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015/05/28 00:52:26 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/19 14:46:38 | 002,321,776 | ---- | M] (Acute Angle Solutions Ltd) -- C:\ProgramData\HQtbXPplgKn\DajhADVuqL.exe
PRC - [2014/11/07 04:07:46 | 000,208,928 | ---- | M] (Baidu, Inc.) -- C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
PRC - [2014/11/07 04:07:44 | 002,185,248 | ---- | M] (Baidu, Inc.) -- C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe
PRC - [2014/09/29 09:11:56 | 000,546,104 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2014/07/12 09:40:26 | 000,518,968 | ---- | M] (GAS Tecnologia LTDA) -- C:\Program Files (x86)\Diebold\Warsaw\core.exe
PRC - [2014/03/07 19:47:16 | 002,135,232 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013/07/15 11:05:52 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2011/02/23 10:04:40 | 000,126,976 | ---- | M] (Geraldo Brodbeck Software) -- C:\Program Files (x86)\Common Files\gbLock\gbLockMn.exe
PRC - [2011/02/22 21:52:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/07/03 14:15:44 | 001,187,696 | ---- | M] () -- C:\ProgramData\HQtbXPplgKn\dat\axviTd.dll
MOD - [2015/07/03 08:51:27 | 000,157,536 | ---- | M] () -- C:\ProgramData\4c9c95ed\5f353d88.exe
MOD - [2015/07/03 08:51:27 | 000,132,960 | ---- | M] () -- C:\ProgramData\4c9c95ed\09b44cd5.dll
MOD - [2015/07/03 08:51:27 | 000,083,808 | ---- | M] () -- C:\ProgramData\4c9c95ed\63401200.exe
MOD - [2015/06/25 23:02:23 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/06/25 23:02:19 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/06/25 23:02:17 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/06/23 22:31:19 | 015,003,824 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_194.dll
MOD - [2015/06/19 10:01:30 | 001,649,272 | ---- | M] () -- C:\Program Files (x86)\Opera\30.0.1835.88_0\libglesv2.dll
MOD - [2015/06/19 10:01:30 | 000,081,016 | ---- | M] () -- C:\Program Files (x86)\Opera\30.0.1835.88_0\libegl.dll
MOD - [2015/06/03 18:06:11 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2014/11/07 04:08:08 | 000,141,856 | ---- | M] () -- C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\zlib1.dll
MOD - [2014/11/07 04:08:02 | 002,257,952 | ---- | M] () -- C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\skiax.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\ArchVision\RPC Plugin for AutoCAD\rpcACMapp.exe -- (ArchVision Content Manager Service)
SRV:[b]64bit:[/b] - [2015/06/26 13:32:09 | 001,026,944 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV:[b]64bit:[/b] - [2015/06/25 23:02:17 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2015/06/25 23:01:21 | 004,034,896 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2015/06/03 18:06:06 | 001,152,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2015/06/03 18:06:03 | 023,007,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2014/11/20 23:12:40 | 000,244,736 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012/03/29 21:22:10 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2011/02/22 21:52:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe -- (mi-raysat_3dsmax2012_64)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2015/07/03 08:51:40 | 001,690,096 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\ProgramData\4c9c95ed\221e659e.exe -- ({7E41665C-1D21-4BA4-FF85-FD34371E1439})
SRV - [2015/07/03 08:51:39 | 000,371,200 | ---- | M] (The Privoxy team - www.privoxy.org) [Auto | Running] -- C:\ProgramData\4c9c95ed\a9b62535.exe -- ({7D462A9A-51E7-48A3-39C9-FA37F152133A})
SRV - [2015/06/23 22:31:20 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/06/12 07:58:00 | 000,173,848 | ---- | M] () [Auto | Running] -- C:\Users\Albari\AppData\Roaming\NetService\netservice.exe -- (NetTcpHandler)
SRV - [2015/06/03 18:06:06 | 001,893,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015/05/28 00:52:26 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015/05/25 22:12:49 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/19 14:46:38 | 002,321,776 | ---- | M] (Acute Angle Solutions Ltd) [Auto | Running] -- C:\ProgramData\HQtbXPplgKn\DajhADVuqL.exe -- (DajhADVuqL)
SRV - [2014/11/07 04:07:46 | 000,208,928 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe -- (BASSVC)
SRV - [2014/09/29 09:11:56 | 000,546,104 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2014/08/31 12:34:28 | 000,331,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\4c9c95ed\nssm.exe -- (ovpn)
SRV - [2014/07/12 09:40:26 | 000,518,968 | ---- | M] (GAS Tecnologia LTDA) [Auto | Running] -- C:\Program Files (x86)\Diebold\Warsaw\core.exe -- (Warsaw Technology)
