cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 10/03/2016 21:48:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marina\Downloads\Programs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18204)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,68 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 23,77% Memory free
7,36 Gb Paging File | 3,60 Gb Available in Paging File | 48,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 216,74 Gb Free Space | 46,54% Space Free | Partition Type: NTFS

Computer Name: MARINA-PC | User Name: Marina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/03/10 21:47:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marina\Downloads\Programs\OTL.exe
PRC - [2016/03/08 19:14:47 | 000,335,872 | ---- | M] (BitTorrent Inc.) -- C:\Users\Marina\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
PRC - [2016/03/08 19:13:44 | 002,094,080 | ---- | M] (BitTorrent Inc.) -- C:\Users\Marina\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2016/03/08 18:04:58 | 007,428,048 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
PRC - [2016/03/07 15:46:10 | 007,244,240 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Windows Security\winsecurity.exe
PRC - [2016/02/27 10:12:52 | 005,906,904 | ---- | M] (Microsoft Corporation) -- C:\Users\Marina\AppData\Roaming\XBox\XBLive.exe
PRC - [2016/02/18 01:15:35 | 000,746,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/02/02 10:16:43 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2015/12/13 22:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/08/19 08:34:30 | 008,139,480 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
PRC - [2015/08/13 09:53:48 | 000,587,576 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2015/04/05 05:13:11 | 003,898,960 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2015/02/04 07:05:36 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2015/01/28 14:08:58 | 001,349,576 | ---- | M] (ESET) -- C:\Arquivos de Programas\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2014/10/31 16:38:40 | 002,072,928 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2013/09/23 11:22:04 | 000,654,552 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
PRC - [2013/08/07 13:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Arquivos de Programas\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/05/03 13:39:02 | 000,325,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2010/04/13 08:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 12:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/03/08 12:16:36 | 017,541,312 | ---- | M] () -- C:\Users\Marina\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll
MOD - [2016/02/18 01:14:44 | 001,630,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
MOD - [2016/02/18 01:14:32 | 000,085,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
MOD - [2016/02/15 15:00:55 | 001,102,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\11d27551f41f9addcea193b10d5c9d0c\System.ServiceModel.Web.ni.dll
MOD - [2016/02/15 15:00:36 | 002,937,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\5890dceb198d2f64c7e05a88a55eab3a\System.IdentityModel.ni.dll
MOD - [2016/02/15 15:00:32 | 019,425,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c5291e093eb66930d0c543afa4ca099a\System.ServiceModel.ni.dll
MOD - [2016/02/15 14:44:28 | 012,944,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c05bd9213c8de0cf2ef03517c58718f4\System.Windows.Forms.ni.dll
MOD - [2016/02/15 14:44:12 | 001,623,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cebdd889c7234fcae5cfb871a95e35a3\System.Drawing.ni.dll
MOD - [2016/02/15 14:42:22 | 001,879,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a79f560e75dd98477da84a083fb02072\System.Xaml.ni.dll
MOD - [2016/02/15 14:41:56 | 000,974,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ab772f74047da2969a2876655a5bb542\System.Configuration.ni.dll
MOD - [2016/02/15 14:41:50 | 007,516,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\75900fae35a6cf3ecd1dfa796ddd7fce\System.Core.ni.dll
MOD - [2016/02/15 14:41:46 | 007,378,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a0ff5cf8fa18aa8b462fc3d07f25e8fc\System.Xml.ni.dll
MOD - [2016/02/15 14:41:45 | 000,117,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\06c07175fe9e7bf18cd1c8d9f85614f3\SMDiagnostics.ni.dll
MOD - [2016/02/15 14:41:44 | 002,772,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\37523c98ca4b37b2a6d189294e443202\System.Runtime.Serialization.ni.dll
MOD - [2016/02/15 14:41:44 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\ffcfe63b55aad9fa5f53c1d3794ddfc2\System.ServiceModel.Internals.ni.dll
MOD - [2016/02/15 14:41:36 | 009,981,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\0b980f1580b78efeb67af4884ae21c00\System.ni.dll
MOD - [2016/02/15 12:33:51 | 000,452,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f7a8943fa993fa244dc82d4fcf381495\IAStorUtil.ni.dll
MOD - [2016/02/13 19:13:22 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b622d3d64bb24842fc7c9308a559ab1a\System.Windows.Forms.ni.dll
MOD - [2016/02/13 19:13:03 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ca97db61d7b1564dd115248a1439194e\System.Drawing.ni.dll
MOD - [2016/02/13 17:07:08 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\48b76dbabfdec8c358f55380db91414c\System.Runtime.Remoting.ni.dll
MOD - [2016/02/13 17:05:46 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d6204638b750d650b7cbb3278a5954eb\System.Xml.ni.dll
MOD - [2016/02/13 17:05:39 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ae206eff0a9816475cd7dd3d680faa48\System.Configuration.ni.dll
MOD - [2016/02/13 17:04:48 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ef80bf7db724bb3ab5fea4c0e2117cae\System.ni.dll
MOD - [2016/02/13 16:13:09 | 018,120,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\225759bb87c854c0fff27b1d84858c21\mscorlib.ni.dll
MOD - [2015/01/10 02:38:27 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/10/31 16:37:56 | 001,498,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
MOD - [2014/05/19 17:19:02 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013/07/08 09:42:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2013/07/08 09:42:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/07/13 22:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:[b]64bit:[/b] - [2016/01/22 03:27:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/09/01 21:37:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/03/09 20:58:28 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/03/09 15:06:18 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2016/03/07 15:46:10 | 007,244,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Windows Security\winsecurity.exe -- (WindowsSecurity)
SRV - [2016/02/27 10:12:52 | 005,906,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Users\Marina\AppData\Roaming\XBox\XBLive.exe -- (XBox)
