cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 28/11/2015 11:22:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rodrigo\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,90 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 29,38% Memory free
7,79 Gb Paging File | 5,61 Gb Available in Paging File | 72,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,79 Gb Total Space | 243,80 Gb Free Space | 35,60% Space Free | Partition Type: NTFS

Computer Name: RODRIGO-PC | User Name: Rodrigo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/11/28 11:18:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rodrigo\Desktop\OTL.exe
PRC - [2015/11/20 19:44:39 | 003,426,504 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
PRC - [2015/11/16 11:03:29 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
PRC - [2015/11/12 16:57:42 | 001,136,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
PRC - [2015/10/30 10:02:38 | 003,815,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgidsagent.exe
PRC - [2015/10/30 09:58:34 | 000,579,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
PRC - [2015/10/30 09:58:16 | 003,826,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgui.exe
PRC - [2015/10/30 00:22:40 | 000,392,872 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/10/19 19:53:04 | 000,339,968 | ---- | M] (Popcorn Time) -- C:\Program Files (x86)\Popcorn Time\Updater.exe
PRC - [2015/10/12 12:08:02 | 022,568,216 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/28 10:55:21 | 001,176,576 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._core_.pyd
MOD - [2015/11/28 10:55:21 | 001,067,008 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._controls_.pyd
MOD - [2015/11/28 10:55:21 | 000,816,128 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._windows_.pyd
MOD - [2015/11/28 10:55:21 | 000,806,400 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._gdi_.pyd
MOD - [2015/11/28 10:55:21 | 000,733,184 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._misc_.pyd
MOD - [2015/11/28 10:55:21 | 000,525,640 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\windows._lib_cacheinvalidation.pyd
MOD - [2015/11/28 10:55:21 | 000,123,392 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._wizard.pyd
MOD - [2015/11/28 10:55:21 | 000,108,544 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32security.pyd
MOD - [2015/11/28 10:55:21 | 000,078,848 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._animate.pyd
MOD - [2015/11/28 10:55:21 | 000,077,312 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\wx._html2.pyd
MOD - [2015/11/28 10:55:21 | 000,035,840 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32process.pyd
MOD - [2015/11/28 10:55:21 | 000,022,528 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32ts.pyd
MOD - [2015/11/28 10:55:21 | 000,017,408 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32profile.pyd
MOD - [2015/11/28 10:55:20 | 001,208,320 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_ssl.pyd
MOD - [2015/11/28 10:55:20 | 000,686,080 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\unicodedata.pyd
MOD - [2015/11/28 10:55:20 | 000,682,496 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\pysqlite2._sqlite.pyd
MOD - [2015/11/28 10:55:20 | 000,364,544 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\pythoncom27.dll
MOD - [2015/11/28 10:55:20 | 000,320,512 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32com.shell.shell.pyd
MOD - [2015/11/28 10:55:20 | 000,167,936 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32gui.pyd
MOD - [2015/11/28 10:55:20 | 000,127,488 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\pyexpat.pyd
MOD - [2015/11/28 10:55:20 | 000,119,808 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32file.pyd
MOD - [2015/11/28 10:55:20 | 000,098,816 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32api.pyd
MOD - [2015/11/28 10:55:20 | 000,070,144 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\usb_ext.pyd
MOD - [2015/11/28 10:55:20 | 000,046,080 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_socket.pyd
MOD - [2015/11/28 10:55:20 | 000,038,912 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32inet.pyd
MOD - [2015/11/28 10:55:20 | 000,036,864 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_psutil_windows.pyd
MOD - [2015/11/28 10:55:20 | 000,025,600 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32pdh.pyd
MOD - [2015/11/28 10:55:20 | 000,024,064 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32pipe.pyd
MOD - [2015/11/28 10:55:20 | 000,020,480 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_yappi.pyd
MOD - [2015/11/28 10:55:20 | 000,018,432 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32event.pyd
MOD - [2015/11/28 10:55:20 | 000,013,824 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\common.time34.pyd
MOD - [2015/11/28 10:55:20 | 000,011,264 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\win32crypt.pyd
MOD - [2015/11/28 10:55:20 | 000,010,240 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\select.pyd
MOD - [2015/11/28 10:55:20 | 000,007,168 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\hashobjs_ext.pyd
MOD - [2015/11/28 10:55:19 | 000,776,704 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_hashlib.pyd
MOD - [2015/11/28 10:55:19 | 000,128,512 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_elementtree.pyd
MOD - [2015/11/28 10:55:19 | 000,110,080 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\pywintypes27.dll
MOD - [2015/11/28 10:55:19 | 000,088,064 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_ctypes.pyd
