Quantcast

Meu pc fica abrindo varias janelas de anuncios a todo momento

classic Clássica list Lista threaded Em Árvore
2 mensagens Opções
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Meu pc fica abrindo varias janelas de anuncios a todo momento

Ana Cláudia
Meu pc fica abrindo varias janelas de anuncios a todo momento, por favor me ajude...
Estou mandando o conteudo dos logs do OTL conforme vi num outro tutorial do site:

 Este do 1°

OTL logfile created on: 17/02/2014 20:14:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ana Calixto\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
 
5,86 Gb Total Physical Memory | 3,13 Gb Available Physical Memory | 53,38% Memory free
6,79 Gb Paging File | 3,81 Gb Available in Paging File | 56,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,23 Gb Total Space | 829,33 Gb Free Space | 90,02% Space Free | Partition Type: NTFS
 
Computer Name: ANA | User Name: Ana Calixto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014/02/17 20:13:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ana Calixto\Downloads\OTL.exe
PRC - [2014/02/17 19:59:49 | 001,241,834 | ---- | M] () -- C:\Users\Ana Calixto\Downloads\AdwCleaner (2).exe
PRC - [2014/02/17 19:37:24 | 001,241,834 | ---- | M] () -- C:\Users\Ana Calixto\Downloads\adwcleaner (1).exe
PRC - [2014/02/17 19:33:32 | 001,241,834 | ---- | M] () -- C:\Users\Ana Calixto\Downloads\adwcleaner.exe
PRC - [2014/02/13 04:43:00 | 000,844,104 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/05 20:18:52 | 000,265,416 | ---- | M] (PSafe S.A.) -- C:\Program Files (x86)\PSafe\PSafeWD.exe
PRC - [2014/02/05 20:18:52 | 000,124,616 | ---- | M] (PSafe S.A.) -- C:\Program Files (x86)\PSafe\PSafeWDS.exe
PRC - [2014/02/05 20:18:50 | 004,235,976 | ---- | M] (PSafe) -- C:\Program Files (x86)\PSafe\PSafeSysTray.exe
PRC - [2014/02/05 20:18:50 | 002,710,728 | ---- | M] (PSafe S/A) -- C:\Program Files (x86)\PSafe\PSafesvc.exe
PRC - [2014/01/28 20:10:27 | 000,493,568 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe
PRC - [2014/01/28 15:35:32 | 002,700,488 | ---- | M] (PSafe S/A) -- C:\Program Files (x86)\PSafe\SearchDesk\psSearchDesk.exe
PRC - [2014/01/16 09:34:01 | 003,606,528 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
PRC - [2014/01/16 09:33:56 | 003,447,808 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
PRC - [2014/01/14 06:04:32 | 000,508,016 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginService\PluginService.exe
PRC - [2014/01/02 12:55:34 | 003,998,664 | ---- | M] () -- C:\Program Files (x86)\fst_br_41\fst_br_41.exe
PRC - [2014/01/02 12:55:34 | 003,153,904 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Local\fst_br_41\upfst_br_41.exe
PRC - [2013/12/23 18:26:50 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Update\realsched.exe
PRC - [2013/12/21 03:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/13 20:36:00 | 007,005,384 | ---- | M] (PSafe) -- C:\Program Files (x86)\PSafe\Lockbox\pslockbox.exe
PRC - [2013/11/01 17:10:40 | 001,076,504 | ---- | M] (TODO: <Company name>) -- C:\Positivo\Deskmedia\Posibar\Posibar.exe
PRC - [2013/09/24 15:00:52 | 000,622,984 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\msc\mchlp32.exe
PRC - [2013/09/19 04:24:18 | 007,072,856 | ---- | M] () -- C:\Program Files (x86)\AnySend\AnySendUI.exe
PRC - [2013/09/19 04:23:40 | 003,675,224 | ---- | M] () -- C:\Program Files (x86)\AnySend\AnySendSvc.exe
PRC - [2013/08/14 14:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/07/19 12:03:40 | 000,935,936 | ---- | M] (Seekar Ltd) -- C:\Users\Ana Calixto\Desktop\Ares\Ares.exe
PRC - [2013/01/07 17:48:14 | 000,201,808 | ---- | M] (Somoto) -- C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
PRC - [2012/10/03 16:18:10 | 000,064,592 | ---- | M] (Positivo Informática S.A.) -- C:\Program Files (x86)\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe
PRC - [2012/08/24 11:33:00 | 001,074,440 | ---- | M] (PSafe) -- C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
PRC - [2012/07/17 06:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 06:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 06:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 13:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/07/09 13:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/03/14 12:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/10/24 14:29:00 | 002,644,992 | ---- | M] (bywifi.com) -- C:\Program Files (x86)\Bywifi\bywifi.exe
PRC - [2009/07/27 15:54:14 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Ana Calixto\AppData\Roaming\VIVO INTERNET\ouc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014/02/17 19:59:49 | 001,241,834 | ---- | M] () -- C:\Users\Ana Calixto\Downloads\AdwCleaner (2).exe
MOD - [2014/02/17 19:37:24 | 001,241,834 | ---- | M] () -- C:\Users\Ana Calixto\Downloads\adwcleaner (1).exe
MOD - [2014/02/17 19:33:32 | 001,241,834 | ---- | M] () -- C:\Users\Ana Calixto\Downloads\adwcleaner.exe
MOD - [2014/02/16 18:16:30 | 019,713,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\35742fb7e85a09be10d83cae494cd828\System.ServiceModel.ni.dll
MOD - [2014/02/14 18:20:44 | 007,660,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll
MOD - [2014/02/14 18:20:38 | 001,900,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\0e9817b12da250f8d4c680e1cb26e1c0\System.Xaml.ni.dll
MOD - [2014/02/14 18:20:35 | 012,877,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll
MOD - [2014/02/14 18:20:09 | 002,822,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
MOD - [2014/02/14 18:20:04 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll
MOD - [2014/02/14 18:19:56 | 000,975,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll
MOD - [2014/02/14 18:19:30 | 007,041,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\bca236f576ea12db3a9191f4586a445a\System.Core.ni.dll
MOD - [2014/02/14 18:19:24 | 010,051,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll
MOD - [2014/02/14 18:19:16 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll
MOD - [2014/02/13 04:42:59 | 000,386,376 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1838.2\ppgooglenaclpluginchrome.dll
MOD - [2014/02/13 04:42:57 | 004,080,968 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1838.2\pdf.dll
MOD - [2014/02/13 04:42:53 | 000,673,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1838.2\libglesv2.dll
MOD - [2014/02/13 04:42:52 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1838.2\libegl.dll
MOD - [2014/02/13 04:42:51 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1838.2\ffmpegsumo.dll
MOD - [2014/02/13 04:42:49 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1838.2\chrome_elf.dll
MOD - [2014/02/05 20:18:48 | 000,127,688 | ---- | M] () -- C:\Program Files (x86)\PSafe\CrashLib.dll
MOD - [2014/02/05 08:45:10 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014/01/16 09:34:06 | 000,485,376 | ---- | M] () -- c:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll
MOD - [2014/01/16 09:33:58 | 000,020,480 | ---- | M] () -- c:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll
MOD - [2014/01/02 12:55:34 | 003,998,664 | ---- | M] () -- C:\Program Files (x86)\fst_br_41\fst_br_41.exe
MOD - [2014/01/02 12:55:34 | 003,153,904 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Local\fst_br_41\upfst_br_41.exe
MOD - [2013/09/19 04:24:18 | 007,072,856 | ---- | M] () -- C:\Program Files (x86)\AnySend\AnySendUI.exe
MOD - [2013/08/25 15:59:32 | 000,833,024 | ---- | M] () -- C:\Program Files (x86)\PSafe\plugins\platforms\qwindows.dll
MOD - [2013/08/25 15:59:10 | 000,205,312 | ---- | M] () -- C:\Program Files (x86)\PSafe\plugins\imageformats\qjpeg.dll
MOD - [2013/08/25 15:59:06 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\PSafe\plugins\imageformats\qico.dll
MOD - [2013/08/25 15:59:00 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\PSafe\plugins\imageformats\qgif.dll