SRV - [2015/12/13 22:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/11/05 19:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/08/13 09:53:48 | 000,587,576 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2015/01/28 14:08:58 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Arquivos de Programas\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV - [2014/11/12 11:11:32 | 003,470,640 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Arquivos de Programas\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)
SRV - [2014/03/20 19:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/23 11:22:04 | 000,654,552 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe -- (Disc Soft Bus Service)
SRV - [2013/08/07 13:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Arquivos de Programas\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2013/05/03 13:39:02 | 000,325,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/08/10 15:09:56 | 000,057,344 | ---- | M] (Atheros) [On_Demand | Stopped] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011/03/31 20:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/11/21 00:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/21 00:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/21 00:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/18 12:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/07/20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/02/13 23:35:04 | 000,388,936 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2016/02/13 18:45:06 | 004,161,536 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2016/02/13 18:43:11 | 000,032,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2016/02/13 15:59:52 | 000,404,184 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:[b]64bit:[/b] - [2015/08/08 10:10:07 | 000,029,696 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtscsibus.sys -- (dtscsibus)
DRV:[b]64bit:[/b] - [2015/07/08 15:29:28 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2015/05/30 15:55:17 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2015/05/30 15:55:17 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/05/30 15:55:17 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/05/23 22:54:18 | 012,312,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2015/05/12 12:20:36 | 000,037,376 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:[b]64bit:[/b] - [2015/05/12 12:18:12 | 000,030,720 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:[b]64bit:[/b] - [2015/05/12 10:36:40 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetbus64.sys -- (AndnetBus)
DRV:[b]64bit:[/b] - [2015/03/26 21:10:52 | 000,192,984 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2015/03/10 17:24:42 | 000,246,000 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2015/03/10 17:24:42 | 000,169,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2015/03/10 17:24:42 | 000,159,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:[b]64bit:[/b] - [2014/06/04 15:17:30 | 000,021,184 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:[b]64bit:[/b] - [2013/08/28 22:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2013/08/07 13:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/08/07 13:23:46 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2013/01/08 22:39:42 | 000,028,232 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\ProtectFs.sys -- (RealMonitor)
DRV:[b]64bit:[/b] - [2012/11/13 12:24:52 | 000,452,472 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2012/09/11 14:24:32 | 000,126,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS)
DRV:[b]64bit:[/b] - [2012/08/23 16:57:16 | 000,083,224 | R--- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFSFilter)
DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 00:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/04/13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/02/27 07:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/09/16 14:44:24 | 000,010,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV:[b]64bit:[/b] - [2009/09/09 06:23:46 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\flashud.sys -- (int0800)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2016/02/13 15:55:20 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/08/26 14:35:32 | 000,029,912 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Running] -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys -- (GBPRCM)
DRV - [2014/10/31 16:55:02 | 000,024,792 | ---- | M] (GAS Tecnologia LTDA) [Kernel | On_Demand | Running] -- C:\PROGRA~2\GbPlugin\wsftprp64.sys -- (Warsaw_PP)
DRV - [2012/06/21 13:58:20 | 000,020,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys -- (mdf16)
DRV - [2012/06/21 13:58:10 | 000,099,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys -- (mvd23)
DRV - [2010/01/27 18:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.Dounty.com/hp7/?q={searchTerms}
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50842;https=127.0.0.1:50842

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50842;https=127.0.0.1:50842

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 DA EC 3C E5 8B CF 01 [binary data]
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..\SearchScopes,DefaultScope = Web
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.Dounty.com/hp7/?q={searchTerms}
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..\SearchScopes\{53E46456-C9C4-454B-89C8-9FCCD10294BE}: "URL" = http://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G2Tzamobl3687,ffe59959-b391-4302-bbe1-18e2baebd1c7,
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..\SearchScopes\Web: "URL" = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Marina\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\WSVCU@Wondershare.com: C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Marina\AppData\Roaming\IDM\idmmzcc5 [2016/03/10 21:46:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Marina\AppData\Roaming\IDM\idmmzcc5 [2016/03/10 21:46:21 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.11_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnnbnbomhojbpnljgenkdpeolhfchgpg\0.1.1.1_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.25.12_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnladpgncnadepiignbjbjnffgdcciek\1.0_0\
CHR - Extension: No name found = C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015/06/07 00:26:04 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe File not found
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Arquivos de Programas\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SpaceSoundPro] "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" File not found
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe File not found
O4 - HKLM..\Run: [Clarus Drive Manager] C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe (Clarus, Inc.)