MOD - [2015/11/28 10:55:19 | 000,027,136 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\Temp\_MEI40282\_multiprocessing.pyd
MOD - [2015/11/20 19:44:39 | 017,604,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
MOD - [2015/11/16 01:17:11 | 040,500,224 | ---- | M] () -- C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2013 -- (RemoteSolverDispatcher)
SRV:[b]64bit:[/b] - [2015/11/21 02:54:53 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/07/22 22:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2009/07/13 23:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015/11/21 11:54:34 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2015/11/21 11:48:31 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2015/11/21 11:48:30 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2015/11/20 19:44:39 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/11/15 13:48:58 | 000,307,456 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Arquivos de Programas\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2015/11/15 13:48:32 | 000,106,952 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Arquivos de Programas\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2015/11/12 16:57:48 | 001,046,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc)
SRV - [2015/10/30 10:02:38 | 003,815,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2015/10/30 09:58:34 | 000,579,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe -- (avgwd)
SRV - [2015/10/30 09:57:48 | 000,595,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\Av\avgamps.exe -- (AvgAMPS)
SRV - [2015/10/30 00:22:54 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/10/19 19:53:04 | 000,339,968 | ---- | M] (Popcorn Time) [Auto | Running] -- C:\Program Files (x86)\Popcorn Time\Updater.exe -- (Update service)
SRV - [2015/06/01 21:00:40 | 000,290,224 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 20:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/09/28 05:25:48 | 000,076,904 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Arquivos de Programas\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2010/11/21 01:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/21 01:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/21 01:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/04/14 08:56:11 | 003,536,896 | ---- | M] (ANSYS, Inc.) [Auto | Running] -- C:\Arquivos de Programas\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe -- (ANSYS, Inc. License Manager)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/11/15 13:34:04 | 000,981,744 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2015/11/15 13:31:49 | 000,402,136 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:[b]64bit:[/b] - [2015/11/15 13:03:37 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2015/11/15 12:52:46 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2015/10/21 16:16:48 | 000,284,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2015/10/21 16:15:02 | 000,255,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2015/10/19 08:03:24 | 000,313,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2015/10/08 07:46:44 | 000,302,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2015/08/20 12:58:04 | 000,298,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2015/08/14 13:24:40 | 000,398,256 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:[b]64bit:[/b] - [2015/08/10 14:32:08 | 000,197,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:[b]64bit:[/b] - [2015/08/10 14:25:40 | 000,042,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2015/06/01 21:00:18 | 005,384,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/03/01 04:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/11/25 01:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:[b]64bit:[/b] - [2011/07/12 12:22:50 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011/05/20 11:15:34 | 000,282,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011/04/23 00:24:38 | 001,438,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2011/02/10 19:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2011/01/12 23:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/11/21 01:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 01:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 01:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010/11/21 01:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 01:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/21 01:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2009/07/13 23:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 23:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 23:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 18:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 18:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 18:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 18:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015/11/15 12:27:15 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009/07/13 23:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF 0E 96 0F AD 1F D1 01 [binary data]
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\..\SearchScopes,DefaultScope = {0B3583F4-428F-498F-876A-8854C68D5EA6}
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\..\SearchScopes\{0B3583F4-428F-498F-876A-8854C68D5EA6}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:19221;https=127.0.0.1:19221

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.cohort: "web.xml"
FF - prefs.js..browser.search.countryCode: "BR"
FF - prefs.js..browser.search.region: "BR"
