ÿþpra OTL logfile created on: 19/11/2016 18:33:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HUGO\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 3,96 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 42,06% Memory free 7,91 Gb Paging File | 4,95 Gb Available in Paging File | 62,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 715,55 Gb Total Space | 617,97 Gb Free Space | 86,36% Space Free | Partition Type: NTFS Drive D: | 215,86 Gb Total Space | 11,44 Gb Free Space | 5,30% Space Free | Partition Type: NTFS Computer Name: HUGO-PC | User Name: HUGO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2016/11/19 18:31:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HUGO\Downloads\OTL.exe PRC - [2016/10/25 18:19:32 | 000,419,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe PRC - [2016/10/25 18:19:30 | 015,532,992 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe PRC - [2014/02/05 07:32:34 | 001,593,632 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013/03/08 16:07:36 | 000,506,864 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe PRC - [2013/02/20 11:47:14 | 000,161,264 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe PRC - [2013/01/14 16:29:52 | 000,366,040 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2013/01/14 16:29:52 | 000,279,000 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2013/01/14 16:29:50 | 000,165,336 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012/08/16 20:36:26 | 000,316,416 | ---- | M] (Intel Corporation) -- C:\Arquivos de Programas\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2016/11/13 19:22:57 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll MOD - [2016/11/13 16:02:00 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll MOD - [2016/11/13 16:01:51 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll MOD - [2016/11/13 16:01:47 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll MOD - [2016/11/13 16:01:44 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll MOD - [2016/11/13 16:01:43 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll MOD - [2016/11/13 16:01:40 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll MOD - [2016/11/13 16:01:39 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll MOD - [2016/11/13 16:01:38 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll MOD - [2016/11/13 16:01:33 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2016/10/25 18:19:32 | 003,774,400 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll MOD - [2016/10/25 18:19:31 | 000,900,032 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll MOD - [2016/10/25 18:19:30 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll MOD - [2016/10/25 17:57:38 | 002,808,256 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node MOD - [2016/10/25 17:57:38 | 000,968,248 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node MOD - [2016/10/25 17:57:38 | 000,512,960 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node MOD - [2016/10/25 17:57:38 | 000,506,424 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node MOD - [2016/10/25 17:57:38 | 000,440,888 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node MOD - [2016/10/25 17:57:38 | 000,436,792 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node MOD - [2016/10/25 17:57:38 | 000,357,944 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node MOD - [2016/10/25 17:57:38 | 000,338,488 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node MOD - [2016/10/25 17:57:38 | 000,255,936 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node MOD - [2016/10/25 17:57:38 | 000,246,840 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009/07/13 23:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2016/10/25 18:19:33 | 000,456,640 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService) SRV - [2016/10/25 18:19:33 | 000,456,640 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem) SRV - [2016/10/25 18:19:29 | 001,163,712 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe -- (NVIDIA Wireless Controller Service) SRV - [2016/10/25 18:13:09 | 000,458,176 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem) SRV - [2014/02/05 07:32:34 | 001,593,632 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013/02/20 11:47:14 | 000,161,264 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2013/01/14 16:29:52 | 000,366,040 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2013/01/14 16:29:52 | 000,279,000 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2013/01/14 16:29:50 | 000,165,336 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012/12/10 14:31:44 | 000,803,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R) SRV - [2012/12/10 14:31:28 | 000,732,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012/08/16 20:36:54 | 000,149,032 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 19:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2016/11/19 18:03:11 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001) DRV:[b]64bit:[/b] - [2016/11/12 16:19:31 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2016/10/25 23:06:20 | 000,212,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2016/10/25 18:19:37 | 000,046,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2012/12/26 15:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2012/08/16 20:31:28 | 000,046,016 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT) DRV:[b]64bit:[/b] - [2012/08/16 20:31:28 | 000,019,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent) DRV:[b]64bit:[/b] - [2012/08/16 20:31:26 | 000,020,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent) DRV:[b]64bit:[/b] - [2012/07/13 00:56:32 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010/11/20 11:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 11:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 11:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2010/11/20 09:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/20 09:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010/04/27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:[b]64bit:[/b] - [2010/04/27 16:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo) DRV:[b]64bit:[/b] - [2010/04/27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:[b]64bit:[/b] - [2010/04/27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:[b]64bit:[/b] - [2010/04/27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:[b]64bit:[/b] - [2009/07/13 23:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 23:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 23:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009/07/13 23:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 18:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 18:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 18:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 18:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2016/10/25 18:19:14 | 000,027,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Arquivos de Programas\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV - [2012/10/25 19:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3) DRV - [2009/07/13 23:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 0D F0 96 A0 42 D2 01 [binary data] IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-289752171-2322454258-965198674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2009/06/10 19:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-289752171-2322454258-965198674-1000..