ÿþOTL logfile created on: 06/09/2016 18:50:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASOUSA\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.10586.0) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 3,91 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 21,24% Memory free 5,16 Gb Paging File | 1,84 Gb Available in Paging File | 35,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 456,37 Gb Total Space | 394,10 Gb Free Space | 86,35% Space Free | Partition Type: NTFS Drive D: | 496,00 Mb Total Space | 445,16 Mb Free Space | 89,75% Space Free | Partition Type: FAT32 Drive W: | 750,00 Mb Total Space | 446,88 Mb Free Space | 59,58% Space Free | Partition Type: NTFS Drive X: | 7,56 Gb Total Space | 0,72 Gb Free Space | 9,53% Space Free | Partition Type: NTFS Computer Name: AIRTON | User Name: ASOUSA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found -- PRC - [2016/09/06 18:49:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASOUSA\Desktop\OTL--.exe PRC - [2016/09/05 16:14:37 | 002,180,680 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe PRC - [2016/09/05 16:14:37 | 001,349,704 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe PRC - [2016/09/05 16:14:37 | 000,980,552 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe PRC - [2016/08/23 16:12:48 | 000,633,024 | ---- | M] (Microsoft Corporation) -- C:\Users\ASOUSA\AppData\Local\Microsoft\OneDrive\OneDrive.exe PRC - [2016/08/18 11:07:42 | 001,469,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe PRC - [2016/07/28 09:55:10 | 001,320,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~2\AVG\Av\avgrsa.exe PRC - [2016/06/25 01:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2016/04/19 15:48:44 | 000,144,384 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe PRC - [2016/01/04 17:32:18 | 004,180,880 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE PRC - [2016/01/04 17:31:56 | 002,065,808 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe PRC - [2015/10/30 04:18:21 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2015/09/11 12:34:16 | 018,484,496 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe PRC - [2015/09/11 12:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe PRC - [2015/09/11 12:22:54 | 000,230,672 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\tv_w32.exe PRC - [2015/08/03 23:21:48 | 000,312,056 | ---- | M] (Realtek Semiconductor) -- C:\Arquivos de Programas\Realtek\Audio\HDA\RtkAudioService64.exe PRC - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe PRC - [2015/03/15 12:24:30 | 000,341,280 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe PRC - [2014/07/26 03:02:46 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014/07/26 03:02:42 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013/09/03 15:52:56 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2013/09/03 15:52:14 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2013/08/30 20:18:18 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Arquivos de Programas\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2013/08/30 20:18:16 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Arquivos de Programas\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2016/09/05 16:14:37 | 002,180,680 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe MOD - [2016/08/23 16:12:50 | 000,118,976 | ---- | M] () -- C:\Users\ASOUSA\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll MOD - [2016/08/23 16:12:46 | 001,383,616 | ---- | M] () -- C:\Users\ASOUSA\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll MOD - [2016/05/12 15:33:01 | 000,390,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\eec68ed9ee89f3edf2bd0e4a8a681f46\System.Xml.Linq.ni.dll MOD - [2016/05/12 15:33:00 | 007,378,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e1be3ec32aa5187ec7d760c55c55f6c0\System.Xml.ni.dll MOD - [2016/05/12 15:32:56 | 001,876,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\fc7551596b2c93328a98aa161ccc1e68\System.Xaml.ni.dll MOD - [2016/05/12 15:32:54 | 002,772,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\2f18aee9e26301da57394e94416a20ba\System.Runtime.Serialization.ni.dll MOD - [2016/05/12 15:32:52 | 000,516,608 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.Http\e40c3b28dfdba65b98070aadcba8d0cd\System.Net.Http.ni.dll MOD - [2016/05/12 15:32:51 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\d1e6c00e339d9f64674d3a9e74403a7e\System.Configuration.ni.dll MOD - [2016/05/12 15:32:50 | 000,527,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\342e1e9ad63227e979f93ef84d0eef1a\PresentationFramework.Aero2.ni.dll MOD - [2016/05/12 15:32:49 | 019,077,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\b32414460ef8695cdd49dfc3e6c3f079\PresentationFramework.ni.dll MOD - [2016/05/12 15:32:37 | 011,560,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\2586b192cf7cea9686568c6d76361cc2\PresentationCore.ni.dll MOD - [2016/05/12 15:32:30 | 003,975,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\0555aeb073cb90d425082d8b4360f814\WindowsBase.ni.dll MOD - [2016/05/12 15:32:27 | 007,498,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ea350a39df1334a4911cc92f58c85dd0\System.Core.ni.dll MOD - [2016/05/12 15:32:22 | 009,983,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3a4f0a84904c4b568b6621b30306261c\System.ni.dll MOD - [2016/04/22 21:33:58 | 018,127,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\b1ea5171f48fa1865ea45dd904735573\mscorlib.ni.dll MOD - [2016/04/19 15:48:44 | 022,284,800 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll MOD - [2016/04/19 15:48:44 | 000,144,384 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe MOD - [2016/04/19 15:48:44 | 000,141,312 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll MOD - [2016/04/15 14:23:47 | 040,500,224 | ---- | M] () -- C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll MOD - [2015/12/18 21:52:24 | 001,607,920 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll MOD - [2014/02/18 16:12:14 | 000,117,568 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll MOD - [2012/11/25 22:19:20 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2016/08/03 06:38:23 | 000,379,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:[b]64bit:[/b] - [2016/08/03 06:36:49 | 000,211,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:[b]64bit:[/b] - [2016/08/03 06:33:57 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:[b]64bit:[/b] - [2016/08/03 06:31:38 | 000,506,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:[b]64bit:[/b] - [2016/08/03 06:17:10 | 002,175,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2016/08/03 06:12:25 | 002,746,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:[b]64bit:[/b] - [2016/07/01 02:10:31 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2016/07/01 01:45:06 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:[b]64bit:[/b] - [2016/07/01 01:43:41 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2016/07/01 01:32:03 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:[b]64bit:[/b] - [2016/07/01 00:52:47 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:[b]64bit:[/b] - [2016/07/01 00:52:31 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:[b]64bit:[/b] - [2016/07/01 00:47:23 | 000,314,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:[b]64bit:[/b] - [2016/07/01 00:46:42 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:[b]64bit:[/b] - [2016/07/01 00:46:22 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:[b]64bit:[/b] - [2016/07/01 00:42:39 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2016/07/01 00:41:41 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2016/07/01 00:39:12 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2016/07/01 00:37:58 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:[b]64bit:[/b] - [2016/07/01 00:25:39 | 001,097,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:[b]64bit:[/b] - [2016/05/28 01:22:06 | 000,163,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:[b]64bit:[/b] - [2016/05/28 01:18:23 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2016/05/28 01:17:50 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:[b]64bit:[/b] - [2016/05/06 01:03:20 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:[b]64bit:[/b] - [2016/05/06 00:49:14 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:[b]64bit:[/b] - [2016/04/23 02:24:13 | 000,754,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:[b]64bit:[/b] - [2016/04/23 01:20:58 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2016/04/17 10:13:10 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 001,490,432 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 001,139,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,847,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,591,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:[b]64bit:[/b] - [2016/04/02 22:42:40 | 000,373,160 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0) SRV:[b]64bit:[/b] - [2016/03/29 04:20:21 | 000,948,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:[b]64bit:[/b] - [2016/03/29 02:45:48 | 000,338,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2016/02/13 14:34:38 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:[b]64bit:[/b] - [2016/02/13 14:34:36 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:[b]64bit:[/b] - [2016/02/13 14:34:36 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:[b]64bit:[/b] - [2016/02/13 14:34:33 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2015/10/30 04:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2015/10/30 04:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:[b]64bit:[/b] - [2015/10/30 04:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2015/10/30 04:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2015/10/30 04:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:[b]64bit:[/b] - [2015/10/30 04:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2015/10/30 04:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2015/10/30 04:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:[b]64bit:[/b] - [2015/10/30 04:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:[b]64bit:[/b] - [2015/10/30 04:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2015/10/30 04:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:[b]64bit:[/b] - [2015/10/30 04:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:[b]64bit:[/b] - [2015/10/30 04:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:[b]64bit:[/b] - [2015/10/30 04:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2015/10/30 04:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2015/10/30 04:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2015/10/30 04:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2015/10/30 04:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:[b]64bit:[/b] - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_8b73668) SRV:[b]64bit:[/b] - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_8b73668) SRV:[b]64bit:[/b] - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_8b73668) SRV:[b]64bit:[/b] - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_8b73668) SRV:[b]64bit:[/b] - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_36a06) SRV:[b]64bit:[/b] - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_8b73668) SRV:[b]64bit:[/b] - [2015/10/30 04:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2015/10/30 04:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2015/10/30 04:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2015/10/30 04:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:[b]64bit:[/b] - [2015/10/30 04:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:[b]64bit:[/b] - [2015/10/30 04:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2015/10/30 04:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2015/10/30 04:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:[b]64bit:[/b] - [2015/10/30 04:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:[b]64bit:[/b] - [2015/10/30 04:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:[b]64bit:[/b] - [2015/07/31 22:17:50 | 000,061,976 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService) SRV - [2016/09/05 16:14:37 | 001,349,704 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe -- (vToolbarUpdater40.3.5) SRV - [2016/09/05 16:14:37 | 000,980,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- (WtuSystemSupport) SRV - [2016/08/18 11:08:10 | 001,097,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc) SRV - [2016/08/03 01:19:22 | 002,180,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2016/07/29 15:57:58 | 000,158,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2016/07/28 10:06:12 | 005,267,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgidsagenta.exe -- (AVGIDSAgent) SRV - [2016/07/28 09:57:42 | 000,674,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\Av\avgamps.exe -- (AvgAMPS) SRV - [2016/07/28 09:52:58 | 000,760,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgwdsvca.exe -- (avgwd) SRV - [2016/07/01 02:10:31 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2016/06/25 01:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2016/05/28 01:14:46 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2016/04/23 00:45:56 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2016/04/22 11:29:50 | 000,031,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent) SRV - [2016/04/17 10:12:59 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2016/04/02 22:42:40 | 000,300,968 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2016/03/10 21:03:25 | 000,202,488 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Arquivos de Programas\Dell\DellDataVault\DellDataVaultWiz.exe -- (DellDataVaultWiz) SRV - [2016/03/10 21:02:55 | 002,572,024 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Arquivos de Programas\Dell\DellDataVault\DellDataVault.exe -- (DellDataVault) SRV - [2016/01/27 16:33:59 | 000,144,104 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Arquivos de Programas\Elantech\ETDService.exe -- (ETDService) SRV - [2016/01/04 17:31:56 | 002,065,808 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe -- (SftService) SRV - [2015/10/30 04:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc) SRV - [2015/10/30 04:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2015/09/11 12:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer) SRV - [2015/08/03 23:21:48 | 000,312,056 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Arquivos de Programas\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService) SRV - [2015/03/15 12:24:30 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe -- (SiteAdvisor Service) SRV - [2014/12/11 09:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014/07/26 03:02:42 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2014/07/26 03:02:40 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV - [2014/04/01 11:20:36 | 000,293,440 | ---- | M] (Aviata, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe -- (DellProdRegManager) SRV - [2013/09/03 15:52:56 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2013/09/03 15:52:14 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2013/08/30 20:18:16 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2013/05/11 16:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R) SRV - [2013/05/11 16:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de Programas\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2016/08/03 07:36:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2016/07/20 08:46:16 | 000,313,088 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa) DRV:[b]64bit:[/b] - [2016/07/19 12:27:12 | 000,261,888 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2016/07/01 01:49:41 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2016/06/30 14:41:10 | 000,314,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2016/06/20 15:22:20 | 000,077,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avguniva.sys -- (Avguniva) DRV:[b]64bit:[/b] - [2016/06/01 13:28:02 | 000,260,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2016/06/01 13:25:42 | 000,261,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2016/06/01 13:16:40 | 000,052,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2016/05/28 02:22:08 | 000,211,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2016/05/28 02:08:25 | 000,258,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:[b]64bit:[/b] - [2016/05/28 01:24:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2016/05/13 07:52:10 | 000,163,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2016/04/23 02:11:14 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:[b]64bit:[/b] - [2016/04/23 01:56:52 | 000,534,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2016/04/23 01:34:19 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2016/04/23 01:33:59 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:[b]64bit:[/b] - [2016/04/23 01:29:32 | 000,087,552 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:[b]64bit:[/b] - [2016/04/17 10:12:59 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:[b]64bit:[/b] - [2016/04/02 22:42:35 | 007,858,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2016/03/29 05:21:40 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2016/03/29 05:16:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:[b]64bit:[/b] - [2016/03/29 04:23:41 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:[b]64bit:[/b] - [2016/03/23 20:43:40 | 000,037,832 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iqvw64e.sys -- (NAL) DRV:[b]64bit:[/b] - [2016/02/16 15:05:56 | 000,360,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2016/02/13 14:43:44 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2016/02/13 14:43:25 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2016/02/13 14:34:33 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:[b]64bit:[/b] - [2016/02/13 