MOD - [2013/08/25 15:52:46 | 000,048,128 | ---- | M] () -- C:\Program Files (x86)\PSafe\libEGL.dll
MOD - [2013/08/25 15:52:34 | 000,728,576 | ---- | M] () -- C:\Program Files (x86)\PSafe\libGLESv2.dll
MOD - [2013/05/02 11:15:12 | 010,803,712 | ---- | M] () -- C:\Positivo\Deskmedia\Posibar\libcef.dll
MOD - [2013/03/10 01:16:36 | 005,984,256 | ---- | M] () -- C:\Program Files (x86)\AnySend\libcef.dll
MOD - [2010/10/24 14:28:14 | 000,957,440 | ---- | M] () -- C:\Program Files (x86)\Bywifi\bywifips.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2013/12/05 15:44:56 | 000,184,800 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2013/12/05 15:38:42 | 000,219,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2013/08/16 02:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:[b]64bit:[/b] - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:[/b] - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:[b]64bit:[/b] - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:[/b] - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:[/b] - [2013/07/30 10:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:[b]64bit:[/b] - [2013/06/24 19:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2013/06/01 06:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/05/04 03:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/05/04 03:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2013/04/09 01:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013/03/01 23:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/03/01 23:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2013/01/09 20:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013/01/09 20:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2012/11/06 01:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2012/09/20 03:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:[b]64bit:[/b] - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:[b]64bit:[/b] - [2012/07/26 00:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2012/07/26 00:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2012/07/26 00:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2012/07/26 00:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2012/07/26 00:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2012/07/26 00:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2012/07/26 00:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2012/07/26 00:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2012/07/26 00:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2012/07/26 00:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:[b]64bit:[/b] - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2012/07/06 20:48:50 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2014/02/10 08:23:12 | 004,747,280 | ---- | M] (ClickMeIn Limited) [Auto | Stopped] -- C:\Program Files (x86)\VuuPC\Connectivity.exe -- (VuuPCConnectivity)
SRV - [2014/02/10 08:22:34 | 002,967,568 | ---- | M] (ClickMeIn Limited) [Auto | Stopped] -- C:\Program Files (x86)\VuuPC\RemoteEngine.exe -- (RemoteEngineService)
SRV - [2014/02/05 20:18:52 | 000,265,416 | ---- | M] (PSafe S.A.) [Auto | Running] -- C:\Program Files (x86)\PSafe\PSafeWD.exe -- (PSafeWD)
SRV - [2014/02/05 20:18:50 | 002,710,728 | ---- | M] (PSafe S/A) [Auto | Running] -- C:\Program Files (x86)\PSafe\PSafesvc.exe -- (PSafeSVC)
SRV - [2014/02/05 08:45:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/04 09:11:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/01/28 20:10:27 | 000,493,568 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2014/01/27 12:35:28 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/01/16 09:33:56 | 003,447,808 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator)
SRV - [2014/01/14 06:04:32 | 000,508,016 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2013/12/21 03:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/11 06:21:26 | 001,025,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\mcafee\AMCore\mcshield.exe -- (mfecore)
SRV - [2013/11/28 10:42:10 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Arquivos de Programas\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV - [2013/09/19 04:23:40 | 003,675,224 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AnySend\AnySendSvc.exe -- (AnySendService)
SRV - [2013/09/06 14:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/08/14 14:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/08/02 16:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2012/11/06 01:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/10/03 16:18:10 | 000,064,592 | ---- | M] (Positivo Informática S.A.) [Auto | Running] -- C:\Program Files (x86)\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe -- (AppManagerService)
SRV - [2012/08/24 11:33:00 | 001,074,440 | ---- | M] (PSafe) [Auto | Running] -- C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe -- (PSafeLockBoxSvc)
SRV - [2012/08/07 05:12:44 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/26 00:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 06:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 06:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 06:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 13:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Arquivos de Programas\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012/01/26 14:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Arquivos de Programas\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2011/03/14 12:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/01/09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2014/01/22 07:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2013/12/05 15:51:38 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2013/12/05 15:45:18 | 000,343,696 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2013/12/05 15:41:04 | 000,782,616 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2013/12/05 15:39:08 | 000,519,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2013/12/05 15:37:34 | 000,311,120 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2013/12/05 15:36:50 | 000,179,792 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2013/12/05 15:25:04 | 000,069,344 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:[b]64bit:[/b] - [2013/11/26 21:07:22 | 000,096,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mfencrk.sys -- (mfencrk)
DRV:[b]64bit:[/b] - [2013/11/26 21:07:02 | 000,411,944 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfencbdc.sys -- (mfencbdc)
DRV:[b]64bit:[/b] - [2013/10/28 00:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2013/10/10 08:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2013/10/05 03:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2013/10/01 23:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013/09/23 12:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2013/08/16 02:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/10 03:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/07/09 05:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2013/07/01 22:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013/07/01 22:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013/07/01 21:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013/07/01 19:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013/06/29 03:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013/06/01 00:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/03/02 07:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/03/02 07:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013/01/09 22:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2012/11/27 00:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2012/11/20 01:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2012/11/06 00:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2012/10/12 05:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/10/11 04:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2012/09/20 04:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2012/09/20 04:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2012/08/02 22:34:42 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/07/26 02:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/07/26 02:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012/07/26 02:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012/07/26 01:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2012/07/26 01:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2012/07/26 00:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2012/07/25 23:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2012/07/25 23:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2012/07/25 23:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2012/07/25 23:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2012/07/25 23:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2012/07/25 23:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2012/07/25 23:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2012/07/25 23:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/07/25 23:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2012/07/25 23:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2012/07/25 23:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/07/25 23:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2012/07/25 23:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2012/07/25 23:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2012/07/25 23:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2012/07/09 13:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/07/06 20:48:42 | 002,201,744 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/02 04:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/18 20:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012/06/02 11:31:31 | 000,100,864 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2011/09/09 10:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:[b]64bit:[/b] - [2011/09/09 10:51:00 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2010/07/27 08:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2010/03/20 11:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2007/12/14 09:00:46 | 000,029,976 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GZSQ.SYS -- (GZSQ)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=279&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=3211777382374044&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=197&systemid=406&v=u11099-235&apn_uid=3215324102754550&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{CBA04FEC-08D0-4AD2-8B40-6A058D64C465}: "URL" = http://www.searchya.com/?q={searchTerms}&f=4&a=SearchooD&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtC0FyE0EzytBtDtAtBtN0D0Tzu0CtAyCyCtN1L2XzutBtFtBtFtCtFyEtBtCtN1L1Czu0B1T1L2V1T1J1L1V0M1T1C1L1F&cr=1621390221&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{08EA6FEA-CB41-9039-7FB6-4F235908ABC2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=POSTDF&pc=POS2&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/search.aspx?s=D3Ib&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=279&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=3211777382374044&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=197&systemid=406&v=u11099-235&apn_uid=3215324102754550&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKLM\..\SearchScopes\{CBA04FEC-08D0-4AD2-8B40-6A058D64C465}: "URL" = http://www.searchya.com/?q={searchTerms}&f=4&a=SearchooD&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtC0FyE0EzytBtDtAtBtN0D0Tzu0CtAyCyCtN1L2XzutBtFtBtFtCtFyEtBtCtN1L1Czu0B1T1L2V1T1J1L1V0M1T1C1L1F&cr=1621390221&ir=
IE - HKLM\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpro.com/search/toolbar/hao123/{ADCF8B61-DEFD-1AAC-E601-6C941696AC23}?q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\.DEFAULT\..\SearchScopes\{BC1F86AD-091C-44AE-A0B6-052D5843C6E8}: "URL" = http://br.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-18\..\SearchScopes\{BC1F86AD-091C-44AE-A0B6-052D5843C6E8}: "URL" = http://br.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://oem.msn.com [binary data]
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes,DefaultScope = {E2C5B7FA-46CD-4E77-A2A1-1BADCDEF64A8}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms}&f=4&a=SearchooD&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtC0FyE0EzytBtDtAtBtN0D0Tzu0CtAyCyCtN1L2XzutBtFtBtFtCtFyEtBtCtN1L1Czu0B1T1L2V1T1J1L1V0M1T1C1L1F&cr=1621390221&ir=
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{08EA6FEA-CB41-9039-7FB6-4F235908ABC2}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110825&babsrc=SP_ss&mntrId=9ae22032000000000000000000000000
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1390950573&from=tugs&uid=ST31000524AS_6VPKFC2MXXXX6VPKFC2M&q={searchTerms}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/search.aspx?s=D3Ib&q={searchTerms}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}: "URL" = http://clikseguro.com/Search.aspx?q={searchTerms}&utm_source=browser+addressbar&utm_medium=browser+addressbar&utm_campaign=browser+addressbar
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=279&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=3211777382374044&q={searchTerms}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=197&systemid=406&v=u11099-235&apn_uid=3215324102754550&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{E2C5B7FA-46CD-4E77-A2A1-1BADCDEF64A8}: "URL" = http://br.search.yahoo.com/search?fr=mcafee&type=A011BR973&p={SearchTerms}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpro.com/search/toolbar/hao123/{ADCF8B61-DEFD-1AAC-E601-6C941696AC23}?q={searchTerms}
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Pesquisa Segura"
FF - prefs.js..browser.search.order.1: "Pesquisa Segura"
FF - prefs.js..browser.search.selectedEngine: "Pesquisa Segura"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: addon%40dealplyshopping.com:2.0
FF - prefs.js..extensions.enabledAddons: %7BEB9394A3-4AD6-4918-9537-31A1FD8E8EDF%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7Bd1dac034-9fd9-4c13-a388-d2e10e57707f%7D:1.8.1.0
FF - prefs.js..extensions.enabledAddons: lightningnewtab%40gmail.com:1.0.5.7
FF - prefs.js..extensions.enabledAddons: 7ff584eb-e54c-4c25-92b1-0b16f66d6752%405724dab3-50f4-4dee-85c3-3e3ec8e28f73.com:0.93.30
FF - prefs.js..extensions.enabledAddons: superfish%40superfish.com:1.2.0.19
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://br.search.yahoo.com/search?fr=mcafee&type=A111BR973&p="
FF - prefs.js..network.proxy.autoconfig_url: "http://localhost:9000/proxy.pac"
FF - prefs.js..network.proxy.type: 2
 
FF - user.js..network.proxy.type: 2
FF - user.js..network.proxy.autoconfig_url: "http://localhost:9000/proxy.pac"
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/02/11 18:37:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/23 18:09:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\lightningnewtab@gmail.com: C:\Users\Ana Calixto\AppData\Roaming\Mozilla\Firefox\Profiles\wj49npyj.default\extensions\lightningnewtab@gmail.com.xpi [2014/01/23 00:56:40 | 000,680,183 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/23 18:09:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/22 17:23:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/22 17:23:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/02/05 08:27:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\ [2013/03/02 21:22:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lyrmix@lyrmix.net: C:\Program Files (x86)\Lyrmix\FF\ [2013/06/01 21:34:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/22 17:23:37 | 000,000,000 | ---D | M]
 