\Run: [uTorrent] C:\Users\HUGO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19B58968-BFEA-4140-A242-CFA3BD2D49CB}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e9e85533-a8fd-11e6-8054-d43d7efa0545}\Shell - "" = AutoRun O33 - MountPoints2\{e9e85533-a8fd-11e6-8054-d43d7efa0545}\Shell\AutoRun\command - "" = F:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2016/11/19 18:24:29 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\CrashDumps [2016/11/19 18:20:22 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Downloaded Installations [2016/11/19 18:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2016/11/19 18:09:54 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Deployment [2016/11/19 18:09:54 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Apps [2016/11/19 17:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jogotempo [2016/11/19 17:52:59 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\WMPNetworkAcSvc [2016/11/19 17:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OtherSearch [2016/11/19 17:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg [2016/11/19 17:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\49d3669360921e45e5cf9fd0499ef6e3 [2016/11/19 17:51:43 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\Profiles [2016/11/19 17:51:43 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Ghunilyerqither [2016/11/19 17:51:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kitatsherzosh [2016/11/19 15:33:26 | 000,000,000 | ---D | C] -- C:\Users\HUGO\Documents\BeamNG.drive [2016/11/18 14:44:53 | 000,000,000 | ---D | C] -- C:\e0c96f728003836f92 [2016/11/17 22:03:03 | 000,000,000 | ---D | C] -- C:\0251822bd2ee362679624a [2016/11/17 16:58:51 | 000,000,000 | ---D | C] -- C:\Users\HUGO\Desktop\trabalho de fisica [2016/11/17 16:55:23 | 000,000,000 | ---D | C] -- C:\Users\HUGO\Documents\Custom Office Templates [2016/11/17 14:04:49 | 000,000,000 | ---D | C] -- C:\Users\HUGO\Desktop\trabalho do ronan [2016/11/16 16:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive [2016/11/16 16:14:51 | 000,000,000 | ---D | C] -- C:\c6596994bf21b47d77d0ff4a4a7f55 [2016/11/16 16:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2016/11/16 16:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2016/11/14 18:40:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2016/11/14 18:39:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2016/11/14 15:57:27 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\NVIDIA Corporation [2016/11/14 15:57:27 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\CEF [2016/11/14 15:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT [2016/11/14 15:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2016/11/14 15:11:44 | 000,000,000 | ---D | C] -- C:\NVIDIA [2016/11/14 14:24:47 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\uTorrent [2016/11/14 12:16:14 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2016/11/14 12:16:00 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2016/11/13 15:50:07 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2016/11/12 20:55:23 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2016/11/12 16:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Stock Car Extreme 2013 [2016/11/12 16:36:23 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Programs [2016/11/12 16:19:29 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\DAEMON Tools Lite [2016/11/12 16:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2016/11/12 16:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2016/11/12 16:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2016/11/12 15:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2016/11/12 15:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2016/11/12 15:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech [2016/11/12 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\WinRAR [2016/11/12 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\HUGO\Documents\Euro Truck Simulator 2 [2016/11/12 15:47:03 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 v1.24.2.2 (37 DLC) [2016/11/12 15:47:03 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run [2016/11/12 15:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2016/11/12 15:45:55 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2016/11/12 15:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2016/11/12 15:43:28 | 000,000,000 | ---D | C] -- C:\2-click run [2016/11/12 15:32:32 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\NVIDIA [2016/11/12 15:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2016/11/12 15:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2016/11/12 15:23:49 | 000,215,608 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2016/11/12 15:23:49 | 000,201,664 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2016/11/12 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2016/11/12 15:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2016/11/12 15:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2016/11/12 15:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2016/11/12 15:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2016/11/12 15:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2016/11/12 15:14:18 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2016/11/12 15:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2016/11/12 15:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2016/11/12 15:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2016/11/12 15:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2016/11/12 15:10:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2016/11/12 15:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2016/11/12 15:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2016/11/12 15:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2016/11/12 15:10:13 | 002,099,480 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2016/11/12 15:10:13 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2016/11/12 15:10:13 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2016/11/12 15:10:13 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2016/11/12 15:10:13 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2016/11/12 15:10:13 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2016/11/12 15:10:13 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2016/11/12 15:10:13 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2016/11/12 15:10:13 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2016/11/12 15:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2016/11/12 