cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 03/09/2015 22:04:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Francisco\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

5,90 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 67,21% Memory free
11,81 Gb Paging File | 9,74 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 675,02 Gb Total Space | 192,53 Gb Free Space | 28,52% Space Free | Partition Type: NTFS
Drive F: | 9,76 Gb Total Space | 5,86 Gb Free Space | 60,06% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Francisco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/09/03 22:03:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Francisco\Downloads\OTL.exe
PRC - [2015/08/27 21:17:48 | 000,815,944 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/05/11 16:57:30 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files (x86)\Avast\avastui.exe
PRC - [2015/04/23 16:55:41 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files (x86)\Avast\AvastSvc.exe
PRC - [2014/11/20 18:44:38 | 000,438,464 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2014/11/20 18:44:26 | 000,359,104 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2014/11/20 18:44:26 | 000,114,368 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\vmware\VMware Workstation\vmware-tray.exe
PRC - [2014/11/20 17:47:06 | 000,087,744 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2014/09/29 10:11:56 | 000,546,104 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2014/09/12 06:43:38 | 003,499,920 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2013/12/03 09:59:32 | 001,168,960 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2012/04/22 20:56:44 | 000,077,824 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2012/03/08 19:47:18 | 000,159,360 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/08/27 21:17:47 | 016,393,032 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
MOD - [2015/08/27 21:17:45 | 001,501,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
MOD - [2015/08/27 21:17:44 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
MOD - [2015/04/23 16:55:44 | 040,540,672 | ---- | M] () -- C:\Program Files (x86)\Avast\libcef.dll
MOD - [2015/04/23 16:55:43 | 000,104,400 | ---- | M] () -- C:\Program Files (x86)\Avast\log.dll
MOD - [2015/04/23 16:55:43 | 000,104,400 | ---- | M] () -- C:\PROGRA~2\Avast\log.dll
MOD - [2015/04/23 16:55:42 | 000,081,728 | ---- | M] () -- C:\Program Files (x86)\Avast\JsonRpcServer.dll
MOD - [2015/04/23 16:55:42 | 000,081,728 | ---- | M] () -- C:\PROGRA~2\Avast\JsonRpcServer.dll
MOD - [2012/09/23 20:44:16 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pt_br\acrotray.ptb


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/07/14 03:32:44 | 002,765,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:[b]64bit:[/b] - [2015/02/19 23:35:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/01 18:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2014/09/06 10:56:26 | 000,847,160 | ---- | M] (GAS Tecnologia LTDA) [Disabled | Stopped] -- C:\Program Files\Diebold\Warsaw\core.exe -- (Warsaw Technology)
SRV:[b]64bit:[/b] - [2014/03/07 10:47:48 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe -- (CxUtilSvc)
SRV:[b]64bit:[/b] - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/11/08 07:32:34 | 000,126,856 | ---- | M] (HP) [Disabled | Stopped] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:[b]64bit:[/b] - [2012/03/26 02:14:18 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/06/16 09:52:20 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/05/01 17:26:40 | 001,045,256 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2015/04/23 16:55:41 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files (x86)\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015/04/23 16:55:35 | 004,034,896 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files (x86)\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015/02/18 20:51:18 | 000,835,776 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/12/17 12:51:44 | 000,335,360 | ---- | M] (Company) [Disabled | Stopped] -- C:\Program Files (x86)\Popcorn Time\Updater.exe -- (Update service)
SRV - [2014/11/20 18:44:38 | 000,438,464 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2014/11/20 18:44:26 | 000,359,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2014/11/20 18:20:10 | 012,730,560 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2014/11/20 17:47:06 | 000,087,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2014/11/18 08:04:04 | 000,912,576 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2014/09/29 10:11:56 | 000,546,104 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2014/03/20 19:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/03 09:59:32 | 001,168,960 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/04/22 20:56:44 | 000,077,824 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/03/19 08:14:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/08 19:47:18 | 000,159,360 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/03/08 19:25:30 | 000,107,648 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/01/21 13:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/21 13:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/21 00:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/21 00:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/21 00:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2001/04/20 