[2013/01/28 22:01:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Extensions
[2014/02/10 18:56:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions
[2013/01/28 23:27:12 | 000,000,000 | ---D | M] (Hao123 toolbar) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2014/01/22 16:45:39 | 000,000,000 | ---D | M] (Movies Toolbar (Dist. by Bandoo Media, Inc.)) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
[2013/03/02 21:22:48 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2014/01/22 16:12:39 | 000,000,000 | ---D | M] (New tab) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\{F008E9D6-2FF2-E796-08BA-80504C331C97}
[2014/02/10 18:56:31 | 000,000,000 | ---D | M] ("Feven  2 .1") -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\7ff584eb-e54c-4c25-92b1-0b16f66d6752@5724dab3-50f4-4dee-85c3-3e3ec8e28f73.com
[2013/06/01 21:36:32 | 000,000,000 | ---D | M] (DealPly  Shopping) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\addon@dealplyshopping.com
[2013/06/08 22:26:03 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\plugin@getwebcake.com
[2014/02/10 21:15:32 | 000,000,000 | ---D | M] (SimilarProducts) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\superfish@superfish.com
[2014/02/10 18:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\7ff584eb-e54c-4c25-92b1-0b16f66d6752@5724dab3-50f4-4dee-85c3-3e3ec8e28f73.com\extensionData
[2014/02/10 18:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\7ff584eb-e54c-4c25-92b1-0b16f66d6752@5724dab3-50f4-4dee-85c3-3e3ec8e28f73.com\extensionData\plugins
[2014/02/10 18:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\Firefox\Profiles\wj49npyj.default\extensions\7ff584eb-e54c-4c25-92b1-0b16f66d6752@5724dab3-50f4-4dee-85c3-3e3ec8e28f73.com\extensionData\userCode
[2014/01/23 01:00:04 | 000,270,391 | ---- | M] () (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi
[2014/01/23 00:56:40 | 000,680,183 | ---- | M] () (No name found) -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\extensions\lightningnewtab@gmail.com.xpi
[2014/01/22 16:12:45 | 000,002,664 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\searchplugins\Ask.xml
[2013/01/28 23:18:48 | 000,002,422 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\searchplugins\babylon1.xml
[2013/01/28 23:18:31 | 000,002,313 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\searchplugins\BrowserProtect.xml
[2013/10/01 20:06:50 | 000,003,172 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\searchplugins\clikseguro.xml
[2013/03/09 23:28:41 | 000,002,683 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\mozilla\firefox\profiles\wj49npyj.default\searchplugins\Search_Results.xml
[2014/02/10 19:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/10 19:42:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/22 16:12:45 | 000,002,664 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
[2014/01/28 20:09:34 | 000,000,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\awesomehp.xml
[2013/01/28 23:18:31 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/03/09 23:28:41 | 000,002,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}client=aff-cs-360chromium&ie={inputEncoding}
CHR - default_search_provider: suggest_url = http://www.google.com.cn/complete/search?client=chrome&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}&ie={inputEncoding},
CHR - homepage: http://www.google.com/
CHR - Extension: Feven 2.1 = C:\Users\Ana Calixto\AppData\Local\360Chrome\Chrome\User Data\Default\Extensions\kimedffepcmacncbmlhhgnpchdhlanjj\1.26.25_0\crossrider
CHR - Extension: Feven 2.1 = C:\Users\Ana Calixto\AppData\Local\360Chrome\Chrome\User Data\Default\Extensions\kimedffepcmacncbmlhhgnpchdhlanjj\1.26.25_0\
 
O1 HOSTS File: ([2012/07/26 02:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Ana Calixto\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:[b]64bit:[/b] - BHO: (Feven 2.1) - {11111111-1111-1111-1111-110411901110} - C:\Program Files (x86)\Feven 2.1\Feven 2.1-bho64.dll (Feven)
O2:[b]64bit:[/b] - BHO: (AnySend) - {61628E2A-4FF9-4454-992D-D92A8CD27399} - C:\Arquivos de Programas\AnySend\AnySendShellExtension.dll (ClickMeIn Limited)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll ()
O2 - BHO: (Buscape na Hora Plugin) - {051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09} - C:\Program Files (x86)\Buscapé\Buscapé na Hora\IE\BphBHO.dll (Buscapé Company)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Arquivos de Programas\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Ana Calixto\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Feven 2.1) - {11111111-1111-1111-1111-110411901110} - C:\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll (Feven)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Superfish) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SimilarProducts\Superfish.dll (Superfish)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (BywifiBHO Class) - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Program Files (x86)\Bywifi\bywifiie.dll (bywifi.com)
O2 - BHO: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Deskmedia] C:\Positivo\Deskmedia\GerenciadorLocal.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun File not found
O4:[b]64bit:[/b] - HKLM..\Run: [StartUpManagerPositivo] C:\Arquivos de Programas\Positivo Informática\Mundo Positivo Gerenciador de Inicialização\ManagerWindows.exe (Positivo Informática SA)
O4 - HKLM..\Run: [AnySend User Interface] C:\Program Files (x86)\AnySend\AnySendUI.exe ()
O4 - HKLM..\Run: [bywifi] C:\Program Files (x86)\Bywifi\bywifi.exe (bywifi.com)
O4 - HKLM..\Run: [fst_br_41] C:\Program Files (x86)\fst_br_41\fst_br_41.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PSafeTray] C:\Program Files (x86)\PSafe\PSafeSysTray.exe (PSafe)
O4 - HKLM..\Run: [PSafeWDS] C:\Program Files (x86)\PSafe\PSafeWDS.exe (PSafe S.A.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001..\Run: [ares] C:\Users\Ana Calixto\Desktop\Ares\Ares.exe (Seekar Ltd)
O4 - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001..\Run: [bywifi] C:\Program Files (x86)\Bywifi\bywifi.exe (bywifi.com)
O4 - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKU\S-1-5-21-3189091403-1031282438-2557965035-1001..\Run: [SmartProtect] C:\ProgramData\SmartProtect\SmartProtect.exe ()
O4 - HKLM..\RunOnce: [upfst_br_41.exe] C:\Users\Ana Calixto\AppData\Local\fst_br_41\upfst_br_41.exe ()
O4 - Startup: C:\Users\Ana Calixto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe File not found
O9 - Extra 'Tools' menuitem : Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe File not found
O9 - Extra Button: Superfish - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\SimilarProducts\Superfish.dll (Superfish)
O9 - Extra Button: Search - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{039C6B15-E74D-42F5-B3D6-C43499EE256C}: DhcpNameServer = 192.168.1.20
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Arquivos de Programas\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll) - C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{31bce3fd-b43d-11e2-be91-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{31bce3fd-b43d-11e2-be91-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{31bce450-b43d-11e2-be91-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{31bce450-b43d-11e2-be91-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{66b22cc4-6b37-11e2-be7b-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{66b22cc4-6b37-11e2-be7b-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{66b22d14-6b37-11e2-be7b-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{66b22d14-6b37-11e2-be7b-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{66b22d9b-6b37-11e2-be7b-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{66b22d9b-6b37-11e2-be7b-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{9791d0f4-6c01-11e3-bf13-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{9791d0f4-6c01-11e3-bf13-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{abebecd1-5117-11e2-be75-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{abebecd1-5117-11e2-be75-eca86bb1f4e9}\Shell\AutoRun\command - "" = "G:\AutoRun.exe"