FF - prefs.js..browser.startup.homepage: "www.uol.com.br"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015/11/19 12:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rodrigo\AppData\Roaming\mozilla\Extensions
[2015/11/19 12:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rodrigo\AppData\Roaming\mozilla\Firefox\Profiles\9dukqicj.default\extensions
[2015/11/19 01:29:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015/11/19 01:29:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_1\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 19:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\Av\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-641191189-1503708342-1043670672-1000..\Run: [CCleaner Monitoring] C:\Backup 1\C\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-641191189-1503708342-1043670672-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-641191189-1503708342-1043670672-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.123.158.18 187.123.158.23 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{513A4577-0EAA-4BE1-BEAD-88E0E3F0924A}: DhcpNameServer = 187.123.158.18 187.123.158.23 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4CD9A4B-3FF1-43BA-A9FA-C23F810018C3}: DhcpNameServer = 187.123.158.18 187.123.158.23
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/11/28 11:18:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Rodrigo\Desktop\OTL.exe
[2015/11/28 00:13:33 | 000,055,632 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\mk.exe
[2015/11/26 17:48:34 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Oracle
[2015/11/26 17:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Crystal Ball
[2015/11/26 17:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2015/11/26 17:13:44 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Downloaded Installations
[2015/11/24 19:15:58 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\CEF
[2015/11/22 10:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015/11/22 10:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/11/22 10:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015/11/21 21:51:11 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\GWX
[2015/11/21 17:26:16 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\ElevatedDiagnostics
[2015/11/21 14:26:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/11/21 12:24:02 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\TempDiretório de backup SW
[2015/11/21 12:22:50 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\SolidWorks
[2015/11/21 12:21:40 | 000,000,000 | ---D | C] -- C:\Temp
[2015/11/21 12:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Simpoe
[2015/11/21 12:08:25 | 000,000,000 | ---D | C] -- C:\ProgramData\COSMOS Applications
[2015/11/21 12:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\SolidWorks Flow Simulation
[2015/11/21 12:06:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SolidWorks Corp
[2015/11/21 12:05:30 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\help_images_otherUI
[2015/11/21 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\Documents\SolidWorks Visual Studio Tools for Applications
[2015/11/21 12:03:20 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\DassaultSystemes
[2015/11/21 12:03:20 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\DassaultSystemes
[2015/11/21 12:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
[2015/11/21 11:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013
[2015/11/21 11:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Shared
[2015/11/21 11:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\SolidWorks Corp
[2015/11/21 11:55:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2015/11/21 11:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SolidWorks
[2015/11/21 11:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2015/11/21 11:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2015/11/21 11:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2015/11/21 11:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2015/11/21 11:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2015/11/21 11:52:25 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\Documents\Visual Studio 2005
[2015/11/21 11:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[2015/11/21 11:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2015/11/21 11:51:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2015/11/21 11:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2015/11/21 11:48:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SolidWorks Shared
[2015/11/21 11:48:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2015/11/21 11:48:21 | 000,000,000 | ---D | C] -- C:\SolidWorks Data
[2015/11/21 11:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gerenciador de Instalação do SolidWorks
[2015/11/21 11:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Gerenciador de Instalação do SolidWorks
[2015/11/21 09:02:58 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015/11/21 09:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015/11/21 09:00:57 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/11/21 09:00:56 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/11/21 04:19:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015/11/21 00:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2015/11/21 00:49:10 | 000,000,000 | ---D | C] -- C:\Intel
[2015/11/21 00:33:14 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015/11/20 20:15:15 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Macromedia
[2015/11/20 19:37:05 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Adobe
[2015/11/20 18:22:04 | 000,000,000 | -HSD | C] -- C:\found.000