18:27:40 | 000,002,016 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papycpu2.sys -- (papycpu2)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/06/26 16:57:21 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2015/06/18 08:41:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2015/06/18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:45 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:45 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:45 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:44 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:44 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:44 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2015/04/23 16:55:38 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2015/04/06 23:18:22 | 000,060,920 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\adgnetworktdidrv.sys -- (adgnetworktdidrv)
DRV:[b]64bit:[/b] - [2015/02/19 21:26:58 | 000,270,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2015/01/23 09:42:12 | 000,133,088 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2015/01/16 11:17:44 | 000,284,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2014/12/03 10:25:40 | 000,058,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:[b]64bit:[/b] - [2014/11/20 18:44:38 | 000,066,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:[b]64bit:[/b] - [2014/11/20 18:44:38 | 000,026,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:[b]64bit:[/b] - [2014/11/20 18:44:20 | 000,048,832 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:[b]64bit:[/b] - [2014/11/20 18:44:20 | 000,028,864 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:[b]64bit:[/b] - [2014/11/18 21:42:04 | 000,203,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2014/11/18 08:04:10 | 000,055,488 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:[b]64bit:[/b] - [2014/11/18 08:04:00 | 000,046,144 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:[b]64bit:[/b] - [2014/11/17 17:38:42 | 000,076,480 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:[b]64bit:[/b] - [2014/08/28 20:47:24 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2014/06/18 20:03:34 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:[b]64bit:[/b] - [2014/06/18 20:03:20 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2014/03/07 10:47:46 | 001,604,736 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2013/12/03 09:54:50 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:[b]64bit:[/b] - [2013/12/03 09:54:48 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:[b]64bit:[/b] - [2013/11/29 16:43:00 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2013/10/08 18:21:06 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:[b]64bit:[/b] - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2012/08/24 04:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012/08/10 07:56:21 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/08/10 07:56:17 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012/08/10 07:56:17 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:56 | 002,808,832 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:56 | 000,036,608 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\leath_hid.sys -- (lehidmini)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:54 | 000,551,552 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:54 | 000,281,472 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:54 | 000,168,064 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:54 | 000,030,848 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2012/05/08 03:15:52 | 000,052,352 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (AthDfu)
DRV:[b]64bit:[/b] - [2012/03/27 21:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/03/27 21:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/03/27 21:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/03/26 02:56:40 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012/03/26 01:21:16 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012/03/19 20:45:54 | 000,032,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:[b]64bit:[/b] - [2012/03/19 08:32:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:[b]64bit:[/b] - [2012/03/19 08:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/03/14 07:42:50 | 000,201,008 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/03/08 19:35:24 | 000,068,736 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2012/03/08 19:34:24 | 000,036,480 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2012/03/08 19:33:48 | 000,111,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2012/03/08 19:33:30 | 000,340,096 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2012/02/01 20:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2012/02/01 14:59:38 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:[b]64bit:[/b] - [2011/12/05 19:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/11/29 14:36:22 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/06/16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:[b]64bit:[/b] - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 00:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:[b]64bit:[/b] - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/06/17 08:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV:[b]64bit:[/b] - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2015/04/23 16:55:35 | 000,273,824 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files (x86)\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2001/04/20 18:27:40 | 000,002,016 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papycpu2.sys -- (papycpu2)