15:10:11 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2016/11/12 15:10:11 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2016/11/12 15:10:11 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2016/11/12 15:10:11 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2016/11/12 15:10:10 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2016/11/12 15:10:10 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2016/11/12 15:10:07 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2016/11/12 15:10:07 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2016/11/12 15:10:07 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2016/11/12 15:10:07 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2016/11/12 15:10:07 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2016/11/12 15:10:07 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2016/11/12 15:10:05 | 013,975,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll [2016/11/12 15:10:05 | 001,898,776 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll [2016/11/12 15:10:04 | 002,032,584 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2016/11/12 15:10:04 | 000,907,544 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2016/11/12 15:10:04 | 000,395,208 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2016/11/12 15:10:04 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2016/11/12 15:10:03 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2016/11/12 15:10:01 | 002,722,848 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2016/11/12 15:10:01 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2016/11/12 15:10:01 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2016/11/12 15:10:01 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2016/11/12 15:10:01 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll [2016/11/12 15:10:01 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll [2016/11/12 15:10:01 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll [2016/11/12 15:10:01 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Google [2016/11/12 15:10:00 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2016/11/12 15:10:00 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2016/11/12 15:10:00 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2016/11/12 15:10:00 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2016/11/12 15:10:00 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2016/11/12 15:10:00 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2016/11/12 15:10:00 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2016/11/12 15:10:00 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2016/11/12 15:10:00 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2016/11/12 15:10:00 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2016/11/12 15:09:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2016/11/12 15:09:58 | 000,805,088 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2016/11/12 15:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2016/11/12 15:09:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2016/11/12 15:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2016/11/12 15:09:02 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2016/11/12 15:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2016/11/12 15:09:00 | 000,000,000 | ---D | C] -- C:\Intel [2016/11/12 15:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2016/11/12 15:07:56 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2016/11/12 15:04:09 | 000,000,000 | ---D | C] -- C:\MSI [2016/11/12 15:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI [2016/11/12 15:00:55 | 000,000,000 | R--D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2016/11/12 15:00:55 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Searches [2016/11/12 15:00:55 | 000,000,000 | R--D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2016/11/12 15:00:48 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\Identities [2016/11/12 15:00:47 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Contacts [2016/11/12 15:00:46 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\VirtualStore [2016/11/12 15:00:38 | 000,000,000 | --SD | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Videos [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Saved Games [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Pictures [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Music [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Links [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Favorites [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Downloads [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Documents [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\Desktop [2016/11/12 15:00:38 | 000,000,000 | R--D | C] -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\AppData\Local\Temporary Internet Files [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\SendTo [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Recent [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Modelos [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Documents\Minhas músicas [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Documents\Minhas imagens [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Documents\Meus vídeos [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Meus documentos [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Menu Iniciar [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\AppData\Local\Histórico [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Dados de aplicativos [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\AppData\Local\Dados de aplicativos [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Cookies [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Configurações locais [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Ambiente de rede [2016/11/12 15:00:38 | 000,000,000 | -HSD | C] -- C:\Users\HUGO\Ambiente de impressão [2016/11/12 15:00:38 | 000,000,000 | -H-D | C] -- C:\Users\HUGO\AppData [2016/11/12 15:00:38 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Temp [2016/11/12 15:00:38 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Local\Microsoft [2016/11/12 15:00:38 | 000,000,000 | ---D | C] -- C:\Users\HUGO\AppData\Roaming\Media Center Programs [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Recovery [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas [2016/11/12 15:00:34 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns [2016/11/12 15:00:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2016/11/12 14:56:14 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2016/11/12 14:56:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2016/11/19 18:28:14 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/11/19 18:22:24 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/11/19 18:17:08 | 000,009,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2016/11/19 18:17:08 | 000,009,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2016/11/19 