[2015/11/20 01:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2015/11/19 21:25:33 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\Documents\SolidWorks Downloads
[2015/11/19 21:25:33 | 000,000,000 | ---D | C] -- C:\Windows\SolidWorks
[2015/11/19 21:25:14 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\SolidWorks
[2015/11/19 03:26:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2015/11/19 03:26:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2015/11/19 01:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Mozilla
[2015/11/19 01:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Mozilla
[2015/11/19 01:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/11/19 01:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/11/17 19:43:15 | 000,000,000 | ---D | C] -- C:\Relatório Viga Circular
[2015/11/17 15:16:47 | 000,049,612 | ---- | C] (Igor Pavlov) -- C:\Users\Rodrigo\Desktop\wfu-configurador.exe
[2015/11/17 11:12:28 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\Desktop\Aula Ansys 1117
[2015/11/16 22:19:22 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2015/11/16 22:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2015/11/16 22:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Decrypter
[2015/11/16 20:47:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2015/11/16 20:47:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2015/11/16 20:47:04 | 000,000,000 | ---D | C] -- C:\inetpub
[2015/11/16 20:34:48 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\DAEMON Tools Lite
[2015/11/16 20:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2015/11/16 20:34:23 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2015/11/16 12:55:45 | 000,000,000 | ---D | C] -- C:\SolidWorks
[2015/11/16 12:50:42 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\uTorrent
[2015/11/16 12:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/11/16 11:09:27 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Google Drive
[2015/11/16 11:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2015/11/16 11:03:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015/11/16 11:03:25 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Google
[2015/11/16 10:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2015/11/16 10:57:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2015/11/16 10:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2015/11/16 10:57:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015/11/16 10:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2015/11/16 10:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015/11/16 10:54:30 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Microsoft Help
[2015/11/16 10:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015/11/16 10:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015/11/16 10:53:55 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2015/11/16 10:47:22 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015/11/16 10:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015/11/16 10:47:08 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\WinRAR
[2015/11/16 10:45:35 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Creative
[2015/11/16 10:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Popcorn Time
[2015/11/16 01:31:35 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\AVG
[2015/11/16 01:30:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015/11/16 01:30:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2015/11/16 01:30:24 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\TuneUp Software
[2015/11/16 01:29:45 | 000,000,000 | -H-D | C] -- C:\$AVG
[2015/11/16 01:20:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2015/11/16 01:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2015/11/16 01:18:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2015/11/16 01:14:21 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\AvgSetupLog
[2015/11/16 01:13:58 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Avg
[2015/11/16 01:13:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2015/11/16 01:13:11 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\MFAData
[2015/11/16 01:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2015/11/16 01:13:11 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Avg2015
[2015/11/16 01:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2015/11/16 01:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS, Inc. License Manager
[2015/11/16 00:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ANSYSInstall
[2015/11/16 00:58:42 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Ansys
[2015/11/16 00:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 12.0
[2015/11/16 00:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\ANSYS Inc
[2015/11/15 19:04:25 | 000,000,000 | ---D | C] -- C:\Backup Total
[2015/11/15 18:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2015/11/15 18:00:17 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\PCDr
[2015/11/15 17:06:04 | 000,000,000 | ---D | C] -- C:\Backup 1
[2015/11/15 15:53:59 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Macromedia
[2015/11/15 15:53:54 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Adobe
[2015/11/15 15:47:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2015/11/15 15:47:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015/11/15 15:06:50 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2015/11/15 15:06:17 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Apps
[2015/11/15 15:06:16 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Deployment
[2015/11/15 14:18:00 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Diagnostics