DRV - [1998/09/04 12:32:22 | 000,001,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\papycpu.sys -- (papycpu)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{11E7BE34-E283-D08D-3BE0-13759BB2F657}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://search.b1.org/?bsrc=hmior&chid=c167991
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://search.b1.org/?bsrc=hmior&chid=c167991
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/uni: C:\Users\Francisco\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files (x86)\Avast\WebRep\FF [2015/04/23 16:55:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015/06/20 20:46:15 | 000,000,000 | ---D | M]

[2014/04/19 15:11:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Francisco\AppData\Roaming\Mozilla\Firefox\Profiles\t4aqzofd.default\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.0.0.0_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg\3.7.1_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Francisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015/06/11 08:39:20 | 000,000,822 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files (x86)\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files (x86)\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files (x86)\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [{90120000-006E-0409-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [{90120000-006E-0409-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O7 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O8:[b]64bit:[/b] - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([bankline] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([clickbanking] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([guardiao] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([www] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itau.com.br ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: itaupersonnalite.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([bankline] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([clickbanking] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([guardiao] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itau.com.br ([www] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: itaupersonnalite.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: dell.com ([]* in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.b.br ([]* in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.com.br ([]* in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.com.br ([clickbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itau.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-1901085422-2058718500-1197800648-1000\..Trusted Domains: itaupersonnalite.com.br ([www] http in Sites confiáveis)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF0CC49E-7C0A-462D-9038-7FF9DFCAD4F6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5AFFED8-DE55-4D8E-80AE-6A02BA6D0F27}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Program Files (x86)\GbPlugin\gbiehUni.dll) - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{af9de093-6f00-11e4-af17-e006e6de1362}\Shell - "" = AutoRun
O33 - MountPoints2\{af9de093-6f00-11e4-af17-e006e6de1362}\Shell\AutoRun\command - "" = H:\LGAutoRun.exe
O33 - MountPoints2\{cea9c736-5dc9-11e4-b275-e006e6de1362}\Shell - "" = AutoRun
O33 - MountPoints2\{cea9c736-5dc9-11e4-b275-e006e6de1362}\Shell\AutoRun\command - "" = I:\SISetup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\gateway.exe
O33 - MountPoints2\E\Shell\installit\command - "" = E:\setup.exe
O33 - MountPoints2\E\Shell\readit\command - "" = notepad readme.txt
O33 - MountPoints2\E\Shell\regit\command - "" = E:\.\regit.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\dvdcheck.exe
O33 - MountPoints2\F\Shell\directx\command - "" = DirectX9\dxsetup.exe
O33 - MountPoints2\F\Shell\setup\command - "" = F:\setup.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\autorun.exe
O34 - HKLM BootExecute: ( )
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/03 21:23:23 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Malwarebytes Anti-Malware Premium 2.0.2.1012 Final + Keys [ATOM]
[2015/09/03 21:11:19 | 000,113,880 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/09/03 21:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/09/03 21:10:59 | 000,109,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/09/03 21:10:59 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/09/03 21:10:59 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/09/03 21:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/09/03 21:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/08/31 20:53:31 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Nova pasta (3)
[2015/08/31 20:50:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paint.Net
[2015/08/31 20:24:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/08/25 21:35:42 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Documents\Modelos Personalizados do Office
[2015/08/25 20:38:28 | 000,000,000 | --SD | C] -- C:\Users\Francisco\Documents\Minhas fontes de dados
[2015/08/25 20:01:50 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Documents\OneNote Notebooks