O33 - MountPoints2\{abebed0c-5117-11e2-be75-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{abebed0c-5117-11e2-be75-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{abebed7e-5117-11e2-be75-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{abebed7e-5117-11e2-be75-eca86bb1f4e9}\Shell\AutoRun\command - "" = "G:\AutoRun.exe"
O33 - MountPoints2\{aea1bb82-3d0f-11e3-beda-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{aea1bb82-3d0f-11e3-beda-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{aea1bbb3-3d0f-11e3-beda-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{aea1bbb3-3d0f-11e3-beda-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{aea1bcb1-3d0f-11e3-beda-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{aea1bcb1-3d0f-11e3-beda-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{c64987ae-5098-11e3-bee2-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{c64987ae-5098-11e3-bee2-eca86bb1f4e9}\Shell\AutoRun\command - "" = "H:\AutoRun.exe"
O33 - MountPoints2\{c949a41f-db62-11e2-bea4-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{c949a41f-db62-11e2-bea4-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{d0e74748-0f13-11e3-beb8-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d0e74748-0f13-11e3-beb8-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{d0e7482b-0f13-11e3-beb8-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d0e7482b-0f13-11e3-beb8-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{d0e74a71-0f13-11e3-beb8-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d0e74a71-0f13-11e3-beb8-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{d0e74aae-0f13-11e3-beb8-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d0e74aae-0f13-11e3-beb8-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{d0e74ade-0f13-11e3-beb8-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d0e74ade-0f13-11e3-beb8-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{d0e74b05-0f13-11e3-beb8-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{d0e74b05-0f13-11e3-beb8-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{f330c0c6-6745-11e2-be79-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{f330c0c6-6745-11e2-be79-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{f330c10a-6745-11e2-be79-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{f330c10a-6745-11e2-be79-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{f330c7b2-6745-11e2-be79-eca86bb1f4e9}\Shell - "" = AutoRun
O33 - MountPoints2\{f330c7b2-6745-11e2-be79-eca86bb1f4e9}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bddel.exe)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll) - c:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll ()
O36 - AppCertDlls: x86 - (c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll) - c:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll ()
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014/02/17 20:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/02/17 19:29:17 | 000,000,000 | ---D | C] -- C:\Users\Ana Calixto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cheating-Death
[2014/02/17 19:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheating-Death
[2014/02/17 19:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheating-Death
[2014/02/17 19:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike 1.6
[2014/02/17 18:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\CrossFire AL
[2014/02/10 20:06:00 | 000,000,000 | ---D | C] -- C:\Users\Ana Calixto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/10 19:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo
[2014/02/10 18:15:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014/02/10 18:15:23 | 003,649,536 | ---- | C] (x264vfw project) -- C:\Windows\SysWow64\x264vfw.dll
[2014/02/10 18:15:23 | 003,554,304 | ---- | C] (x264vfw project) -- C:\Windows\SysNative\x264vfw64.dll
[2014/02/10 18:15:20 | 000,180,736 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm
[2014/02/10 18:15:19 | 000,122,880 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2014/02/10 18:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2014/02/10 17:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mega Cubo
[2014/02/10 17:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Megacubo
[2014/01/28 22:42:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstaller
[2014/01/28 22:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feven 2.1
[2014/01/28 20:15:41 | 000,000,000 | ---D | C] -- C:\Users\Ana Calixto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/01/28 20:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/01/28 20:13:37 | 000,000,000 | ---D | C] -- C:\Users\Ana Calixto\AppData\Local\newplayer
[2014/01/28 20:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
[2014/01/28 20:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewPlayer
[2014/01/28 20:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/01/28 20:10:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/01/28 20:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/01/28 20:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
[2014/01/28 20:09:49 | 000,000,000 | ---D | C] -- C:\Users\Ana Calixto\AppData\Local\fst_br_41
[2014/01/28 20:09:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fst_br_41
[2014/01/27 20:26:51 | 000,023,624 | ---- | C] (360安全中心) -- C:\Windows\SysNative\drivers\efimon.sys
[2014/01/27 09:50:30 | 000,000,000 | ---D | C] -- C:\Users\Ana Calixto\Desktop\t
[2014/01/26 12:53:59 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2014/01/22 16:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2014/01/22 16:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ilividmoviestoolbar181
[2014/01/22 16:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2014/01/22 16:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movies Toolbar
[2014/01/22 07:52:10 | 000,206,080 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013/12/23 18:29:12 | 000,045,184 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rpshellsearch.dll
[2013/12/23 18:10:20 | 000,016,384 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\wmdmhelper.dll
[2013/12/23 18:10:11 | 000,370,176 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rjdlg.dll
[2013/12/23 18:10:11 | 000,139,264 | ---- | C] (Inner Media, Inc.) -- C:\Program Files (x86)\dunzip32.dll
[2013/12/23 18:10:11 | 000,031,232 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rjprog.dll
[2013/12/23 18:10:10 | 000,641,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rjbres.dll
[2013/12/23 18:10:09 | 000,045,568 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\ierjplug.dll
[2013/12/23 18:10:08 | 000,008,704 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\fixrjb.exe
[2013/12/23 18:10:06 | 001,115,376 | ---- | C] (Gracenote) -- C:\Program Files (x86)\cddbmusicid.dll
[2013/12/23 18:10:05 | 000,943,344 | ---- | C] (Gracenote) -- C:\Program Files (x86)\cddblink.dll
[2013/12/23 18:09:56 | 002,041,072 | ---- | C] (Gracenote, Inc.) -- C:\Program Files (x86)\cddbcontrol.dll
[2013/12/23 18:09:56 | 000,044,544 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\mmcdda32.dll
[2013/12/23 18:09:56 | 000,022,528 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\tnetdtct.dll
[2013/12/23 18:09:55 | 000,073,216 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\tsasdk.dll
[2013/12/23 18:09:54 | 000,048,640 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\tpasdk.dll
[2013/12/23 18:09:50 | 000,056,320 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rpwa3260.dll
[2013/12/23 18:09:44 | 003,303,936 | ---- | C] (MediaArea.net) -- C:\Program Files (x86)\mediainfo.dll