[2015/11/15 13:53:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2015/11/15 13:52:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015/11/15 13:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015/11/15 13:49:03 | 000,166,208 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015/11/15 13:49:02 | 000,532,384 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015/11/15 13:49:02 | 000,221,976 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015/11/15 13:49:02 | 000,209,544 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015/11/15 13:48:57 | 000,387,320 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015/11/15 13:48:57 | 000,214,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015/11/15 13:48:57 | 000,110,992 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015/11/15 13:48:57 | 000,088,352 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015/11/15 13:48:56 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015/11/15 13:48:56 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015/11/15 13:48:49 | 000,677,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015/11/15 13:48:42 | 002,050,184 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015/11/15 13:48:41 | 000,678,192 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015/11/15 13:48:41 | 000,330,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015/11/15 13:48:37 | 003,278,416 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015/11/15 13:48:37 | 001,780,624 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015/11/15 13:48:37 | 001,591,064 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015/11/15 13:48:37 | 000,727,440 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015/11/15 13:48:37 | 000,708,320 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015/11/15 13:48:36 | 001,508,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015/11/15 13:48:36 | 000,743,968 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015/11/15 13:48:36 | 000,504,312 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015/11/15 13:48:36 | 000,445,408 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015/11/15 13:48:36 | 000,441,272 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015/11/15 13:48:36 | 000,253,904 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015/11/15 13:48:36 | 000,253,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015/11/15 13:48:36 | 000,252,880 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015/11/15 13:48:33 | 000,122,328 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015/11/15 13:34:03 | 000,981,744 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015/11/15 13:32:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2015/11/15 13:31:49 | 000,402,136 | ---- | C] (Realsil Semiconductor Corporation) -- C:\Windows\SysNative\drivers\RtsUer.sys
[2015/11/15 13:31:48 | 000,083,160 | ---- | C] (Realtek Semiconductor.) -- C:\Windows\SysNative\RtCRX64.dll
[2015/11/15 12:52:45 | 000,181,760 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3xhc.sys
[2015/11/15 12:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015/11/15 12:27:48 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2015/11/15 12:27:16 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\IObit
[2015/11/15 12:27:15 | 000,026,528 | ---- | C] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015/11/15 12:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015/11/15 12:10:59 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Easeware
[2015/11/15 12:10:37 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Programs
[2015/11/15 11:42:05 | 000,015,360 | ---- | C] (June Fabrics Technology Inc.) -- C:\Windows\SysNative\drivers\pneteth.sys
[2015/11/15 11:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
[2015/11/15 11:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android
[2015/11/15 11:41:41 | 003,215,048 | ---- | C] (June Fabrics Technology Inc. ) -- C:\Users\Rodrigo\Desktop\PdaNetA4183.exe
[2015/11/15 10:36:25 | 000,000,000 | ---D | C] -- C:\Dell
[2015/11/15 09:30:31 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2015/11/15 08:45:58 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015/11/15 08:45:58 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Searches
[2015/11/15 08:45:58 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015/11/15 08:45:45 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Identities
[2015/11/15 08:45:41 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Contacts
[2015/11/15 08:45:39 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\VirtualStore
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\AppData\Local\Temporary Internet Files
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\SendTo
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Recent
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Modelos
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Documents\Minhas músicas
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Documents\Minhas imagens
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Documents\Meus vídeos
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Meus documentos
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Menu Iniciar
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\AppData\Local\Histórico
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Dados de aplicativos
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\AppData\Local\Dados de aplicativos
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Cookies
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Configurações locais