O4 - HKLM..\Run: [gmsd_br_005010111] File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe File not found
O4 - HKLM..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKLM..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe File not found
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h File not found
O4 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000..\Run: [DAEMON Tools Ultra Agent] C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000..\Run: [uTorrent] C:\Users\Marina\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O8:[b]64bit:[/b] - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: Adicionar página da Web a um PDF existente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Anexar destino do lin&k a PDF existente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Converter &página da Web em Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Converter destino do link em Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Download ALL with IDA - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Download remotely with IDA - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Download with IDA - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Adicionar página da Web a um PDF existente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Anexar destino do lin&k a PDF existente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Converter &página da Web em Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Converter destino do link em Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Download ALL with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download remotely with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:[b]64bit:[/b] - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\ProgramData\System32\SafeGuard64.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: bb.com.br ([seg] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: bb.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: bb.com.br ([seg] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: bb.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bb.com.br ([seg] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: bb.com.br ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([imagem] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([imagem] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([imagem2] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([internetbanking] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([internetbanking] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([internetbankingpf] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([internetbankingpf] https in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3378788345-2352627650-2164435627-1000\..Trusted Domains: caixa.gov.br ([www] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.18.0.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10594E35-B260-47C1-AB3D-FBBD44DE0B0F}: DhcpNameServer = 172.18.0.8
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O18 - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (bj.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/06/07 01:06:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2611d95c-e49e-11e5-8c81-dc0ea1c1d33f}\Shell - "" = AutoRun
O33 - MountPoints2\{2611d95c-e49e-11e5-8c81-dc0ea1c1d33f}\Shell\AutoRun\command - "" = F:\setup-disc2.exe
O33 - MountPoints2\{3b08a8cf-77e3-11e5-8656-dc0ea1c1d33f}\Shell - "" = AutoRun
O33 - MountPoints2\{3b08a8cf-77e3-11e5-8656-dc0ea1c1d33f}\Shell\AutoRun\command - "" = E:\LG_PC_Programs.exe
O33 - MountPoints2\{8a17237b-2bd9-11e5-8a4d-dc0ea1c1d33f}\Shell - "" = AutoRun
O33 - MountPoints2\{8a17237b-2bd9-11e5-8a4d-dc0ea1c1d33f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{a52a966f-3dc0-11e5-b515-dc0ea1c1d33f}\Shell - "" = AutoRun
O33 - MountPoints2\{a52a966f-3dc0-11e5-b515-dc0ea1c1d33f}\Shell\AutoRun\command - "" = E:\setup-disc1.exe
O33 - MountPoints2\{fe2caaa6-2a4a-11e4-a141-dc0ea1c1d33f}\Shell - "" = AutoRun
O33 - MountPoints2\{fe2caaa6-2a4a-11e4-a141-dc0ea1c1d33f}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/03/10 17:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2016/03/09 18:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\GAS Tecnologia
[2016/03/09 18:53:19 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2016/03/09 18:53:16 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2016/03/09 18:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2016/03/09 18:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare
[2016/03/09 18:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Ultra
[2016/03/09 17:07:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2016/03/09 16:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2016/03/09 14:33:37 | 000,000,000 | ---D | C] -- C:\Users\Marina\Desktop\SPYHUNTER4
[2016/03/09 13:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\GbPlugin
[2016/03/08 19:35:18 | 000,000,000 | ---D | C] -- C:\Windows\Steam
[2016/03/08 18:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Security
[2016/02/29 11:40:37 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Roaming\XBox
[2016/02/29 11:37:52 | 000,000,000 | ---D | C] -- C:\Users\Marina\Screenshots
[2016/02/27 17:12:33 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot2015
[2016/02/27 17:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot2015
[2016/02/26 17:27:26 | 000,000,000 | ---D | C] -- C:\Users\Marina\Documents\ARES DOWNLOAD
[2016/02/26 17:21:11 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Local\Ares