[2013/12/23 18:09:44 | 000,389,712 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\realcleaner.exe
[2013/12/23 18:09:14 | 000,384,088 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\realconverter.exe
[2013/12/23 18:09:13 | 000,355,416 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\convert.exe
[2013/12/23 18:09:11 | 000,390,384 | ---- | C] (MainConcept GmbH) -- C:\Program Files (x86)\mc_enc_h263.dll
[2013/12/23 18:09:06 | 000,389,712 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\realtrimmer.exe
[2013/12/23 18:09:05 | 000,136,784 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\realshare.exe
[2013/12/23 18:09:05 | 000,115,200 | ---- | C] (RealPlayer) -- C:\Program Files (x86)\rpshellextension.dll
[2013/12/23 18:09:04 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dbghelp.dll
[2013/12/23 18:09:03 | 000,069,632 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rjwmapln.dll
[2013/12/23 18:08:53 | 000,047,616 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rpau3260.dll
[2013/12/23 18:08:28 | 000,030,816 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rndevicedbbuilder.exe
[2013/12/23 18:07:52 | 000,113,272 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rdsf3260.dll
[2013/12/23 18:07:52 | 000,087,552 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\hxaudiodevicehook.dll
[2013/12/23 18:07:51 | 000,086,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rpplugprot.dll
[2013/12/23 18:07:51 | 000,071,280 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rpshell.dll
[2013/12/23 18:07:45 | 000,017,528 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\rphelperapp.exe
[2013/12/23 18:07:45 | 000,009,216 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\realjbox.exe
[2013/12/23 18:07:43 | 000,501,328 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\realplay.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014/02/17 20:27:00 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\UpdaterEX.job
[2014/02/17 19:52:49 | 001,769,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/17 19:52:49 | 000,763,656 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2014/02/17 19:52:49 | 000,711,084 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/17 19:52:49 | 000,154,946 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2014/02/17 19:52:49 | 000,132,952 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/17 19:48:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/17 19:46:46 | 000,002,316 | ---- | M] () -- C:\Windows\tasks\Feven 2.1-chromeinstaller.job
[2014/02/17 19:46:46 | 000,001,516 | ---- | M] () -- C:\Windows\tasks\Feven 2.1-updater.job
[2014/02/17 19:46:45 | 000,002,240 | ---- | M] () -- C:\Windows\tasks\Feven 2.1-firefoxinstaller.job
[2014/02/17 19:46:45 | 000,001,348 | ---- | M] () -- C:\Windows\tasks\Feven 2.1-enabler.job
[2014/02/17 19:46:20 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/17 19:46:16 | 000,001,470 | ---- | M] () -- C:\Windows\tasks\Feven 2.1-codedownloader.job
[2014/02/17 19:46:16 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\AddLyrics update.job
[2014/02/17 19:46:03 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/02/17 19:46:02 | 735,580,159 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/17 19:44:37 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/17 18:46:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/17 18:31:34 | 000,001,029 | ---- | M] () -- C:\Users\Ana Calixto\Desktop\CrossFire AL.lnk
[2014/02/14 17:55:21 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/14 17:39:55 | 000,152,768 | ---- | M] () -- C:\Users\Ana Calixto\Desktop\Ana Calixto.jpg
[2014/02/12 16:15:37 | 000,001,636 | ---- | M] () -- C:\Users\Public\Desktop\LockBox.lnk
[2014/02/10 20:06:00 | 000,002,322 | ---- | M] () -- C:\Users\Ana Calixto\Desktop\Inicializador de aplicativos do Google Chrome.lnk
[2014/02/10 19:42:12 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/02/10 19:04:02 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\Megacubo.lnk
[2014/02/10 17:51:57 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\MiniTuner.lnk
[2014/02/10 17:51:57 | 000,001,050 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Megacubo.lnk
[2014/02/06 15:00:00 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/01/31 22:05:46 | 000,000,032 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\WB.CFG
[2014/01/30 18:10:35 | 000,694,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/30 18:10:35 | 000,078,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/28 20:15:42 | 000,001,068 | ---- | M] () -- C:\Users\Ana Calixto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/28 20:15:41 | 000,001,058 | ---- | M] () -- C:\Users\Ana Calixto\Desktop\MyPC Backup.lnk
[2014/01/28 20:13:32 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014/01/27 20:26:36 | 000,023,624 | ---- | M] (360安全中心) -- C:\Windows\SysNative\drivers\efimon.sys
[2014/01/22 16:02:21 | 000,001,090 | ---- | M] () -- C:\Users\Ana Calixto\Desktop\Continue flashplayer Installation.lnk
[2014/01/22 07:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2014/01/20 18:58:47 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\FlvPlayer.lnk
[2014/01/20 18:38:27 | 000,077,536 | ---- | M] () -- C:\Users\Ana Calixto\Desktop\org.jpg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014/02/14 17:39:54 | 000,152,768 | ---- | C] () -- C:\Users\Ana Calixto\Desktop\Ana Calixto.jpg
[2014/02/13 09:59:46 | 000,385,614 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/02/10 20:06:00 | 000,002,322 | ---- | C] () -- C:\Users\Ana Calixto\Desktop\Inicializador de aplicativos do Google Chrome.lnk
[2014/02/10 18:15:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2014/02/10 18:15:24 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2014/02/10 18:15:23 | 000,703,488 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2014/02/10 18:15:23 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2014/02/10 18:15:22 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2014/02/10 18:15:22 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014/02/10 18:15:17 | 000,257,624 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2014/02/10 18:15:17 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014/02/10 18:15:10 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/02/10 17:51:57 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\MiniTuner.lnk
[2014/02/10 17:51:57 | 000,001,050 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Megacubo.lnk
[2014/02/10 17:51:57 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\Megacubo.lnk
[2014/01/28 22:35:45 | 000,001,516 | ---- | C] () -- C:\Windows\tasks\Feven 2.1-updater.job
[2014/01/28 22:35:42 | 000,001,348 | ---- | C] () -- C:\Windows\tasks\Feven 2.1-enabler.job
[2014/01/28 22:35:38 | 000,001,470 | ---- | C] () -- C:\Windows\tasks\Feven 2.1-codedownloader.job
[2014/01/28 22:35:34 | 000,002,240 | ---- | C] () -- C:\Windows\tasks\Feven 2.1-firefoxinstaller.job
[2014/01/28 22:35:22 | 000,002,316 | ---- | C] () -- C:\Windows\tasks\Feven 2.1-chromeinstaller.job
[2014/01/28 20:15:42 | 000,001,068 | ---- | C] () -- C:\Users\Ana Calixto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/28 20:15:41 | 000,001,058 | ---- | C] () -- C:\Users\Ana Calixto\Desktop\MyPC Backup.lnk
[2014/01/28 20:13:32 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014/01/22 16:02:21 | 000,001,090 | ---- | C] () -- C:\Users\Ana Calixto\Desktop\Continue flashplayer Installation.lnk
[2014/01/20 18:38:26 | 000,077,536 | ---- | C] () -- C:\Users\Ana Calixto\Desktop\org.jpg
[2013/12/23 18:10:09 | 000,002,851 | ---- | C] () -- C:\Program Files (x86)\cdroms.cfg
[2013/12/23 18:09:50 | 000,119,808 | ---- | C] () -- C:\Program Files (x86)\waiting.avi
[2013/12/23 18:09:50 | 000,027,278 | ---- | C] () -- C:\Program Files (x86)\frw.bmp