[2015/08/25 18:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2015/08/25 18:29:55 | 000,000,000 | R--D | C] -- C:\Users\Francisco\OneDrive
[2015/08/25 18:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2015/08/25 18:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2015/08/25 18:06:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2015/08/25 18:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2015/08/24 10:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nGlide
[2015/08/24 10:13:15 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\FA18G.RiP-LiPE.H
[2015/08/23 13:35:55 | 000,326,144 | ---- | C] (Electronic Arts) -- C:\Windows\SysWow64\Old Copy (6) of EAREMOVE.EXE
[2015/08/23 13:35:55 | 000,325,632 | ---- | C] (Electronic Arts) -- C:\Windows\SysWow64\temp.005
[2015/08/23 13:12:12 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\JanesTools
[2015/08/21 21:35:43 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Nova pasta (4)
[2015/08/21 16:58:09 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\SUBS
[2015/08/21 10:30:58 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\EVEN
[2015/08/19 00:56:39 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Nova pasta (2)
[2015/08/19 00:50:23 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Nova pasta
[2015/08/18 16:34:33 | 000,359,104 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2015/08/18 16:34:28 | 000,438,464 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2015/08/18 16:34:28 | 000,026,816 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2015/08/18 16:33:10 | 000,046,144 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmusb.sys
[2015/08/05 14:40:12 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\JogosS
[2015/08/05 12:13:44 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Tools
[2015/08/05 12:01:39 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\EnglishRosettaStone
[2015/08/05 11:29:49 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Alternativa
[2015/08/05 11:27:11 | 000,000,000 | ---D | C] -- C:\Users\Francisco\Desktop\Movies
[2014/01/15 02:15:14 | 000,167,784 | ---- | C] (Baidu, Inc.) -- C:\ProgramData\FileSplitUpLoad.dll
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/03 21:55:50 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/03 21:55:50 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/03 21:47:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/03 21:45:14 | 000,001,302 | ---- | M] () -- C:\Users\Francisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2015/09/03 21:45:13 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2015/09/03 21:45:13 | 000,001,198 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2015/09/03 21:45:13 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2015/09/03 21:45:13 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/09/03 21:44:07 | 000,001,806 | ---- | M] () -- C:\Users\Francisco\Desktop\X-Plane.exe - Atalho.lnk
[2015/09/03 21:44:07 | 000,001,549 | ---- | M] () -- C:\Users\Francisco\Desktop\Área de Trabalho - Atalho.lnk
[2015/09/03 21:44:06 | 000,013,209 | ---- | M] () -- C:\Users\Francisco\Desktop\Windows Defender - Atalho.lnk
[2015/09/03 21:44:06 | 000,002,193 | ---- | M] () -- C:\Users\Francisco\Desktop\Itaú.lnk
[2015/09/03 21:44:06 | 000,002,187 | ---- | M] () -- C:\Users\Francisco\Desktop\Assistente Pimaco +.lnk
[2015/09/03 21:44:06 | 000,001,738 | ---- | M] () -- C:\Users\Francisco\Desktop\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
[2015/09/03 21:44:06 | 000,001,287 | ---- | M] () -- C:\Users\Francisco\Desktop\Roaming - Atalho.lnk
[2015/09/03 21:44:06 | 000,001,163 | ---- | M] () -- C:\Users\Francisco\Desktop\Jogos - Atalho.lnk
[2015/09/03 21:44:06 | 000,000,969 | ---- | M] () -- C:\Users\Francisco\Desktop\Steam.lnk
[2015/09/03 21:44:06 | 000,000,833 | ---- | M] () -- C:\Users\Francisco\Desktop\LGMobile Support Tool.lnk
[2015/09/03 21:13:14 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/09/03 20:43:25 | 000,007,596 | ---- | M] () -- C:\Users\Francisco\AppData\Local\Resmon.ResmonCfg
[2015/09/01 18:11:49 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/01 18:11:49 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/01 18:11:49 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/31 20:45:19 | 003,657,529 | ---- | M] () -- C:\Users\Francisco\Desktop\Paint.NET.3.5.5.Install.zip
[2015/08/30 10:14:00 | 001,821,394 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/08/30 10:14:00 | 000,775,666 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2015/08/30 10:14:00 | 000,719,182 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/08/30 10:14:00 | 000,171,966 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2015/08/30 10:14:00 | 000,144,826 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/08/25 19:22:53 | 000,448,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/08/24 10:58:03 | 000,060,808 | ---- | M] () -- C:\Windows\SysWow64\nglide_uninst.exe
[2015/08/23 13:37:09 | 000,000,000 | ---- | M] () -- C:\Windows\SETUP.INI
[2015/08/23 13:37:00 | 000,099,075 | ---- | M] () -- C:\Windows\SysWow64\EA5.UIL
[2015/08/23 13:35:55 | 000,325,632 | ---- | M] (Electronic Arts) -- C:\Windows\SysWow64\temp.005
[2015/08/23 13:35:55 | 000,325,632 | ---- | M] (Electronic Arts) -- C:\Windows\SysWow64\EAREMOVE.EXE
[2015/08/21 21:31:54 | 000,000,286 | ---- | M] () -- C:\Windows\EReg072.dat
[2015/08/21 21:31:24 | 000,298,862 | ---- | M] () -- C:\Windows\SysWow64\EA6.UIL