[2016/02/26 17:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
[2016/02/26 17:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ares
[2016/02/18 23:02:23 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Local\Bluestacks
[2016/02/15 09:23:18 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
[2016/02/14 21:38:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2016/02/14 21:38:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2016/02/14 21:38:15 | 000,000,000 | ---D | C] -- C:\inetpub
[2016/02/14 18:12:51 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysWow64\SER9PL.sys
[2016/02/14 16:13:13 | 000,041,344 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysWow64\drivers\ser2pl.sys
[2016/02/14 14:15:55 | 000,000,000 | ---D | C] -- C:\Users\Marina\Documents\DriverEasy
[2016/02/14 14:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2016/02/14 14:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2016/02/14 12:20:10 | 000,000,000 | ---D | C] -- C:\Users\Marina\Intel
[2016/02/13 23:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Wheel Mouse
[2016/02/13 23:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola
[2016/02/13 23:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2016/02/13 23:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2016/02/13 23:53:40 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Roaming\Motorola
[2016/02/13 23:34:08 | 000,388,936 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2016/02/13 20:50:46 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced Wheel Mouse
[2016/02/13 20:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Wheel Mouse
[2016/02/13 18:48:58 | 003,299,832 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2016/02/13 18:48:57 | 002,190,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2016/02/13 18:48:55 | 002,110,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2016/02/13 18:48:53 | 000,166,208 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2016/02/13 18:48:52 | 000,532,384 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2016/02/13 18:48:52 | 000,221,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2016/02/13 18:48:52 | 000,209,544 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2016/02/13 18:48:51 | 001,435,144 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2016/02/13 18:48:51 | 000,381,416 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2016/02/13 18:48:50 | 000,467,168 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2016/02/13 18:48:50 | 000,341,160 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2016/02/13 18:48:50 | 000,341,160 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2016/02/13 18:48:49 | 002,130,584 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2016/02/13 18:48:49 | 000,258,504 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2016/02/13 18:48:48 | 001,328,496 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2016/02/13 18:48:46 | 001,020,208 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2016/02/13 18:48:44 | 000,933,640 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2016/02/13 18:48:44 | 000,716,112 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2016/02/13 18:48:44 | 000,589,080 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2016/02/13 18:48:44 | 000,448,592 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2016/02/13 18:48:44 | 000,231,920 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2016/02/13 18:48:44 | 000,090,920 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2016/02/13 18:48:44 | 000,088,328 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2016/02/13 18:48:44 | 000,083,632 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2016/02/13 18:48:32 | 000,387,320 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2016/02/13 18:48:32 | 000,214,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2016/02/13 18:48:32 | 000,110,992 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2016/02/13 18:48:32 | 000,088,352 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2016/02/13 18:48:28 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2016/02/13 18:48:28 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2016/02/13 18:48:20 | 007,172,920 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2016/02/13 18:48:20 | 000,447,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2016/02/13 18:48:20 | 000,151,792 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2016/02/13 18:48:20 | 000,134,208 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2016/02/13 18:48:20 | 000,084,624 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2016/02/13 18:48:19 | 005,776,688 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICV2apo.dll
[2016/02/13 18:48:19 | 001,003,864 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NahimicAPONSControl.dll
[2016/02/13 18:48:18 | 005,289,952 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2016/02/13 18:48:17 | 012,986,528 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO4064.dll
[2016/02/13 18:48:17 | 000,677,672 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2016/02/13 18:48:16 | 013,120,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2016/02/13 18:48:14 | 000,998,032 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2016/02/13 18:48:13 | 001,334,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2016/02/13 18:48:07 | 014,057,256 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2016/02/13 18:48:05 | 002,823,280 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO7064.dll