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Ambiente de rede
[2015/11/15 08:45:24 | 000,000,000 | -HSD | C] -- C:\Users\Rodrigo\Ambiente de impressão
[2015/11/15 08:45:23 | 000,000,000 | --SD | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Videos
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Saved Games
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Pictures
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Music
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Links
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Favorites
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Downloads
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Documents
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\Desktop
[2015/11/15 08:45:23 | 000,000,000 | R--D | C] -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015/11/15 08:45:23 | 000,000,000 | -H-D | C] -- C:\Users\Rodrigo\AppData
[2015/11/15 08:45:23 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Temp
[2015/11/15 08:45:23 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Local\Microsoft
[2015/11/15 08:45:23 | 000,000,000 | ---D | C] -- C:\Users\Rodrigo\AppData\Roaming\Media Center Programs
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Recovery
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas
[2015/11/15 08:45:06 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns
[2015/11/15 08:36:07 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/11/15 08:32:47 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2015/11/15 08:31:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/11/28 12:00:05 | 002,097,152 | -HS- | M] () -- C:\Users\Rodrigo\NTUSER.DAT
[2015/11/28 11:41:27 | 005,023,693 | ---- | M] () -- C:\Users\Rodrigo\Desktop\wartsila-o-e-w-46f-pg.pdf
[2015/11/28 11:18:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rodrigo\Desktop\OTL.exe
[2015/11/28 11:08:14 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/28 11:08:14 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/28 11:05:15 | 000,021,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/28 11:05:15 | 000,021,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/28 11:04:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/28 10:54:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2015/11/28 10:54:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/28 10:54:49 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/28 10:29:39 | 004,186,078 | -H-- | M] () -- C:\Users\Rodrigo\AppData\Local\IconCache.db
[2015/11/28 00:12:11 | 000,000,006 | ---- | M] () -- C:\ProgramData\103
[2015/11/26 17:47:34 | 000,002,154 | ---- | M] () -- C:\Users\Public\Desktop\Oracle Crystal Ball.lnk
[2015/11/26 17:09:58 | 001,797,752 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/11/26 17:09:58 | 000,768,182 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2015/11/26 17:09:58 | 000,711,698 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/11/26 17:09:58 | 000,168,274 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2015/11/26 17:09:58 | 000,141,134 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/11/22 10:23:35 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015/11/22 02:02:15 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2015/11/21 17:30:52 | 000,618,943 | ---- | M] () -- C:\Users\Rodrigo\SHARK.INI
[2015/11/21 14:00:09 | 000,327,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/11/21 12:22:54 | 000,080,816 | ---- | M] () -- C:\Users\Rodrigo\AppData\Local\GDIPFONTCACHEV1.DAT
[2015/11/21 12:06:35 | 000,003,011 | ---- | M] () -- C:\Users\Public\Desktop\SolidWorks Explorer 2013.lnk
[2015/11/21 12:06:35 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\SolidWorks eDrawings 2013.lnk
[2015/11/21 12:05:50 | 000,000,000 | ---- | M] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2015/11/21 12:05:30 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\SolidWorks eDrawings 2013 x64 Edition.lnk
[2015/11/21 11:58:35 | 000,002,753 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inicialização Rápida do Solidworks 2013.lnk
[2015/11/21 11:58:35 | 000,002,731 | ---- | M] () -- C:\Users\Public\Desktop\SolidWorks 2013 x64 Edition.lnk
[2015/11/21 11:47:19 | 000,001,462 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aplicativo de Download Automático do SolidWorks.lnk
[2015/11/21 11:25:17 | 000,005,125 | ---- | M] () -- C:\Users\Rodrigo\file.err
[2015/11/21 02:55:19 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/11/21 02:55:01 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2015/11/21 00:39:40 | 001,755,318 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/11/20 11:00:14 | 000,001,069 | ---- | M] () -- C:\Users\Rodrigo\Desktop\Unesp - Atalho.lnk
[2015/11/19 01:29:43 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/11/19 00:39:56 | 007,340,032 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.dbb
[2015/11/19 00:39:56 | 007,340,032 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.db
[2015/11/19 00:39:51 | 010,223,616 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.emat
[2015/11/19 00:39:51 | 008,454,144 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.esav
[2015/11/19 00:39:51 | 004,128,768 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.full
[2015/11/19 00:39:51 | 000,002,319 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.BCS
[2015/11/19 00:39:51 | 000,000,640 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.mntr
[2015/11/19 00:39:51 | 000,000,151 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.stat
[2015/11/19 00:39:38 | 000,000,000 | ---- | M] () -- C:\Users\Rodrigo\Documents\VasoPressão.sda