SRV - [2014/03/07 19:47:16 | 002,135,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013/06/21 09:53:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/03/29 19:40:53 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2011/02/23 10:04:40 | 000,126,976 | ---- | M] (Geraldo Brodbeck Software) [Auto | Running] -- C:\Program Files (x86)\Common Files\gbLock\gbLockMn.exe -- (gbLockMultiLicenceMonitor)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/06/26 16:27:25 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2015/06/26 13:32:14 | 000,015,920 | ---- | M] (Enigma Software Group USA, LLC.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:[b]64bit:[/b] - [2015/06/26 13:32:11 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:24 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:24 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:24 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:24 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:24 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:24 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2015/06/25 23:02:10 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2015/06/25 23:01:21 | 000,273,824 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2015/06/03 18:06:03 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2015/05/28 04:04:11 | 000,195,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2015/05/19 00:29:01 | 000,046,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2015/02/25 18:14:00 | 000,061,240 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\asfilterdrv.sys -- (asfilterdrv)
DRV:[b]64bit:[/b] - [2015/02/20 10:50:38 | 000,051,520 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ssfilterdrv.sys -- (ssfilterdrv)
DRV:[b]64bit:[/b] - [2015/01/19 09:59:54 | 000,051,504 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gosaferdrv.sys -- (gosaferdrv)
DRV:[b]64bit:[/b] - [2014/11/20 23:40:00 | 018,959,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014/11/20 23:08:54 | 000,589,312 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2014/06/21 14:01:22 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2013/08/22 09:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010/12/30 04:01:08 | 000,392,296 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:[b]64bit:[/b] - [2010/10/19 05:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/13 22:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=mbtkv5&uid=WD-WCAV5U420282_WDCWD10EARS-00Y5B1&tm=1435186694
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv5&uid=WD-WCAV5U420282_WDCWD10EARS-00Y5B1&tm=1435186694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=mbtkv5&uid=WD-WCAV5U420282_WDCWD10EARS-00Y5B1&tm=1435186694
IE - HKLM\..\URLSearchHook: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankest
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankEMENT
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=mbtkv5&uid=WD-WCAV5U420282_WDCWD10EARS-00Y5B1&tm=1435186694
IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "BR"
FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultenginename: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaulturl: "https://br.search.yahoo.com/yhs/search"
FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)"
FF - prefs.js..browser.search.region: "BR"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! (Avast)"
FF - prefs.js..browser.startup.homepage: "https://br.yahoo.com/?fr=hp-avast&type=avastbcl"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.2.0.187
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Albari\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Albari\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Albari\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/uni: C:\Users\Albari\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/15 11:06:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/15 11:06:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/06/25 23:02:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/03/08 13:55:38 | 000,000,000 | ---D | M]

[2013/07/10 16:36:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Extensions
[2013/07/10 16:36:22 | 000,000,000 | ---D | M] (Cool Smiley Bar for Facebook) -- C:\Users\Albari\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
[2013/07/10 16:36:08 | 000,000,000 | ---D | M] (specialsavings) -- C:\Users\Albari\AppData\Roaming\Mozilla\Extensions\specialsavings@SpecialSavings.com
[2013/07/10 16:35:53 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\Albari\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2012/12/26 20:08:33 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Albari\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
[2013/11/21 13:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\extensions