[2016/02/13 18:48:05 | 002,050,184 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2016/02/13 18:48:05 | 000,931,624 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2016/02/13 18:48:04 | 001,421,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2016/02/13 18:48:04 | 001,211,840 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2016/02/13 18:48:04 | 001,164,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2016/02/13 18:48:04 | 000,678,192 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2016/02/13 18:48:04 | 000,330,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2016/02/13 18:48:03 | 000,618,192 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2016/02/13 18:48:00 | 000,470,312 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2016/02/13 18:47:59 | 000,369,296 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\HiFiDAX2API.dll
[2016/02/13 18:47:50 | 003,282,032 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2016/02/13 18:47:50 | 001,780,624 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2016/02/13 18:47:50 | 001,591,064 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2016/02/13 18:47:50 | 000,727,440 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2016/02/13 18:47:50 | 000,708,320 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2016/02/13 18:47:50 | 000,514,528 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2016/02/13 18:47:50 | 000,500,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2016/02/13 18:47:50 | 000,428,232 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2016/02/13 18:47:49 | 005,338,936 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DolbyDAX2APOv211.dll
[2016/02/13 18:47:49 | 002,437,136 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DolbyDAX2APOv201.dll
[2016/02/13 18:47:49 | 001,508,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2016/02/13 18:47:49 | 000,952,984 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DolbyDAX2APOProp.dll
[2016/02/13 18:47:49 | 000,743,968 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2016/02/13 18:47:49 | 000,504,312 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2016/02/13 18:47:49 | 000,445,408 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2016/02/13 18:47:49 | 000,441,272 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2016/02/13 18:47:49 | 000,253,904 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2016/02/13 18:47:49 | 000,253,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2016/02/13 18:47:49 | 000,252,880 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2016/02/13 18:47:48 | 007,096,192 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2016/02/13 18:47:48 | 006,264,640 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64AF3.dll
[2016/02/13 18:47:48 | 000,362,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64AF3.dll
[2016/02/13 18:47:48 | 000,327,456 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2016/02/13 18:47:47 | 001,965,816 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2016/02/13 18:47:47 | 001,959,608 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64AF3.dll
[2016/02/13 18:47:47 | 000,310,424 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64F3.dll
[2016/02/13 18:47:47 | 000,272,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2016/02/13 18:47:45 | 000,122,320 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2016/02/13 18:45:06 | 004,161,536 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2016/02/13 18:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2016/02/13 18:43:11 | 000,032,936 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2016/02/13 16:55:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2016/02/13 16:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2016/02/13 16:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2016/02/13 16:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2016/02/13 15:59:52 | 000,404,184 | ---- | C] (Realsil Semiconductor Corporation) -- C:\Windows\SysNative\drivers\RtsUer.sys
[2016/02/12 22:59:08 | 000,000,000 | ---D | C] -- C:\Users\Marina\Desktop\Root Celular
[2016/02/11 17:29:53 | 000,000,000 | ---D | C] -- C:\Users\Marina\AppData\Roaming\Kingosoft
[9 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/03/10 21:57:35 | 020,538,801 | ---- | M] () -- C:\Users\Marina\Desktop\Malwarebytes Anti-Malware Premium (2.0.4.1028).rar
[2016/03/10 21:49:00 | 000,003,446 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-1-6.job
[2016/03/10 21:48:00 | 000,005,834 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-6.job
[2016/03/10 21:37:01 | 000,000,502 | RHS- | M] () -- C:\Users\Marina\ntuser.pol
[2016/03/10 21:24:13 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/03/10 21:15:00 | 000,003,126 | ---- | M] () -- C:\Windows\tasks\0934a645-bf4b-44f8-8977-a80e6fc02818-1-6.job
[2016/03/10 21:14:00 | 000,005,506 | ---- | M] () -- C:\Windows\tasks\0934a645-bf4b-44f8-8977-a80e6fc02818-6.job
[2016/03/10 20:13:27 | 027,357,239 | ---- | M] () -- C:\Users\Marina\Desktop\2015 - DIDIER JR, Fredie. Novo Código de Processo Civil de 2015 - Comparativo com o Código de 1973 (CPC 2015 x CPC 1973).pdf
[2016/03/10 20:11:19 | 030,922,940 | ---- | M] () -- C:\Users\Marina\Desktop\Novo Código de Processo Civil Anotado - Cassio Scarpinella Bueno - 2015.pdf
[2016/03/10 20:08:51 | 019,026,353 | ---- | M] () -- C:\Users\Marina\Desktop\Código de Processo Civil Comentado Artigo por Artigo - CPC.pdf
[2016/03/10 19:50:31 | 000,000,660 | ---- | M] () -- C:\Windows\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