14:34:33 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2016/01/27 16:33:59 | 000,469,080 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2016/01/07 14:03:54 | 000,021,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota) DRV:[b]64bit:[/b] - [2016/01/05 18:47:00 | 000,024,240 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellProf.sys -- (DellProf) DRV:[b]64bit:[/b] - [2015/10/30 04:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2015/10/30 04:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2015/10/30 04:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:[b]64bit:[/b] - [2015/10/30 04:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2015/10/30 04:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2015/10/30 04:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2015/10/30 04:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:[b]64bit:[/b] - [2015/10/30 04:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:[b]64bit:[/b] - [2015/10/30 04:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2015/10/30 04:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2015/10/30 04:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos) DRV:[b]64bit:[/b] - [2015/10/30 04:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2015/10/30 04:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:[b]64bit:[/b] - [2015/10/30 04:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2015/10/30 04:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:[b]64bit:[/b] - [2015/10/30 04:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:[b]64bit:[/b] - [2015/10/30 04:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2015/10/30 04:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2015/10/30 04:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2015/10/30 04:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2015/10/30 04:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2015/10/30 04:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2015/10/30 04:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2015/10/30 04:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:[b]64bit:[/b] - [2015/10/30 04:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2015/10/30 04:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2015/10/30 04:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2015/10/30 04:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:[b]64bit:[/b] - [2015/10/30 04:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:[b]64bit:[/b] - [2015/10/30 04:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2015/10/30 04:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2015/10/30 04:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:[b]64bit:[/b] - [2015/10/30 04:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:[b]64bit:[/b] - [2015/10/30 04:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2015/10/30 04:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2015/10/30 04:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:[b]64bit:[/b] - [2015/10/30 04:17:19 | 003,485,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwbw02.sys -- (NETwNb64) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2015/10/30 04:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2015/08/13 22:20:26 | 000,896,744 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:[b]64bit:[/b] - [2015/07/23 03:02:12 | 000,031,376 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2015/07/14 19:27:40 | 000,263,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb) DRV:[b]64bit:[/b] - [2015/05/14 10:44:38 | 000,751,632 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER) DRV:[b]64bit:[/b] - [2015/02/26 13:00:46 | 000,023,760 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DDDriver64Dcsa.sys -- (DDDriver) DRV:[b]64bit:[/b] - [2014/04/01 05:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2014/01/22 07:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2014/01/22 07:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2013/12/19 22:18:36 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2013/10/28 20:13:22 | 000,449,496 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2013/10/17 19:41:31 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:[b]64bit:[/b] - [2013/10/17 19:41:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:[b]64bit:[/b] - [2013/08/28 20:13:36 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2013/01/24 23:12:08 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn) DRV:[b]64bit:[/b] - [2008/12/13 10:28:20 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2016/08/01 16:36:16 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Arquivos de Programas\Dell\SupportAssist\pcdsrvc_x64.pkms -- (PCDSRVC{3B54B31B-D06B6431-06020200}_0) DRV - [2016/06/06 22:08:46 | 000,046,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn) DRV - [2015/10/30 04:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus) DRV - [2014/07/26 03:02:40 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp&ts=1423662549&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=dspp&ts=1423662549&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=dspp&ts=1423662549&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{8804E258-442E-40AE-9801-BB5509FFC251}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{8804E258-442E-40AE-9801-BB5509FFC251}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp&ts=1423662549&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=dspp&ts=1423662549&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=dspp&ts=1423662549&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={4FC02F77-7A78-41F0-AA57-FB4721134CF7}&mid=cc926895788647cda13f3192131b8d11-0dbc254c55435403b9d7a1f0aef2aa9f7cf3a6d1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=pr&d=2015-09-10 22:09:52&v=4.3.1.831&pid=wtu&sg=&sap=hp IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=tt4u&utm_campaign=install_ie&utm_content=ds&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&ts=1423662560&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=tt4u&utm_campaign=install_ie&utm_content=ds&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&ts=1423662560&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=tt4u&utm_campaign=install_ie&utm_content=ds&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&ts=1423662560&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{6189BE23-EE19-443D-AFC4-946C640F7C0E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=tt4u&utm_campaign=install_ie&utm_content=ds&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&ts=1423662560&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{8804E258-442E-40AE-9801-BB5509FFC251}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=tt4u&utm_campaign=install_ie&utm_content=ds&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&ts=1423662560&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={4FC02F77-7A78-41F0-AA57-FB4721134CF7}&mid=cc926895788647cda13f3192131b8d11-0dbc254c55435403b9d7a1f0aef2aa9f7cf3a6d1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=pr&d=2015-09-10 22:09:52&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=tt4u&utm_campaign=install_ie&utm_content=ds&from=tt4u&uid=ST500LT012-1DG142_W3P1T80KXXXXW3P1T80K&ts=1423662560&type=default&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.5\\npsitesafety.dll File not found FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.79.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.79.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D}: C:\PROGRAM FILES\SHOPPERZ\FIREFOX 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI [2016/08/08 16:16:14 | 000,120,387 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016/08/08 16:16:14 | 000,120,387 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D}: C:\Program Files\shopperz\Firefox FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files (x86)\SiteAdvisor\6172\FF\ [2015/03/15 12:24:30 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\ASOUSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\ASOUSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\ASOUSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\ CHR - Extension: No name found = C:\Users\ASOUSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\ASOUSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\ASOUSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5216.530.0.15_0\ O1 HOSTS File: ([2013/08/22 10:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Arquivos de Programas\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll (AVG) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll (AVG) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Arquivos de Programas\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe () O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] c:\Arquivos de Programas\Dell\QuickSet\quickset.exe (Dell Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_PushButton] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [gmsd_br_108] File not found O4 - HKLM..\Run: [McENUI] \McENUI.exe /hide File not found O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe () O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe () O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [OneDrive] C:\Users\ASOUSA\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [Uninstall C:\Users\ASOUSA\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ASOUSA\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O8:[b]64bit:[/b] - Extra context menu item: SafeKey Fill Forms - file://C:\Users\ASOUSA\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found O8 - Extra context menu item: SafeKey Fill Forms - file://C:\Users\ASOUSA\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found O9:[b]64bit:[/b] - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found O9:[b]64bit:[/b] - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5632897f-fe2a-48c4-a506-f41c4b2bfdac}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5632897f-fe2a-48c4-a506-f41c4b2bfdac}: NameServer = 82.163.143.172,82.163.142.174 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6975e0e2-63fa-404e-8ce6-59ffe522c430}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6975e0e2-63fa-404e-8ce6-59ffe522c430}: NameServer = 82.163.143.172,82.163.142.174 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{aff711b2-7b72-48cf-aab1-faba9352093a}: DhcpNameServer = 192.168.42.129 O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll () O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll () O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{dac0613e-700b-11e4-8259-e0db55ff64e2}\Shell - "" = AutoRun O33 - MountPoints2\{dac0613e-700b-11e4-8259-e0db55ff64e2}\Shell\AutoRun\command - "" = "E:\LaunchU3.exe" -a O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2016/09/06 18:49:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ASOUSA\Desktop\OTL--.exe [2016/09/06 18:02:10 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2016/08/15 18:08:18 | 006,974,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll [2016/08/15 18:08:17 | 014,252,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll [2016/08/15 18:08:15 | 004,078,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll [2016/08/15 18:08:14 | 004,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll [2016/08/15 18:08:13 | 012,585,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll [2016/08/15 18:08:12 | 000,808,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe [2016/08/15 18:08:11 | 005,123,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll [2016/08/15 18:08:10 | 002,180,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll [2016/08/15 18:08:10 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe [2016/08/15 18:08:09 | 001,388,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2016/08/15 18:08:09 | 000,501,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll [2016/08/15 18:08:09 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe [2016/08/15 18:08:08 | 000,566,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe [2016/08/15 18:08:08 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll [2016/08/15 18:08:08 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe [2016/08/15 18:08:08 | 000,051,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll [2016/08/15 18:08:07 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll [2016/08/15 18:08:07 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll [2016/08/15 18:08:07 | 000,034,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll [2016/08/15 18:08:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll [2016/08/15 18:08:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll [2016/08/15 18:08:03 | 016,985,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2016/08/15 18:08:01 | 003,589,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2016/08/15 18:07:59 | 001,997,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll [2016/08/15 18:07:59 | 001,387,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2016/08/15 18:07:58 | 007,536,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2016/08/15 18:07:57 | 000,703,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe [2016/08/15 18:07:57 | 000,576,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys [2016/08/15 18:07:56 | 001,500,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe [2016/08/15 18:07:56 | 000,693,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll [2016/08/15 18:07:56 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll [2016/08/15 18:07:55 | 006,743,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2016/08/15 18:07:54 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll [2016/08/15 18:07:54 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll [2016/08/15 18:07:54 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll [2016/08/15 18:07:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdlrecover.exe [2016/08/15 18:07:53 | 001,717,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll [2016/08/15 18:07:52 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll [2016/08/15 18:07:52 | 000,115,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll [2016/08/15 18:07:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll [2016/08/15 18:07:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll [2016/08/15 18:07:51 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2016/08/15 18:07:51 | 000,393,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2016/08/15 18:07:51 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll [2016/08/15 18:07:51 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2016/08/15 18:07:50 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFPlatform.dll [2016/08/15 18:07:50 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll [2016/08/15 18:07:49 | 013,018,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2016/08/15 18:07:47 | 001,540,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2016/08/15 18:07:46 | 000,692,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll [2016/08/15 18:07:46 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe [2016/08/15 18:07:45 | 000,465,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2016/08/15 18:07:45 | 000,026,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2016/08/15 18:07:44 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2016/08/15 18:07:44 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll [2016/08/15 18:07:42 | 007,469,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2016/08/15 18:07:40 | 002,175,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2016/08/15 18:07:39 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll [2016/08/15 18:07:39 | 001,505,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2016/08/15 18:07:39 | 000,092,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2016/08/15 18:07:39 | 000,050,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe [2016/08/15 18:07:37 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tileobjserver.dll [2016/08/15 18:07:36 | 000,303,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe [2016/08/15 18:07:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdlrecover.exe [2016/08/15 18:07:35 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll [2016/08/15 18:07:34 | 001,467,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll [2016/08/15 18:07:34 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEEventDispatcher.dll [2016/08/15 18:07:33 | 000,037,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll [2016/08/15 18:07:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEDataLayerHelpers.dll [2016/08/15 18:07:32 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll [2016/08/15 18:07:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll [2016/08/15 18:07:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll [2016/08/15 18:07:30 | 018,677,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2016/08/15 18:07:28 | 005,660,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2016/08/15 18:07:27 | 004,895,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2016/08/15 18:07:25 | 007,833,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2016/08/15 18:07:25 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll [2016/08/15 18:07:24 | 022,384,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2016/08/15 18:07:20 | 001,322,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2016/08/15 18:07:16 | 005,323,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll [2016/08/15 18:07:15 | 001,708,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll [2016/08/15 18:07:13 | 000,529,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll [2016/08/15 18:07:13 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll [2016/08/15 18:07:13 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll [2016/08/15 