[2012/10/02 19:41:12 | 000,000,000 | ---D | M] (PSafe ClikSeguro) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\extensions\{4c503398-e82e-4e74-b777-cc43aa56492f}
[2012/03/30 11:44:11 | 000,000,000 | ---D | M] (uTorrentBar_PT Community Toolbar) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\extensions\{e0301295-ab3e-4af3-979f-3d453c5f9f48}
[2013/11/21 13:11:34 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\extensions\support@tubedimmerapp.com
[2015/06/26 14:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2015/05/12 15:37:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2014/06/10 17:42:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\jetpack
[2014/06/04 10:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins
[2015/06/29 10:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\52ugvry4.default\extensions
[2014/08/22 10:45:22 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\52ugvry4.default\extensions\abs@avira.com
[2014/04/07 19:36:54 | 000,477,909 | ---- | M] () (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\52ugvry4.default\extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi
[2012/07/31 08:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi
[2012/11/06 13:19:24 | 000,214,034 | ---- | M] () (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\putlockerdownloader@putlockerdownloader.com.xpi
[2014/04/07 19:36:54 | 000,477,909 | ---- | M] () (No name found) -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi
[2015/06/29 10:36:55 | 000,009,413 | ---- | M] () -- C:\Users\Albari\AppData\Roaming\Mozilla\Firefox\Profiles\52ugvry4.default\searchplugins\yahoo-avast.xml
[2014/06/04 12:33:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2015/06/29 10:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015/06/29 10:35:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/06/25 23:02:31 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/10/01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2014/06/15 11:24:49 | 000,002,454 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\generic_search.xml
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.4.233_0\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh\2.3.0.43_0\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.4.233_0\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.4.233_0\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh\2.3.0.43_0\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Albari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.4.233_0\

O1 HOSTS File: ([2015/06/25 20:14:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..\Toolbar\WebBrowser: (no name) - {41545534-0076-A76A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..\Toolbar\WebBrowser: (no name) - {4C503398-E82E-4E74-B777-CC43AA56492F} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [{7D2C68B2-13CF-48C9-118B-9037D910793A}] C:\ProgramData\4c9c95ed\5f353d88.exe ()
O4 - HKLM..\Run: [{7D68206D-5B10-488D-CEC3-D43706583D3A}] C:\ProgramData\4c9c95ed\63401200.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 189
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([bankline] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([clickbanking] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([guardiao] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([www] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itaupersonnalite.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([bankline] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([clickbanking] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([guardiao] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([www] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itaupersonnalite.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([bankline] * in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([bankline] https in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([clickbanking] * in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([clickbanking] https in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([guardiao] * in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([guardiao] https in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itau.com.br ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-3478686400-390552964-1615543045-1000\..Trusted Domains: itaupersonnalite.com.br ([www] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2BAB680-B055-4D37-95D5-C2B29F6747E1}: DhcpNameServer = 200.195.159.105 200.195.159.104
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~3\4c9c95ed\f6f9e163.dll) - C:\ProgramData\4c9c95ed\f6f9e163.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~3\4c9c95ed\09b44cd5.dll) - C:\ProgramData\4c9c95ed\09b44cd5.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Program Files (x86)\GbPlugin\gbiehUni.dll) - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/06/29 17:13:44 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2015/06/26 13:32:57 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/07/03 22:21:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Albari\Desktop\OTL.exe