[2013/12/23 18:09:50 | 000,016,296 | ---- | C] () -- C:\Program Files (x86)\realtfon.fon
[2013/12/23 18:09:48 | 000,057,762 | ---- | C] () -- C:\Program Files (x86)\howto.chm
[2013/12/23 18:09:48 | 000,055,399 | ---- | C] () -- C:\Program Files (x86)\realplay.chm
[2013/12/23 18:09:13 | 000,477,201 | ---- | C] () -- C:\Program Files (x86)\converter.vs
[2013/12/23 18:09:05 | 000,045,402 | ---- | C] () -- C:\Program Files (x86)\sharemedia.vs
[2013/12/23 18:09:04 | 000,001,209 | ---- | C] () -- C:\Program Files (x86)\flvplay.swf
[2013/12/23 18:08:52 | 000,030,985 | ---- | C] () -- C:\Program Files (x86)\RealNetworks License.html
[2013/12/23 18:08:52 | 000,030,985 | ---- | C] () -- C:\Program Files (x86)\playrlic.html
[2013/12/23 18:08:48 | 000,000,480 | ---- | C] () -- C:\Program Files (x86)\keys.dat
[2013/12/23 18:08:44 | 001,099,443 | ---- | C] () -- C:\Program Files (x86)\normal.vs
[2013/12/23 18:08:44 | 000,061,495 | ---- | C] () -- C:\Program Files (x86)\ssimages.vs
[2013/12/23 18:07:50 | 000,001,177 | ---- | C] () -- C:\Program Files (x86)\autoplaylist.dat
[2013/12/23 18:07:50 | 000,000,077 | ---- | C] () -- C:\Program Files (x86)\strs23.dat
[2013/12/23 18:07:50 | 000,000,014 | ---- | C] () -- C:\Program Files (x86)\strs26.dat
[2013/12/23 18:07:39 | 000,427,405 | ---- | C] () -- C:\Program Files (x86)\calibrate.rv
[2013/12/23 18:07:39 | 000,017,846 | ---- | C] () -- C:\Program Files (x86)\videotest.rm
[2013/12/23 18:07:39 | 000,000,221 | ---- | C] () -- C:\Program Files (x86)\subscription.rnx
[2013/12/23 18:07:39 | 000,000,177 | ---- | C] () -- C:\Program Files (x86)\freeoffers.rnx
[2013/11/19 19:36:23 | 000,003,580 | ---- | C] () -- C:\Windows\SysWow64\bddel.dat
[2013/09/20 22:30:34 | 000,000,032 | ---- | C] () -- C:\Users\Ana Calixto\AppData\Roaming\WB.CFG
[2013/09/13 18:56:57 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/23 20:11:05 | 000,003,004 | ---- | C] () -- C:\Program Files (x86)\WebCakeLayers.crx
[2013/06/30 17:04:29 | 001,169,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013/06/30 17:04:29 | 000,086,531 | ---- | C] () -- C:\Windows\unins000.dat
[2013/06/08 22:25:53 | 000,348,990 | ---- | C] () -- C:\Users\Ana Calixto\AppData\Local\funmoods-speeddial_sf.crx
[2013/06/08 22:25:52 | 000,077,654 | ---- | C] () -- C:\Users\Ana Calixto\AppData\Local\funmoods_2.3.crx
[2013/06/01 02:11:24 | 000,004,200 | ---- | C] () -- C:\Windows\SysWow64\PsClikSeguro.ini
[2013/06/01 02:11:24 | 000,002,216 | ---- | C] () -- C:\Windows\SysWow64\PsClikSeguroOff.ini
[2013/03/07 08:07:20 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/01/04 16:53:35 | 000,000,060 | ---- | C] () -- C:\Windows\wininit.ini
[2012/12/31 16:35:21 | 000,150,889 | ---- | C] () -- C:\Users\Ana Calixto\AppData\Local\speeddial.crx
[2012/12/29 20:20:49 | 000,000,136 | ---- | C] () -- C:\Users\Ana Calixto\Pro Evolution Soccer 2013 - Atalho.lnk
[2012/09/21 00:36:13 | 000,000,306 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/09/21 00:30:27 | 001,692,550 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/19 13:18:17 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/09/19 13:17:47 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/09/19 13:17:43 | 000,963,388 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/07/26 05:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 05:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 04:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 22:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 17:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 17:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 11:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2014/01/28 20:15:50 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 03:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 02:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 00:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 00:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 00:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/06/08 22:25:59 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\0A1O1O
[2014/01/28 08:41:05 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\360Safe
[2013/04/01 19:10:21 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Advanced System Protector
[2013/10/21 18:42:42 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\AnySend
[2013/01/25 20:48:43 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Babylon
[2013/10/14 16:41:52 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Betcat
[2013/02/22 19:49:03 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/03/17 23:57:44 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Complitly
[2013/01/28 23:27:30 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\DAEMON Tools Lite
[2013/03/02 21:23:04 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\DealPly
[2013/06/08 22:25:56 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Funmoods
[2014/01/02 09:32:30 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\GetRightToGo
[2013/03/04 19:53:53 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\GrabPro
[2012/12/31 17:40:00 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\MarioForeverPackages
[2013/03/09 23:28:29 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\MusicNet
[2013/03/04 19:53:51 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\OpenCandy
[2013/05/31 19:03:50 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Orbit
[2013/02/13 11:49:52 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Origin
[2013/02/25 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\PhotoScape
[2013/04/13 19:23:15 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Positivo
[2013/03/04 19:53:56 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\ProgSense
[2013/06/07 22:34:05 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\PSafe
[2012/12/31 16:35:23 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Searchya
[2013/05/31 19:05:15 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\Systweak
[2013/03/04 20:34:48 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\TuneUp Software
[2013/11/04 19:10:42 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\UpdaterEX
[2013/01/25 20:38:55 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\VIVO INTERNET
[2013/10/24 19:29:07 | 000,000,000 | ---D | M] -- C:\Users\Ana Calixto\AppData\Roaming\WebCake
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

 Este eh do 2°

OTL Extras logfile created on: 17/02/2014 20:14:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ana Calixto\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
 
5,86 Gb Total Physical Memory | 3,13 Gb Available Physical Memory | 53,38% Memory free
6,79 Gb Paging File | 3,81 Gb Available in Paging File | 56,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,23 Gb Total Space | 829,33 Gb Free Space | 90,02% Space Free | Partition Type: NTFS
 
Computer Name: ANA | User Name: Ana Calixto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3189091403-1031282438-2557965035-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mega] -- "C:\Program Files (x86)\Megacubo\megacubo.exe" "%1" (www.megacubo.net                                  )
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mega] -- "C:\Program Files (x86)\Megacubo\megacubo.exe" "%1" (www.megacubo.net                                  )
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3366820A-A5D9-4BBC-B575-31B75FA8EE00}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{8B7FCC98-0236-488F-ADE3-BF16BB2EA746}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047F011A-C7FA-435B-8B72-68AAFCB56E44}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{07B61753-AC22-4F98-86A0-3B257D25031D}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0C4D4C65-E541-4A25-B249-CE09B2D1BFD9}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{0D1A65D4-83AA-4630-875D-1B98FC524EDD}" = dir=out | name=mundo positivo famosos |