[2015/11/17 19:16:38 | 000,029,638 | ---- | M] () -- C:\Users\Rodrigo\Desktop\assinatura baja.jpg
[2015/11/16 22:19:23 | 000,001,972 | ---- | M] () -- C:\Users\Rodrigo\Desktop\DVD Decrypter.lnk
[2015/11/16 12:51:42 | 000,000,855 | ---- | M] () -- C:\Users\Rodrigo\Desktop\µTorrent.lnk
[2015/11/16 12:38:11 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/11/16 11:08:22 | 000,002,042 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2015/11/16 11:08:22 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2015/11/16 11:08:22 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2015/11/16 10:43:55 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\Popcorn Time.lnk
[2015/11/16 01:30:25 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\AVG Protection.lnk
[2015/11/15 18:09:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2015/11/15 13:49:03 | 000,532,384 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015/11/15 13:49:03 | 000,166,208 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015/11/15 13:49:02 | 000,221,976 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015/11/15 13:49:02 | 000,209,544 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015/11/15 13:48:57 | 003,951,402 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015/11/15 13:48:57 | 000,387,320 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015/11/15 13:48:57 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015/11/15 13:48:57 | 000,214,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015/11/15 13:48:57 | 000,110,992 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015/11/15 13:48:57 | 000,088,352 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015/11/15 13:48:56 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015/11/15 13:48:49 | 000,677,680 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015/11/15 13:48:42 | 002,050,184 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015/11/15 13:48:41 | 000,678,192 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015/11/15 13:48:41 | 000,330,568 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015/11/15 13:48:38 | 003,278,416 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015/11/15 13:48:37 | 001,780,624 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015/11/15 13:48:37 | 001,591,064 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015/11/15 13:48:37 | 000,727,440 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015/11/15 13:48:37 | 000,708,320 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015/11/15 13:48:37 | 000,504,312 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015/11/15 13:48:36 | 001,508,936 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015/11/15 13:48:36 | 000,743,968 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015/11/15 13:48:36 | 000,445,408 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015/11/15 13:48:36 | 000,441,272 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015/11/15 13:48:36 | 000,253,904 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015/11/15 13:48:36 | 000,253,872 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015/11/15 13:48:36 | 000,252,880 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015/11/15 13:48:33 | 000,122,328 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015/11/15 13:34:04 | 000,981,744 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015/11/15 13:31:49 | 000,402,136 | ---- | M] (Realsil Semiconductor Corporation) -- C:\Windows\SysNative\drivers\RtsUer.sys
[2015/11/15 13:31:48 | 000,083,160 | ---- | M] (Realtek Semiconductor.) -- C:\Windows\SysNative\RtCRX64.dll
[2015/11/15 12:52:46 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3xhc.sys
[2015/11/15 12:27:15 | 000,026,528 | ---- | M] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015/11/15 11:40:44 | 003,215,048 | ---- | M] (June Fabrics Technology Inc. ) -- C:\Users\Rodrigo\Desktop\PdaNetA4183.exe
[2015/11/15 09:04:27 | 000,524,288 | -HS- | M] () -- C:\Users\Rodrigo\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2015/11/15 09:04:27 | 000,524,288 | -HS- | M] () -- C:\Users\Rodrigo\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2015/11/15 09:04:27 | 000,065,536 | -HS- | M] () -- C:\Users\Rodrigo\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2015/11/15 09:03:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015/11/15 08:45:24 | 000,000,020 | -HS- | M] () -- C:\Users\Rodrigo\ntuser.ini
[2015/11/15 08:42:04 | 000,190,868 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2015/11/15 08:42:04 | 000,190,868 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2015/11/15 08:37:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/11/28 00:12:11 | 000,000,006 | ---- | C] () -- C:\ProgramData\103
[2015/11/26 17:47:34 | 000,002,154 | ---- | C] () -- C:\Users\Public\Desktop\Oracle Crystal Ball.lnk
[2015/11/22 10:23:35 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015/11/22 10:23:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/11/21 17:30:52 | 000,618,943 | ---- | C] () -- C:\Users\Rodrigo\SHARK.INI
[2015/11/21 12:06:35 | 000,003,011 | ---- | C] () -- C:\Users\Public\Desktop\SolidWorks Explorer 2013.lnk
[2015/11/21 12:06:35 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\SolidWorks eDrawings 2013.lnk
[2015/11/21 12:05:50 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2015/11/21 12:05:30 | 000,002,145 | ---- | C] () -- C:\Users\Public\Desktop\SolidWorks eDrawings 2013 x64 Edition.lnk
[2015/11/21 11:58:35 | 000,002,753 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inicialização Rápida do Solidworks 2013.lnk
[2015/11/21 11:58:35 | 000,002,731 | ---- | C] () -- C:\Users\Public\Desktop\SolidWorks 2013 x64 Edition.lnk