[2015/07/03 08:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Radio
[2015/07/03 08:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\4c9c95ed
[2015/07/01 11:46:35 | 000,000,000 | ---D | C] -- C:\Users\Albari\Desktop\Pendriwe 01 07 15
[2015/06/30 22:24:20 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
[2015/06/30 22:24:19 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Local\Aplicativo Itau
[2015/06/30 11:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2015/06/30 11:33:24 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Local\SafeWeb
[2015/06/29 17:35:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk
[2015/06/29 10:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/06/29 10:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\95f9e0e3
[2015/06/26 15:57:50 | 221,064,696 | ---- | C] (Symantec Corporation) -- C:\Users\Albari\Desktop\586-21(1).1
[2015/06/26 15:55:03 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WInternetEn
[2015/06/26 15:54:46 | 221,064,696 | ---- | C] (Symantec Corporation) -- C:\Users\Albari\Desktop\586-21.1
[2015/06/26 14:58:08 | 000,040,664 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2015/06/26 14:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
[2015/06/26 13:32:41 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\Enigma Software Group
[2015/06/26 13:32:34 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2015/06/26 13:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2015/06/25 23:09:24 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\AVAST Software
[2015/06/25 23:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015/06/25 23:03:22 | 000,137,288 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/06/25 23:03:12 | 000,442,264 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswsp.sys
[2015/06/25 23:03:06 | 000,089,944 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/06/25 23:02:59 | 000,093,528 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/06/25 23:02:47 | 001,047,320 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/06/25 23:02:43 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015/06/25 23:02:20 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015/06/25 22:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015/06/25 22:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2015/06/25 20:15:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/06/25 20:06:54 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2015/06/24 19:29:14 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\RunDir
[2015/06/24 19:29:14 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\NetService
[2015/06/20 10:04:57 | 000,000,000 | ---D | C] -- C:\Users\Albari\Desktop\Dieta ANA
[2015/06/19 16:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Keyboard Installer
[2015/06/18 16:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alfasistem Memory
[2015/06/17 17:45:54 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Local\{CE1C1725-06A3-459F-B0E9-6908B579F2EB}
[2015/06/17 15:48:56 | 000,000,000 | ---D | C] -- C:\Installation Files
[2015/06/15 18:48:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Flash
[2015/06/15 16:56:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\PC Faster
[2015/06/15 16:56:21 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
[2015/06/15 16:56:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MaxComputerCleaner_v35.745
[2015/06/15 16:56:10 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\CalendarTool
[2015/06/15 16:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CalendarTool
[2015/06/15 16:56:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Guid
[2015/06/15 16:55:46 | 000,000,000 | ---D | C] -- C:\Users\Albari\AppData\Roaming\FEFEFEFE-1434398146-FEFE-FEFE-FEFEFEFEFEFE
[2015/06/04 07:42:43 | 000,000,000 | ---D | C] -- C:\Users\Albari\Desktop\ENSAIO
[2014/01/15 02:15:14 | 000,167,784 | ---- | C] (Baidu, Inc.) -- C:\ProgramData\FileSplitUpLoad.dll
[2012/10/23 20:07:43 | 000,893,496 | ---- | C] (Complitly ) -- C:\Program Files\Common Files\AutoCompleteInstaller-VD.exe
[2012/09/25 14:35:47 | 000,419,554 | ---- | C] (SearchAmong ) -- C:\Users\Albari\AppData\Roaming\satoolbar.exe
[2012/05/05 11:40:11 | 000,887,624 | ---- | C] (Complitly ) -- C:\Program Files (x86)\Common Files\AutoCompleteInstaller-VD.exe
[2012/04/21 13:01:17 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