[2016/03/10 19:20:16 | 000,005,506 | ---- | M] () -- C:\Windows\tasks\0934a645-bf4b-44f8-8977-a80e6fc02818-7.job
[2016/03/10 19:20:16 | 000,005,490 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-7.job
[2016/03/10 19:20:16 | 000,004,810 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-4.job
[2016/03/10 19:20:16 | 000,004,482 | ---- | M] () -- C:\Windows\tasks\0934a645-bf4b-44f8-8977-a80e6fc02818-4.job
[2016/03/10 19:20:16 | 000,003,790 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-1-7.job
[2016/03/10 19:20:16 | 000,003,126 | ---- | M] () -- C:\Windows\tasks\0934a645-bf4b-44f8-8977-a80e6fc02818-1-7.job
[2016/03/10 19:20:16 | 000,002,762 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-5_user.job
[2016/03/10 19:20:16 | 000,002,762 | ---- | M] () -- C:\Windows\tasks\d2e61ef5-5c55-4dbc-b895-05ea0be87c7d-5.job
[2016/03/10 14:15:38 | 000,013,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/03/10 14:15:38 | 000,013,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/03/10 11:22:01 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/03/09 20:58:30 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/03/09 20:54:58 | 000,000,034 | ---- | M] () -- C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
[2016/03/09 20:49:51 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2016/03/09 20:49:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/03/09 19:15:20 | 000,002,290 | ---- | M] () -- C:\Users\Marina\Desktop\SpyHunter.lnk
[2016/03/09 17:48:56 | 000,002,745 | ---- | M] () -- C:\spyhunter.fix
[2016/03/09 15:06:18 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe
[2016/03/09 13:24:27 | 000,410,321 | ---- | M] () -- C:\Users\Marina\Desktop\caliman-pedagogia-social-transformadora.pdf
[2016/03/09 00:13:53 | 000,437,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016/03/02 09:43:14 | 000,137,085 | ---- | M] () -- C:\Users\Marina\Desktop\DemonstrativoIRPF-UNOESC.pdf
[2016/03/02 09:38:09 | 000,097,795 | ---- | M] () -- C:\Users\Marina\Desktop\DemonstrativoIRPF-UNOESC.jpg
[2016/03/01 18:56:01 | 000,000,135 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2016/03/01 18:50:24 | 000,753,324 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2016/03/01 18:50:24 | 000,696,102 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/03/01 18:50:24 | 000,164,120 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2016/03/01 18:50:24 | 000,135,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/03/01 18:50:23 | 001,757,366 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/03/01 11:06:08 | 000,000,688 | ---- | M] () -- C:\Users\Marina\Desktop\Brasfoot 2015.lnk
[2016/02/29 11:50:06 | 002,316,728 | ---- | M] () -- C:\Windows\SysNative\SafeGuard64.dll
[2016/02/29 11:50:06 | 001,536,952 | ---- | M] () -- C:\Windows\SysNative\SafeGuard32.dll
[2016/02/29 11:39:24 | 000,002,369 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/02/28 19:38:07 | 012,601,244 | ---- | M] () -- C:\Users\Marina\Documents\Marina Jung.s15
[2016/02/14 17:48:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motport_01007.Wdf
[2016/02/14 14:05:13 | 001,692,598 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016/02/13 23:35:04 | 000,388,936 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2016/02/13 18:48:59 | 003,299,832 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2016/02/13 18:48:58 | 002,190,992 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2016/02/13 18:48:56 | 002,110,600 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2016/02/13 18:48:53 | 000,532,384 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2016/02/13 18:48:53 | 000,166,208 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2016/02/13 18:48:52 | 001,435,144 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2016/02/13 18:48:52 | 000,221,968 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2016/02/13 18:48:52 | 000,209,544 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2016/02/13 18:48:51 | 000,381,416 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2016/02/13 18:48:51 | 000,341,160 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2016/02/13 18:48:51 | 000,341,160 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2016/02/13 18:48:50 | 002,130,584 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2016/02/13 18:48:50 | 000,467,168 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2016/02/13 18:48:49 | 000,258,504 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2016/02/13 18:48:48 | 001,328,496 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2016/02/13 18:48:47 | 001,020,208 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2016/02/13 18:48:45 | 000,231,920 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2016/02/13 18:48:44 | 000,933,640 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2016/02/13 18:48:44 | 000,716,112 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2016/02/13 18:48:44 | 000,589,080 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2016/02/13 18:48:44 | 000,448,592 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2016/02/13 18:48:44 | 000,090,920 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2016/02/13 18:48:44 | 000,088,328 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2016/02/13 18:48:44 | 000,083,632 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2016/02/13 18:48:36 | 003,152,937 | ---- | M] () -- C:\Windows\SysNative\drivers\rtkSSTsetting.dat