[2015/11/21 11:47:19 | 000,001,462 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aplicativo de Download Automático do SolidWorks.lnk
[2015/11/21 04:15:24 | 000,419,936 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2015/11/21 04:15:24 | 000,419,936 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2015/11/21 02:55:19 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/11/21 02:55:01 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/11/20 11:00:14 | 000,001,069 | ---- | C] () -- C:\Users\Rodrigo\Desktop\Unesp - Atalho.lnk
[2015/11/19 03:07:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2015/11/19 03:04:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2015/11/19 01:29:43 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/11/19 01:29:43 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/11/19 00:39:38 | 000,000,000 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.sda
[2015/11/19 00:38:17 | 000,002,319 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.BCS
[2015/11/19 00:38:17 | 000,000,151 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.stat
[2015/11/19 00:38:14 | 010,223,616 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.emat
[2015/11/19 00:38:14 | 008,454,144 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.esav
[2015/11/19 00:38:14 | 004,128,768 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.full
[2015/11/19 00:38:14 | 000,000,640 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.mntr
[2015/11/18 23:30:08 | 007,340,032 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.dbb
[2015/11/18 23:30:08 | 007,340,032 | ---- | C] () -- C:\Users\Rodrigo\Documents\VasoPressão.db
[2015/11/17 19:16:38 | 000,029,638 | ---- | C] () -- C:\Users\Rodrigo\Desktop\assinatura baja.jpg
[2015/11/16 22:19:23 | 000,001,972 | ---- | C] () -- C:\Users\Rodrigo\Desktop\DVD Decrypter.lnk
[2015/11/16 20:52:04 | 000,005,125 | ---- | C] () -- C:\Users\Rodrigo\file.err
[2015/11/16 20:48:43 | 001,755,318 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/11/16 20:34:50 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2015/11/16 12:51:42 | 000,000,855 | ---- | C] () -- C:\Users\Rodrigo\Desktop\µTorrent.lnk
[2015/11/16 12:38:11 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/11/16 11:08:22 | 000,002,042 | ---- | C] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2015/11/16 11:08:22 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2015/11/16 11:08:22 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2015/11/16 11:03:34 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/16 11:03:33 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/16 10:43:55 | 000,001,197 | ---- | C] () -- C:\Users\Public\Desktop\Popcorn Time.lnk
[2015/11/16 01:30:25 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\AVG Protection.lnk
[2015/11/15 18:10:48 | 004,186,078 | -H-- | C] () -- C:\Users\Rodrigo\AppData\Local\IconCache.db
[2015/11/15 18:09:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2015/11/15 15:47:49 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/15 13:48:57 | 003,951,402 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015/11/15 12:11:06 | 000,080,816 | ---- | C] () -- C:\Users\Rodrigo\AppData\Local\GDIPFONTCACHEV1.DAT
[2015/11/15 09:03:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015/11/15 08:46:01 | 000,001,389 | ---- | C] () -- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015/11/15 08:45:24 | 000,000,020 | -HS- | C] () -- C:\Users\Rodrigo\ntuser.ini
[2015/11/15 08:45:23 | 002,097,152 | -HS- | C] () -- C:\Users\Rodrigo\NTUSER.DAT
[2015/11/15 08:45:23 | 000,524,288 | -HS- | C] () -- C:\Users\Rodrigo\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2015/11/15 08:45:23 | 000,524,288 | -HS- | C] () -- C:\Users\Rodrigo\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2015/11/15 08:45:23 | 000,065,536 | -HS- | C] () -- C:\Users\Rodrigo\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2015/11/15 08:41:19 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2015/11/15 08:40:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2015/11/15 08:37:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015/11/15 08:31:15 | 3137,994,752 | -HS- | C] () -- C:\hiberfil.sys
[2015/06/01 21:00:18 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2015/06/01 19:46:58 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2015/06/01 19:45:24 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 02:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 16:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 15:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 23:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 01:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 23:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
"DefaultConnectionSettings" = 46 00 00 00 56 00 00 00 03 00 00 00 2A 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 31 39 32 32 31 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 31 39 32 32 31 0B 00 00 00 3C 2D 6C 6F 6F 70 62 61 63 6B 3E 00 00 00 00 00 00 00 00 00 00 00 00 88 B9 7D 93 DB 23 D1 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 38 01 00 00 03 00 00 00 2A 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 31 39 32 32 31 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 31 39 32 32 31 0B 00 00 00 3C 2D 6C 6F 6F 70 62 61 63 6B 3E 00 00 00 00 00 00 00 00 00 00 00 00 88 B9 7D 93 DB 23 D1 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"Conexão Discada" = 46 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]

< End of report >

Publicité


Signaler le contenu de ce document

Publicité