[2012/04/21 13:01:17 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/07/03 22:31:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/07/03 22:21:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Albari\Desktop\OTL.exe
[2015/07/03 22:20:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3478686400-390552964-1615543045-1000UA.job
[2015/07/03 20:43:17 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3478686400-390552964-1615543045-1000UA.job
[2015/07/03 17:34:04 | 000,014,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/07/03 17:34:04 | 000,014,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/07/03 16:20:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3478686400-390552964-1615543045-1000Core.job
[2015/07/03 14:43:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3478686400-390552964-1615543045-1000Core.job
[2015/07/03 14:14:06 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
[2015/07/03 14:13:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/07/03 14:13:46 | 2133,884,927 | -HS- | M] () -- C:\hiberfil.sys
[2015/07/03 08:51:29 | 000,001,110 | ---- | M] () -- C:\ProgramData\{7D25C039-BB44-48C0-9A23-993752B8703A}
[2015/07/01 11:18:34 | 001,638,038 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/07/01 11:18:34 | 000,706,880 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2015/07/01 11:18:34 | 000,655,392 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/07/01 11:18:34 | 000,147,126 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2015/07/01 11:18:34 | 000,121,734 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/06/30 22:24:20 | 000,002,176 | ---- | M] () -- C:\Users\Albari\Desktop\Itaú.lnk
[2015/06/30 07:09:00 | 005,130,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/06/29 17:35:17 | 000,002,165 | ---- | M] () -- C:\Users\Public\Desktop\DWG TrueView 2016 - English.lnk
[2015/06/29 10:36:55 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/06/28 22:51:17 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/06/28 22:51:17 | 000,000,941 | ---- | M] () -- C:\Users\Albari\Desktop\SpyHunter.lnk
[2015/06/28 22:51:07 | 001,154,471 | ---- | M] () -- C:\Users\Albari\Desktop\Ana E J.V.png
[2015/06/26 16:27:25 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswsp.sys
[2015/06/26 15:59:18 | 221,064,696 | ---- | M] (Symantec Corporation) -- C:\Users\Albari\Desktop\586-21(1).1
[2015/06/26 15:56:12 | 221,064,696 | ---- | M] (Symantec Corporation) -- C:\Users\Albari\Desktop\586-21.1
[2015/06/26 13:32:57 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015/06/26 13:32:11 | 000,022,704 | ---- | M] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2015/06/25 23:02:24 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015/06/25 23:02:24 | 000,272,248 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/06/25 23:02:24 | 000,137,288 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/06/25 23:02:24 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/06/25 23:02:24 | 000,089,944 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/06/25 23:02:24 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/06/25 23:02:24 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/06/25 23:02:20 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015/06/25 23:02:10 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/06/25 20:14:11 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/06/25 16:48:52 | 000,070,144 | ---- | M] () -- C:\Windows\SysWow64\tasks.dll
[2015/06/24 19:48:18 | 000,000,008 | RHS- | M] () -- C:\Users\Albari\ntuser.pol
[2015/06/24 19:48:17 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/06/23 17:14:33 | 000,001,377 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015/06/19 14:47:32 | 004,817,383 | ---- | M] () -- C:\Users\Albari\Desktop\POTY JOÃO FACHADA e FOTO.cdr
[2015/06/17 15:58:41 | 000,001,361 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2015/06/15 17:42:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Number of results
[2015/06/15 16:55:58 | 000,000,000 | ---- | M] () -- C:\Windows\prleth.sys
[2015/06/15 16:55:58 | 000,000,000 | ---- | M] () -- C:\Windows\hgfs.sys
[2015/06/09 14:14:52 | 000,191,349 | ---- | M] () -- C:\Users\Albari\Documents\Banco Itaú Unibanco S.A
[2015/06/09 12:09:15 | 002,702,784 | ---- | M] () -- C:\Users\Albari\Desktop\ESCOLA FELICIO AGUA FRIA 3D.dwg
[2015/06/05 14:48:19 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/06/30 16:07:46 | 004,817,383 | ---- | C] () -- C:\Users\Albari\Desktop\POTY JOÃO FACHADA e FOTO.cdr
[2015/06/29 17:35:17 | 000,002,165 | ---- | C] () -- C:\Users\Public\Desktop\DWG TrueView 2016 - English.lnk
[2015/06/29 10:35:34 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/06/29 10:35:33 | 000,001,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/06/28 22:51:07 | 001,154,471 | ---- | C] () -- C:\Users\Albari\Desktop\Ana E J.V.png