18:07:12 | 001,526,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2016/08/15 18:07:12 | 000,784,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2016/08/15 18:07:12 | 000,255,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe [2016/08/15 18:07:11 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2016/08/15 18:07:10 | 002,127,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2016/08/15 18:07:10 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2016/08/15 18:07:10 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll [2016/08/15 18:07:09 | 000,465,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe [2016/08/15 18:07:09 | 000,058,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll [2016/08/15 18:07:08 | 001,752,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2016/08/15 18:07:08 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll [2016/08/15 18:07:07 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll [2016/08/15 18:07:07 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll [2016/08/15 18:07:07 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014/11/20 13:25:54 | 032,372,200 | ---- | C] (McAfee) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [1 C:\Users\ASOUSA\AppData\Local\*.tmp files -> C:\Users\ASOUSA\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2016/09/06 18:49:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASOUSA\Desktop\OTL--.exe [2016/09/06 18:14:55 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2016/09/06 18:01:35 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2016/09/06 18:01:11 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2016/09/06 18:00:50 | 1678,172,160 | -HS- | M] () -- C:\hiberfil.sys [2016/09/06 18:00:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2016/09/05 17:19:48 | 000,170,906 | ---- | M] () -- C:\Users\ASOUSA\Desktop\Sobre o conceito de verdade em Nietzsche.pdf [2016/09/05 16:32:31 | 000,157,279 | ---- | M] () -- C:\Users\ASOUSA\Desktop\RECIBO TRANSJOSEMAR PER. 06.08 A 06.09.2016.jpg [2016/09/03 21:17:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Superclean.job [2016/09/02 17:24:34 | 002,602,032 | ---- | M] () -- C:\Users\ASOUSA\Desktop\AS IMPLICAÇÕES SOCIOECONÔMICAS, HISTÓRICAS E JURÍDICAS NA VULNERABILIZAÇÃO DAS FAMÍLIAS DOS ADOLESCENTES EM CONFLITO COM A LEI.pdf [2016/08/23 16:07:52 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2016/08/10 15:15:43 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/08/10 15:11:16 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\AVG.lnk [1 C:\Users\ASOUSA\AppData\Local\*.tmp files -> C:\Users\ASOUSA\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2016/09/05 17:19:47 | 000,170,906 | ---- | C] () -- C:\Users\ASOUSA\Desktop\Sobre o conceito de verdade em Nietzsche.pdf [2016/09/05 16:32:30 | 000,157,279 | ---- | C] () -- C:\Users\ASOUSA\Desktop\RECIBO TRANSJOSEMAR PER. 06.08 A 06.09.2016.jpg [2016/09/02 17:24:33 | 002,602,032 | ---- | C] () -- C:\Users\ASOUSA\Desktop\AS IMPLICAÇÕES SOCIOECONÔMICAS, HISTÓRICAS E JURÍDICAS NA VULNERABILIZAÇÃO DAS FAMÍLIAS DOS ADOLESCENTES EM CONFLITO COM A LEI.pdf [2016/07/13 15:52:54 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/04/18 15:22:20 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll [2016/04/17 10:32:27 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2016/02/13 14:52:44 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2015/10/30 04:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2015/10/30 04:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2015/10/30 04:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll [2015/10/30 04:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2015/10/30 04:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2015/10/30 04:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2015/10/30 04:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2015/10/30 04:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe [2015/10/30 04:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2015/10/30 04:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2015/10/30 04:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll [2015/10/30 04:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2015/10/30 04:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2015/10/30 04:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2015/07/23 03:02:12 | 037,749,064 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll [2015/07/05 11:43:07 | 000,000,020 | ---- | C] () -- C:\Users\ASOUSA\AppData\Roaming\appdataFr2.bin [2015/07/03 13:38:16 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2015/06/14 09:15:46 | 000,004,096 | ---- | C] () -- C:\WINDOWS\SysWow64\ntwdblib.dll [2015/05/21 18:59:30 | 000,000,024 | ---- | C] () -- C:\Users\ASOUSA\AppData\Roaming\appdataFr25.bin [2015/05/07 18:44:13 | 000,000,020 | ---- | C] () -- C:\Users\ASOUSA\AppData\Roaming\appdataFr3.bin [2014/11/19 15:37:40 | 000,000,227 | ---- | C] () -- C:\ProgramData\bc.ini [2014/11/04 17:16:37 | 001,814,812 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [color=#E56717]========== ZeroAccess Check ==========[/color] [2016/05/11 17:33:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2016/07/01 01:32:57 | 006,605,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2016/07/01 01:19:46 | 005,240,960 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 04:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 04:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 04:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %APPDATA%\*.* >[/color] [2015/08/04 10:36:11 | 000,000,020 | ---- | M] () -- C:\Users\ASOUSA\AppData\Roaming\appdataFr2.bin [2015/07/05 11:18:08 | 000,000,024 | ---- | M] () -- C:\Users\ASOUSA\AppData\Roaming\appdataFr25.bin [2015/05/21 12:47:38 | 000,000,020 | ---- | M] () -- C:\Users\ASOUSA\AppData\Roaming\appdataFr3.bin [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 237 bytes -> C:\Users\ASOUSA\OneDrive:ms-properties < End of report >