[2016/02/13 18:48:32 | 000,387,320 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2016/02/13 18:48:32 | 000,214,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2016/02/13 18:48:32 | 000,110,992 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2016/02/13 18:48:32 | 000,088,352 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2016/02/13 18:48:29 | 004,307,112 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2016/02/13 18:48:28 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2016/02/13 18:48:28 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2016/02/13 18:48:21 | 007,172,920 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2016/02/13 18:48:20 | 000,447,720 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2016/02/13 18:48:20 | 000,151,792 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2016/02/13 18:48:20 | 000,134,208 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2016/02/13 18:48:20 | 000,084,624 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2016/02/13 18:48:19 | 005,776,688 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICV2apo.dll
[2016/02/13 18:48:19 | 005,289,952 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2016/02/13 18:48:19 | 001,003,864 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NahimicAPONSControl.dll
[2016/02/13 18:48:17 | 013,120,760 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2016/02/13 18:48:17 | 012,986,528 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO4064.dll
[2016/02/13 18:48:17 | 000,677,672 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2016/02/13 18:48:14 | 001,334,384 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2016/02/13 18:48:14 | 000,998,032 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2016/02/13 18:48:12 | 014,057,256 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2016/02/13 18:48:05 | 002,823,280 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO7064.dll
[2016/02/13 18:48:05 | 002,050,184 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2016/02/13 18:48:05 | 001,421,104 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2016/02/13 18:48:05 | 000,931,624 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2016/02/13 18:48:04 | 001,211,840 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2016/02/13 18:48:04 | 001,164,336 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2016/02/13 18:48:04 | 000,678,192 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2016/02/13 18:48:04 | 000,330,568 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2016/02/13 18:48:03 | 000,618,192 | ---- | M] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2016/02/13 18:48:00 | 000,470,312 | ---- | M] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2016/02/13 18:48:00 | 000,369,296 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\HiFiDAX2API.dll
[2016/02/13 18:47:51 | 003,282,032 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2016/02/13 18:47:50 | 001,780,624 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2016/02/13 18:47:50 | 001,591,064 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2016/02/13 18:47:50 | 000,727,440 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2016/02/13 18:47:50 | 000,708,320 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2016/02/13 18:47:50 | 000,514,528 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2016/02/13 18:47:50 | 000,504,312 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2016/02/13 18:47:50 | 000,500,560 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2016/02/13 18:47:50 | 000,428,232 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2016/02/13 18:47:49 | 006,264,640 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64AF3.dll
[2016/02/13 18:47:49 | 005,338,936 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DolbyDAX2APOv211.dll
[2016/02/13 18:47:49 | 002,437,136 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DolbyDAX2APOv201.dll
[2016/02/13 18:47:49 | 001,508,936 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2016/02/13 18:47:49 | 000,952,984 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DolbyDAX2APOProp.dll
[2016/02/13 18:47:49 | 000,743,968 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2016/02/13 18:47:49 | 000,445,408 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2016/02/13 18:47:49 | 000,441,272 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2016/02/13 18:47:49 | 000,253,904 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2016/02/13 18:47:49 | 000,253,872 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2016/02/13 18:47:49 | 000,252,880 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2016/02/13 18:47:48 | 007,096,192 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2016/02/13 18:47:48 | 001,959,608 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64AF3.dll
[2016/02/13 18:47:48 | 000,362,056 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64AF3.dll
[2016/02/13 18:47:48 | 000,327,456 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2016/02/13 18:47:47 | 001,965,816 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2016/02/13 18:47:47 | 000,310,424 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64F3.dll
[2016/02/13 18:47:47 | 000,272,720 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2016/02/13 18:47:45 | 000,122,320 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2016/02/13 18:47:45 | 000,105,312 | ---- | M] () -- C:\Windows\SysNative\audioLibVc.dll