[2015/08/21 21:31:18 | 000,326,144 | ---- | M] (Electronic Arts) -- C:\Windows\SysWow64\Old Copy (6) of EAREMOVE.EXE
[2015/08/21 21:31:18 | 000,132,096 | ---- | M] (Electronic Arts) -- C:\Windows\SysWow64\EAEXEC.EXE
[2015/08/18 23:42:37 | 000,000,367 | ---- | M] () -- C:\Users\Francisco\Documents\Computador - Atalho.lnk
[2015/08/11 16:42:33 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2015/08/08 19:45:59 | 000,000,386 | ---- | M] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2015/08/06 11:42:01 | 000,906,366 | ---- | M] () -- C:\Users\Francisco\Desktop\Logo Eztec.rtf
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/03 21:11:02 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/08/31 20:51:45 | 000,001,204 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2015/08/31 20:51:45 | 000,001,198 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2015/08/31 20:42:31 | 003,657,529 | ---- | C] () -- C:\Users\Francisco\Desktop\Paint.NET.3.5.5.Install.zip
[2015/08/25 20:01:49 | 000,001,302 | ---- | C] () -- C:\Users\Francisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2015/08/25 18:29:56 | 000,002,180 | ---- | C] () -- C:\Users\Francisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2015/08/23 13:37:09 | 000,000,000 | ---- | C] () -- C:\Windows\SETUP.INI
[2015/08/23 13:35:54 | 000,099,075 | ---- | C] () -- C:\Windows\SysWow64\EA5.UIL
[2015/08/21 21:31:54 | 000,000,286 | ---- | C] () -- C:\Windows\EReg072.dat
[2015/08/21 21:30:09 | 000,298,862 | ---- | C] () -- C:\Windows\SysWow64\EA6.UIL
[2015/08/18 23:42:37 | 000,000,367 | ---- | C] () -- C:\Users\Francisco\Documents\Computador - Atalho.lnk
[2015/08/18 16:32:15 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2015/08/16 11:38:12 | 000,217,048 | ---- | C] () -- C:\Users\Francisco\Desktop\Install Guide.pdf
[2015/08/14 10:49:32 | 670,615,552 | ---- | C] () -- C:\Users\Francisco\Desktop\F15_V102_.iso
[2015/08/14 10:00:08 | 000,001,163 | ---- | C] () -- C:\Users\Francisco\Desktop\Jogos - Atalho.lnk
[2015/08/06 11:41:20 | 000,906,366 | ---- | C] () -- C:\Users\Francisco\Desktop\Logo Eztec.rtf
[2015/05/06 16:40:23 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\drivers\vwifikerneldrv.sys
[2015/05/06 16:40:23 | 000,000,260 | ---- | C] () -- C:\ProgramData\fontcacheev1.dat
[2015/04/22 19:26:47 | 000,320,053 | ---- | C] () -- C:\ProgramData\1429741288.bdinstall.bin
[2015/04/22 19:26:20 | 000,049,276 | ---- | C] () -- C:\ProgramData\1429741557.bdinstall.bin
[2015/04/22 10:50:11 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/04/17 11:33:30 | 000,000,048 | ---- | C] () -- C:\Windows\wpd99.drv
[2015/03/30 16:36:38 | 000,004,608 | ---- | C] () -- C:\Users\Francisco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/02/24 13:51:21 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2015/02/04 20:34:22 | 000,720,082 | ---- | C] () -- C:\Users\Francisco\AppData\Roaming\unins000.exe
[2015/01/06 12:56:21 | 000,031,780 | ---- | C] () -- C:\Users\Francisco\AppData\Roaming\unins001.dat
[2014/12/27 00:22:28 | 000,000,000 | ---- | C] () -- C:\Users\Francisco\.JarClassLoader
[2014/12/27 00:17:52 | 000,000,320 | ---- | C] () -- C:\Users\Francisco\fsoinstaller.properties
[2014/12/26 19:09:31 | 000,000,227 | ---- | C] () -- C:\ProgramData\bc.ini
[2014/11/24 07:57:53 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2014/11/20 23:33:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/11/20 23:33:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/11/18 08:17:09 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2014/11/18 08:17:09 | 000,002,412 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2014/10/01 18:54:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/08/06 10:52:43 | 000,046,639 | ---- | C] () -- C:\Users\Francisco\AppData\Roaming\unins000.dat
[2014/04/29 10:25:22 | 000,000,140 | ---- | C] () -- C:\Windows\REC-NET.INI
[2014/04/05 21:14:10 | 000,060,808 | ---- | C] () -- C:\Windows\SysWow64\nglide_uninst.exe
[2014/03/22 18:06:44 | 000,000,004 | -H-- | C] () -- C:\Windows\SysWow64\WINSYS.DAT
[2014/03/06 20:18:59 | 000,000,286 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/06 19:15:48 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/06 19:15:47 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2014/02/15 10:20:56 | 000,000,050 | ---- | C] () -- C:\Users\Francisco\ireportte Pimaco +.location
[2014/02/01 13:59:26 | 000,002,198 | ---- | C] () -- C:\Users\Francisco\config.xml
[2014/01/23 20:46:34 | 000,002,016 | ---- | C] () -- C:\Windows\SysWow64\drivers\papycpu2.sys
[2014/01/23 20:46:34 | 000,001,984 | ---- | C] () -- C:\Windows\SysWow64\drivers\papycpu.sys
[2014/01/23 20:46:34 | 000,001,888 | ---- | C] () -- C:\Windows\SysWow64\drivers\papyjoy.sys
[2013/12/29 21:22:03 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/12/19 21:39:13 | 000,000,029 | ---- | C] () -- C:\Windows\SysWow64\config.ini
[2013/07/23 18:44:07 | 000,007,596 | ---- | C] () -- C:\Users\Francisco\AppData\Local\Resmon.ResmonCfg
[2013/07/21 16:59:32 | 000,000,295 | ---- | C] () -- C:\Users\Francisco\.openev
[2013/03/25 21:57:46 | 000,000,073 | ---- | C] () -- C:\Users\Francisco\AppData\Local\X-Plane_drm.prf
[2013/03/23 17:13:02 | 000,000,080 | ---- | C] () -- C:\Users\Francisco\AppData\Local\X-Plane Installer.prf
[2013/01/05 23:23:31 | 001,426,411 | ---- | C] () -- C:\Users\Francisco\AppData\Local\Tempmusic.ogg