[2015/06/28 22:38:40 | 240,679,607 | ---- | C] () -- C:\Users\Albari\Desktop\DSCN0564.MOV
[2015/06/26 14:58:07 | 000,001,110 | ---- | C] () -- C:\ProgramData\{7D25C039-BB44-48C0-9A23-993752B8703A}
[2015/06/26 13:32:57 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015/06/26 13:32:38 | 000,000,941 | ---- | C] () -- C:\Users\Albari\Desktop\SpyHunter.lnk
[2015/06/26 13:32:11 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2015/06/25 23:04:45 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/06/25 23:03:16 | 000,272,248 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/06/25 23:03:09 | 000,065,736 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/06/25 23:03:02 | 000,029,168 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/06/24 19:48:17 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/06/17 15:58:41 | 000,001,361 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2015/06/17 15:58:39 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
[2015/06/17 15:58:39 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
[2015/06/16 16:48:51 | 000,070,144 | ---- | C] () -- C:\Windows\SysWow64\tasks.dll
[2015/06/15 17:42:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Number of results
[2015/06/15 16:56:21 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
[2015/06/15 16:55:58 | 000,000,000 | ---- | C] () -- C:\Windows\prleth.sys
[2015/06/15 16:55:58 | 000,000,000 | ---- | C] () -- C:\Windows\hgfs.sys
[2015/06/09 14:17:35 | 000,191,349 | ---- | C] () -- C:\Users\Albari\Documents\Banco Itaú Unibanco S.A
[2015/06/09 12:11:34 | 002,702,784 | ---- | C] () -- C:\Users\Albari\Desktop\ESCOLA FELICIO AGUA FRIA 3D.dwg
[2015/06/08 09:20:43 | 042,719,888 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2015/06/08 09:20:43 | 037,741,712 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015/06/08 09:20:43 | 000,030,966 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2015/06/07 17:51:12 | 004,408,727 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2015/06/05 14:48:19 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2015/05/15 17:48:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015/04/30 22:18:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/11/21 16:30:50 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2014/11/21 16:20:18 | 000,000,268 | RH-- | C] () -- C:\Users\Albari\AppData\Roaming\Sci-Fi
[2014/11/21 16:20:18 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2014/11/21 16:20:18 | 000,000,012 | RH-- | C] () -- C:\ProgramData\StartupItems
[2014/11/21 16:19:07 | 000,000,268 | RH-- | C] () -- C:\ProgramData\SingleFiles
[2014/11/21 16:19:07 | 000,000,268 | RH-- | C] () -- C:\Users\Albari\AppData\Roaming\Screen Saver
[2014/11/21 16:19:07 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2014/11/21 16:19:07 | 000,000,012 | RH-- | C] () -- C:\ProgramData\StatusSheet
[2014/11/21 16:19:06 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Scripts Menu
[2014/11/21 16:19:06 | 000,000,268 | RH-- | C] () -- C:\Users\Albari\AppData\Roaming\Sampler Instruments
[2014/11/21 16:19:06 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2014/11/21 16:17:35 | 000,000,268 | RH-- | C] () -- C:\Users\Albari\AppData\Roaming\Spacious
[2014/11/21 16:17:35 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2014/11/21 16:17:35 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Transportation
[2014/11/21 16:17:35 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Standard
[2014/11/20 23:33:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/11/20 23:33:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/11/20 23:16:24 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/11/20 23:16:24 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/11/12 20:10:38 | 000,720,082 | ---- | C] () -- C:\Users\Albari\AppData\Roaming\unins000.exe
[2014/11/12 20:10:38 | 000,015,984 | ---- | C] () -- C:\Users\Albari\AppData\Roaming\unins000.dat
[2014/10/28 17:29:54 | 000,000,020 | ---- | C] () -- C:\ProgramData\bc.ini
[2014/07/09 14:16:06 | 000,001,106 | ---- | C] () -- C:\Users\Albari\Documentos - Atalho.lnk
[2014/06/23 19:01:59 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2014/06/23 19:01:59 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014/06/23 19:01:56 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014/06/23 19:01:51 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2014/06/23 19:01:51 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2014/06/23 19:01:51 | 000,001,995 | ---- | C] () -- C:\Windows\unins000.dat
[2014/05/28 20:16:36 | 000,000,027 | ---- | C] () -- C:\Users\Albari\.mjsync_pt_BR
[2014/01/24 07:01:28 | 000,000,239 | ---- | C] () -- C:\Windows\SysWow64\qqsserver.ini