18:13:20 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/11/19 18:09:56 | 001,628,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016/11/19 18:09:56 | 000,703,370 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat [2016/11/19 18:09:56 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2016/11/19 18:09:56 | 000,146,156 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat [2016/11/19 18:09:56 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2016/11/19 18:03:11 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys [2016/11/19 18:02:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016/11/19 18:02:43 | 3185,725,440 | -HS- | M] () -- C:\hiberfil.sys [2016/11/16 12:08:05 | 000,274,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016/11/14 15:57:23 | 000,001,412 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2016/11/14 14:25:28 | 000,002,633 | ---- | M] () -- C:\Users\HUGO\Desktop\µTorrent.lnk [2016/11/13 16:02:25 | 001,595,296 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016/11/12 16:44:03 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Game Stock Car Extreme 2013.lnk [2016/11/12 16:19:31 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2016/11/12 15:53:52 | 000,001,779 | ---- | M] () -- C:\Users\HUGO\Desktop\eurotrucks2 - Atalho.lnk [2016/11/12 15:19:29 | 000,000,000 | -H-- | M] () -- C:\Users\HUGO\Documents\Default.rdp [2016/11/12 15:14:01 | 000,002,049 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2016/11/12 14:58:42 | 000,051,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2016/11/12 14:58:42 | 000,051,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2016/11/12 14:57:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2016/10/25 19:39:31 | 040,123,840 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll [2016/10/25 19:39:31 | 035,224,632 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll [2016/10/25 19:39:31 | 000,215,608 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2016/10/25 19:39:31 | 000,201,664 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2016/10/25 19:39:31 | 000,041,344 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2016/10/25 19:39:31 | 000,000,669 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json [2016/10/25 19:39:31 | 000,000,669 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json [2016/10/25 18:19:40 | 000,120,256 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll [2016/10/25 17:12:49 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat [2016/10/24 04:31:48 | 007,507,695 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2016/11/19 18:13:20 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/11/14 15:56:56 | 000,120,256 | ---- | C] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll [2016/11/14 15:55:56 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll [2016/11/14 15:55:56 | 000,261,920 | ---- | C] () -- C:\Windows\SysNative\vulkan-1.dll [2016/11/14 15:55:56 | 000,125,216 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo.exe [2016/11/14 15:55:56 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe [2016/11/14 15:55:28 | 000,001,951 | ---- | C] () -- C:\Windows\NvContainerRecovery.bat [2016/11/14 15:52:57 | 040,123,840 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll [2016/11/14 15:52:57 | 035,224,632 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll [2016/11/14 15:52:57 | 000,000,669 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json [2016/11/14 15:52:57 | 000,000,669 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json [2016/11/14 14:25:28 | 000,002,633 | ---- | C] () -- C:\Users\HUGO\Desktop\µTorrent.lnk [2016/11/14 12:16:44 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe [2016/11/14 12:16:38 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2016/11/14 12:15:46 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2016/11/14 12:15:40 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2016/11/14 12:15:40 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2016/11/14 12:15:30 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2016/11/14 12:15:30 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2016/11/12 16:44:03 | 000,000,908 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Stock Car Extreme 2013.lnk [2016/11/12 16:44:03 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\Game Stock Car Extreme 2013.lnk [2016/11/12 15:53:52 | 000,001,779 | ---- | C] () -- C:\Users\HUGO\Desktop\eurotrucks2 - Atalho.lnk [2016/11/12 15:28:13 | 000,001,412 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2016/11/12 15:23:54 | 007,507,695 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2016/11/12 15:23:30 | 000,041,344 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2016/11/12 15:19:29 | 000,000,000 | -H-- | C] () -- C:\Users\HUGO\Documents\Default.rdp [2016/11/12 15:14:05 | 000,034,752 | ---- | C] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys [2016/11/12 15:14:01 | 000,002,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2016/11/12 15:10:14 | 003,579,880 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat [2016/11/12 15:10:12 | 000,002,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [2016/11/12 15:10:10 | 000,413,797 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2016/11/12 15:10:04 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/11/12 15:10:03 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/11/12 15:08:48 | 001,595,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016/11/12 15:00:57 | 000,001,385 | ---- | C] () -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2016/11/12 15:00:55 | 000,001,419 | ---- | C] () -- C:\Users\HUGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2016/11/12 14:58:39 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2016/11/12 14:58:32 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2016/11/12 14:57:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2016/11/12 14:56:00 | 3185,725,440 | -HS- | C] () -- C:\hiberfil.sys [2016/09/09 16:25:58 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-26-0.dll [2016/09/09 16:25:28 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-26-0.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 02:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 11:27:25 | 014,174,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 10:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 23:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 10:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 23:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2016/11/12 16:36:19 | 000,000,000 | ---D | M] -- C:\Users\HUGO\AppData\Roaming\DAEMON Tools Lite [2016/11/19 17:51:43 | 000,000,000 | ---D | M] -- C:\Users\HUGO\AppData\Roaming\Profiles [2016/11/19 18:17:05 | 000,000,000 | ---D | M] -- C:\Users\HUGO\AppData\Roaming\uTorrent [2016/11/19 18:01:09 | 000,000,000 | ---D | M] -- C:\Users\HUGO\AppData\Roaming\WMPNetworkAcSvc [color=#E56717]========== Purity Check ==========[/color] < End of report >