[2016/02/13 18:47:44 | 000,118,600 | ---- | M] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2016/02/13 18:45:06 | 004,161,536 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2016/02/13 18:43:11 | 000,032,936 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2016/02/13 15:59:52 | 000,404,184 | ---- | M] (Realsil Semiconductor Corporation) -- C:\Windows\SysNative\drivers\RtsUer.sys
[2016/02/13 15:55:20 | 000,027,552 | ---- | M] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2016/02/11 15:16:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[9 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/03/10 21:37:01 | 000,000,502 | RHS- | C] () -- C:\Users\Marina\ntuser.pol
[2016/03/10 20:10:07 | 027,357,239 | ---- | C] () -- C:\Users\Marina\Desktop\2015 - DIDIER JR, Fredie. Novo Código de Processo Civil de 2015 - Comparativo com o Código de 1973 (CPC 2015 x CPC 1973).pdf
[2016/03/10 20:06:47 | 030,922,940 | ---- | C] () -- C:\Users\Marina\Desktop\Novo Código de Processo Civil Anotado - Cassio Scarpinella Bueno - 2015.pdf
[2016/03/10 20:06:14 | 019,026,353 | ---- | C] () -- C:\Users\Marina\Desktop\Código de Processo Civil Comentado Artigo por Artigo - CPC.pdf
[2016/03/09 20:10:49 | 000,002,745 | ---- | C] () -- C:\spyhunter.fix
[2016/03/09 18:53:21 | 000,002,290 | ---- | C] () -- C:\Users\Marina\Desktop\SpyHunter.lnk
[2016/03/09 15:06:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2016/03/09 13:51:03 | 000,013,040 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/03/09 13:51:03 | 000,013,040 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/03/09 13:24:23 | 000,410,321 | ---- | C] () -- C:\Users\Marina\Desktop\caliman-pedagogia-social-transformadora.pdf
[2016/03/02 09:43:13 | 000,137,085 | ---- | C] () -- C:\Users\Marina\Desktop\DemonstrativoIRPF-UNOESC.pdf
[2016/03/02 09:38:08 | 000,097,795 | ---- | C] () -- C:\Users\Marina\Desktop\DemonstrativoIRPF-UNOESC.jpg
[2016/03/01 18:56:02 | 000,000,202 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2016/03/01 11:06:08 | 000,000,688 | ---- | C] () -- C:\Users\Marina\Desktop\Brasfoot 2015.lnk
[2016/02/29 11:50:05 | 002,316,728 | ---- | C] () -- C:\Windows\SysNative\SafeGuard64.dll
[2016/02/29 11:50:05 | 001,536,952 | ---- | C] () -- C:\Windows\SysNative\SafeGuard32.dll
[2016/02/29 11:45:43 | 000,000,034 | ---- | C] () -- C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
[2016/02/28 21:11:41 | 012,601,244 | ---- | C] () -- C:\Users\Marina\Documents\Marina Jung.s15
[2016/02/14 18:12:54 | 000,026,719 | ---- | C] () -- C:\Windows\SysWow64\SERSPL.VXD
[2016/02/14 17:48:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motport_01007.Wdf
[2016/02/13 18:48:36 | 003,152,937 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkSSTsetting.dat
[2016/02/13 18:48:28 | 004,307,112 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2016/02/13 18:47:45 | 000,105,312 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2016/02/13 18:47:44 | 000,118,600 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2016/02/11 15:16:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015/08/04 20:35:03 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll
[2015/07/16 15:01:19 | 000,017,408 | ---- | C] () -- C:\Users\Marina\AppData\Local\WebpageIcons.db
[2015/07/06 18:42:47 | 000,000,094 | ---- | C] () -- C:\Users\Marina\AppData\Local\fusioncache.dat
[2015/06/03 20:30:46 | 000,109,696 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2015/06/03 20:30:46 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2015/05/23 22:54:19 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2015/05/23 22:54:18 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2015/05/23 22:54:18 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2015/05/23 22:54:17 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2015/05/11 14:17:31 | 003,147,711 | ---- | C] () -- C:\Users\Marina\AppData\Local\winrar.zlib
[2015/05/06 23:35:31 | 000,038,485 | ---- | C] () -- C:\Users\Marina\AppData\Roaming\Valores Separados por Vírgulas (Windows).ADR
[2014/10/20 12:51:59 | 000,000,425 | ---- | C] () -- C:\Users\Marina\AppData\Local\UserProducts.xml
[2014/08/04 22:32:03 | 000,000,422 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/07/21 19:02:32 | 000,000,187 | ---- | C] () -- C:\Users\Marina\AppData\Roaming\default.rss
[2014/07/21 19:01:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2014/07/01 17:14:43 | 000,000,089 | ---- | C] () -- C:\Users\Marina\AppData\Roaming\WB.CFG
[2014/06/25 00:57:22 | 000,007,605 | ---- | C] () -- C:\Users\Marina\AppData\Local\Resmon.ResmonCfg
[2014/06/19 14:47:47 | 001,692,598 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/19 14:33:24 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/01/22 03:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 03:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
"DefaultConnectionSettings" = 46 00 00 00 39 6B 00 00 0B 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 00 00 00 00 00 00 00 00 05 00 00 00 1F 00 00 00 68 74 74 70 3A 2F 2F 77 70 61 64 2E 75 6E 6F 65 73 63 2E 6C 61 6E 2F 77 70 61 64 2E 64 61 74 FE C9 22 16 6A 2B D0 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 AC 12 18 B7 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 62 28 00 00 0B 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 00 00 00 00 00 00 00 00 05 00 00 00 1F 00 00 00 68 74 74 70 3A 2F 2F 77 70 61 64 2E 75 6E 6F 65 73 63 2E 6C 61 6E 2F 77 70 61 64 2E 64 61 74 FE C9 22 16 6A 2B D0 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 AC 12 18 B7 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 10 bytes -> C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt

< End of report >

Publicité


Signaler le contenu de ce document

Publicité