[2014/01/17 13:27:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/17 13:27:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/17 13:27:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/17 13:27:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/17 13:27:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/04 11:53:31 | 142,848,334 | ---- | C] () -- C:\Users\Albari\AppData\Local\ACCCx2_3_0_322.zip.aamdownload
[2014/01/04 11:53:31 | 000,001,796 | ---- | C] () -- C:\Users\Albari\AppData\Local\ACCCx2_3_0_322.zip.aamdownload.aamd
[2013/12/27 13:45:02 | 000,000,115 | ---- | C] () -- C:\Users\Albari\AppData\Roaming\WB.CFG
[2013/09/27 14:51:05 | 000,000,485 | ---- | C] () -- C:\Windows\Pan Viewer.INI
[2013/08/30 16:41:25 | 001,883,513 | ---- | C] () -- C:\Users\Albari\COLÉGIO SANTANA.dwg
[2013/08/13 14:27:29 | 000,131,072 | R--- | C] () -- C:\Windows\SysWow64\P2SODBC.DLL
[2013/08/13 14:27:29 | 000,054,272 | R--- | C] () -- C:\Windows\SysWow64\P2IRDAO.DLL
[2013/08/13 14:27:29 | 000,050,176 | R--- | C] () -- C:\Windows\SysWow64\P2CTDAO.DLL
[2013/08/13 14:27:28 | 000,036,352 | R--- | C] () -- C:\Windows\SysWow64\P2BBND.DLL
[2013/08/13 14:27:28 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\IMPLODE.DLL
[2013/08/13 14:27:26 | 000,748,160 | ---- | C] () -- C:\Windows\SysWow64\CO2C40EN.DLL
[2013/08/13 13:46:42 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\actvobj.dll
[2013/08/13 13:46:42 | 000,000,269 | ---- | C] () -- C:\Windows\tilestyle.ini
[2013/08/13 13:46:42 | 000,000,235 | ---- | C] () -- C:\Windows\tsviewer.ini
[2013/08/13 13:46:42 | 000,000,136 | ---- | C] () -- C:\Windows\tile2d.ini
[2013/08/01 19:29:00 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\vcexts.sys
[2013/04/30 21:43:52 | 000,000,008 | RHS- | C] () -- C:\Users\Albari\ntuser.pol
[2013/04/24 18:41:37 | 000,014,092 | ---- | C] () -- C:\Users\Albari\Serviços - Copel.htm
[2013/01/22 11:43:47 | 000,009,728 | ---- | C] () -- C:\Users\Albari\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/24 13:59:12 | 000,004,096 | -H-- | C] () -- C:\Users\Albari\AppData\Local\keyfile3.drm
[2012/05/07 09:41:48 | 000,001,201 | ---- | C] () -- C:\ProgramData\msn.gif

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 22:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 22:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 22:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
"DefaultConnectionSettings" = 46 00 00 00 D2 1E 00 00 01 00 00 00 0E 00 00 00 31 32 37 2E 30 2E 30 2E 31 3A 38 31 31 38 07 00 00 00 3C 6C 6F 63 61 6C 3E 00 00 00 00 01 00 00 00 00 00 00 00 A0 AB DF CF B3 B5 D0 01 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F1 C3 15 5C 34 8C 1A BC 0B 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F9 CF E6 42 DB F4 C1 3E 0D 00 00 00 00 00 00 00 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F1 C3 15 5C 34 8C 1A BC 0B 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F9 CF E6 42 DB F4 C1 3E 0D 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF FF 0A 16 02 B7 00 00 00 00 00 00 00 00 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF FF C0 A8 01 0B 00 00 00 00 00 00 00 00 02 00 00 00 C0 A8 01 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F 00 00 1F 5A 15 00 00 88 BF 28 00 28 61 27 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 07 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 36 20 73 01 00 00 00 00 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 0A 16 02 B7 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A 00 00 0A 45 15 00 00 48 D9 26 00 D8 19 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 B9 C2 00 00 01 00 00 00 0E 00 00 00 31 32 37 2E 30 2E 30 2E 31 3A 38 31 31 38 07 00 00 00 3C 6C 6F 63 61 6C 3E 00 00 00 00 01 00 00 00 00 00 00 00 A0 AB DF CF B3 B5 D0 01 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F1 C3 15 5C 34 8C 1A BC 0B 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F9 CF E6 42 DB F4 C1 3E 0D 00 00 00 00 00 00 00 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F1 C3 15 5C 34 8C 1A BC 0B 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 F9 CF E6 42 DB F4 C1 3E 0D 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF FF 0A 16 02 B7 00 00 00 00 00 00 00 00 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF FF C0 A8 01 0B 00 00 00 00 00 00 00 00 02 00 00 00 C0 A8 01 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F 00 00 1F 5A 15 00 00 88 BF 28 00 28 61 27 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 07 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 36 20 73 01 00 00 00 00 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 0A 16 02 B7 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A 00 00 0A 45 15 00 00 48 D9 26 00 D8 19 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< End of report >

Publicité


Signaler le contenu de ce document

Publicité