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/08/31 13:58:52 | 000,000,042 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1901085422-2058718500-1197800648-1000\$RA2ZIJD.pdf_files\l
[2015/05/28 11:11:52 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1901085422-2058718500-1197800648-1000\$RKN37KB\TerraSync\Airports\L
[2015/05/28 11:12:16 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1901085422-2058718500-1197800648-1000\$RKN37KB\TerraSync\Airports\N
[2015/05/28 11:11:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1901085422-2058718500-1197800648-1000\$RKN37KB\TerraSync\Airports\L\L
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/06/14 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/06/14 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/06/14 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\DefaultAppPool\AppData\Roaming\TuneUp Software
[2014/04/14 16:02:27 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\(94-71-AC-23-0B-A3)
[2014/11/19 18:43:37 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\(F8-A9-D0-CE-F0-8C)
[2013/01/19 10:26:56 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\.minecraft
[2015/08/21 22:45:27 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\.techniclauncher
[2015/04/16 19:47:55 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\AquaNox
[2014/12/03 09:35:13 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\AtomPark
[2013/05/05 18:37:44 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Auslogics
[2014/04/21 13:32:56 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Autodesk
[2015/04/23 16:58:38 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\AVAST Software
[2014/11/23 19:55:34 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\AVG
[2015/04/23 14:25:01 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\AVG2015
[2013/04/09 20:27:56 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\B1Toolbar
[2014/12/20 01:05:43 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\baidu
[2013/06/01 12:49:47 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Baidu Security
[2013/06/20 20:23:12 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Blio
[2015/07/18 15:51:28 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\BSplayer PRO
[2014/08/02 16:51:57 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2015/04/23 18:42:18 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Dropbox
[2014/11/20 11:31:12 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Eszett_Solutions
[2012/08/14 11:02:57 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Fingertapps
[2014/10/14 17:26:10 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Flight1
[2015/05/20 15:08:22 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\flightgear.org
[2012/09/04 19:21:05 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\fltk.org
[2013/07/10 23:12:16 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\GetRightToGo
[2013/06/13 21:18:25 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\HiFi
[2015/02/24 08:40:17 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\HSAR
[2015/04/18 11:46:02 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\iolo
[2014/01/21 22:28:57 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\ioloGovernor
[2015/01/23 10:11:44 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\LG Electronics
[2014/12/26 16:17:33 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\library_dir
[2014/03/13 17:11:32 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Lockheed Martin
[2012/08/14 12:58:44 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\LS
[2014/04/14 15:17:32 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Mipony
[2014/12/24 11:41:12 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\PC App Store
[2015/01/23 10:05:02 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\PCDr
[2015/05/06 16:39:28 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Performix LLC
[2012/09/09 21:09:46 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\PowerISO
[2015/04/22 13:52:28 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\QuickScan
[2013/08/31 18:49:41 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\SoftGrid Client
[2014/07/23 11:57:11 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\SolidDocuments
[2012/09/03 19:49:55 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\Subversion
[2013/12/19 21:21:07 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\ThirdWire
[2015/09/03 21:45:59 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\tixati
[2013/05/27 14:27:31 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\TP
[2013/05/06 14:00:08 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\TuneUp Software
[2013/06/20 00:57:06 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\VS Revo Group
[2014/12/27 23:53:42 | 000,000,000 | ---D | M] -- C:\Users\Francisco\AppData\Roaming\wxlauncher
[2013/06/14 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software
[2014/12/16 20:27:17 | 000,000,000 | ---D | M] -- C:\Users\TEMP.LAPTOP\AppData\Roaming\AVG
[2014/12/16 20:22:48 | 000,000,000 | ---D | M] -- C:\Users\TEMP.LAPTOP\AppData\Roaming\Fingertapps
[2013/06/14 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\TEMP.LAPTOP\AppData\Roaming\TuneUp Software
[2013/06/14 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\Usuário Padrão\AppData\Roaming\TuneUp Software

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

Publicité


Signaler le contenu de ce document

Publicité