"{10A4356F-8DAA-4A1E-BBD8-74F28ED553A1}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{10F012D5-FC64-4057-A69B-5DB6FE5386AC}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{1186CB03-15A3-49F0-9BBA-AD5F6CBBE5C0}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{18E15F7A-EABC-481A-8CA5-746DC53AF59E}" = dir=out | name=windows_ie_ac_001 |
"{1B588CD3-A4DE-49A4-9F99-06247D0478DC}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{227BB35D-0BAE-4EA8-B8A7-1012B873587C}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{2B1DA37C-26A3-4D45-B193-D8D0F963D0FF}" = dir=out | name=skype |
"{2E14D4D5-2C91-4F36-A6EF-2CE9E920D857}" = dir=out | name=evernote |
"{310F11BE-D0B3-40C8-A966-A0756BCBAC5E}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{3147D276-BD24-4FA7-BD85-6C142E67A66A}" = dir=out | name=petleco magic jump |
"{31D8DD18-03B1-4CEB-A941-D219B0714385}" = dir=out | name=positivo 3d incrível |
"{3AD60D21-B7C3-4852-A6CC-6D67A3572DDF}" = dir=out | name=mundo positivo notícias |
"{3B26C49E-AB14-49EE-ABC8-66E477D2C0C4}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{3DF8E7F2-A762-4A3A-B2DB-C827E814101A}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{48F0F9FD-F21C-4715-9348-B87C128FE802}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{497F32A4-5DE4-41C7-ADB1-FFC85610F035}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{4988DCC0-2D4B-496D-852A-562FE4653605}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{54DCCA17-475D-409B-87AE-D723AA0F7EA3}" = dir=out | name=mundo positivo esportes |
"{5564B2B8-C10F-4F47-9839-89E215AA168E}" = protocol=6 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{589B2014-0AEA-46F1-A52C-AC40D4F9E66A}" = dir=out | name=positivo plano educação |
"{59506C48-1447-422B-9B30-139E09A20EC0}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{5B1B6BBB-78A3-4AFC-84AC-95CB537D182D}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{5E5FCF06-8E7A-4579-8005-80285456E7C0}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{662ED874-4AB1-4EE6-9143-C07F3E1BF7B8}" = dir=in | name=evernote |
"{6C1B042D-F7BA-4D29-87A4-4C1DD33FBD29}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{7452ED20-D1AE-422F-AEE0-7D73116217BD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7661A513-F5F6-432B-A086-5E7FFE43C75F}" = dir=out | name=positivo ajudante |
"{7D6382CF-E961-4D44-9966-ADB93BE89033}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7DC22F6F-84D4-420F-91C8-531F5EF6D4A9}" = protocol=6 | dir=in | app=c:\program files (x86)\anysend\anysendsvc.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{810A93E5-5877-4192-81D5-F1555048EEF7}" = dir=in | name=skype |
"{81470EAC-9795-4C11-A005-85CAD435AAD8}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{8156A0C1-20FA-4225-B9BC-0D030B69C372}" = dir=out | name=windows_ie_ac_001 |
"{8B7C84E4-3426-4C04-80E7-671A361B448E}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\psrsync.exe |
"{8F63D922-F866-4BF4-81B5-3515B0F542FA}" = dir=out | name=mundo positivo concursos |
"{9393B51A-D2D0-40BC-85BA-ED1BCB4801D7}" = protocol=6 | dir=in | app=c:\program files (x86)\vuupc\connectivity.exe |
"{93E55607-966A-493A-98DA-EAFDBF01FE12}" = dir=out | name=cut the rope |
"{986638E2-5FA0-4C57-9932-7ADACBBEE0DA}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{9947C87B-655F-430C-BA83-4076C603BA24}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{9A59F38F-8BC8-4EEB-A0B9-2CD1AE82985A}" = protocol=17 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{9BCC9874-E499-49CD-9ABF-7DB8BC50D7DB}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{A029748B-2E9E-4B49-820A-263F4CA4299D}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{A4EEFF17-8A9D-44AC-B612-EBC95997AB51}" = dir=out | name=skitch |
"{A7DEF7C9-4016-4C3D-BDE7-1F3161BAFFED}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AADF7EC9-6F0D-4485-BE56-CC1B105083A5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B399EDBF-86C0-4327-B1F1-0E4952F0DDA4}" = protocol=6 | dir=in | app=c:\program files (x86)\vuupc\remoteengine.exe |
"{B7896AA6-4622-4079-8EE2-DE969E3249B5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B93136AD-001D-4EA5-BDB1-2946B3EA8AA6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{BA1D1AB4-0712-4B1A-BFFD-56C453EA1874}" = protocol=17 | dir=in | app=c:\program files (x86)\ilividmoviestoolbar181\ie\dtuser.exe |
"{C43B6FA5-5B1A-49BA-87E6-13B8CDF409C8}" = protocol=17 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{C752269D-43F9-4C6F-BA72-FFDFDB9A6B56}" = dir=out | name=positivo horóscopo |
"{CA22345F-2A98-42E3-9407-0F626E6F707D}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{CAC9DEA0-A6F3-4F32-999F-50952578068A}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{CFAE5543-6DAD-4212-9FD4-D5E651CA5D9A}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D7DAC477-07F2-42BF-BBD3-8858205CB386}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{D8E19E02-3BC3-40D9-BD94-83A80A88998E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{DA3ABB8E-1A56-4C80-A0ED-130F143AF7B5}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{DBC6610B-E2CB-415C-8276-1CA3E082488D}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E13D081F-03F8-4F91-AED6-C5BB79788EF1}" = protocol=6 | dir=in | app=c:\program files (x86)\ilividmoviestoolbar181\ie\dtuser.exe |
"{E2406810-6E3D-4D58-863E-3927E4D32456}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{E32EF671-6283-464C-AF6E-8C83F48167EE}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E5E00031-DF97-4A17-AAB8-A4C9509C93E8}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EF2523A6-5651-4A33-9E2F-302F93DDD985}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\psrsync.exe |
"{F02D54F1-74B7-43F9-B65B-8058141FB426}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{F817F082-947E-491E-A6D0-16AA9AB1C52D}" = dir=out | name=positivo músicas |
"{F8669189-A526-4355-93F7-E277F7BFB652}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"{FD8D2092-5582-4295-B725-07849599045F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{FF1E2949-D675-480D-A8AE-2AC5BE3F81E9}" = protocol=6 | dir=in | app=c:\program files (x86)\psafe\pssmartup.exe |
"TCP Query User{6BF0D709-EF45-4C51-8508-693D28A308D9}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{2ED732CD-0DBE-4F1B-A545-F2776FFDD7E1}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7203C44E-08F7-471D-8C9B-349A0D17506F}" = AnySend 1.0.18.0 (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010
"{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1" = Mundo Positivo
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = WebCake 3.00
"{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1" = Mundo Positivo Gerenciador de Inicialização
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"McAfee Security Scan" = McAfee Security Scan Plus
"MyPC Backup" = MyPC Backup
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F23361B-2B38-46E2-BA1A-D920F270D5FB}_is1" = Positivo Conecta
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{90140000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2010
"{90140000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2010
"{90140000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010
"{90140000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010
"{90140000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010
"{90140000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2010
"{90140000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010
"{90850416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1046-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Português
"{B1371574-4B13-4D3E-8F47-48C698732B00}" = Sonic & SEGA All-Stars Racing
"{C0EA1DDF-896F-426A-A8FC-500743EECC36}" = USB Vibration Joystick
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C2E8B9C9-677A-46E6-AEC7-9435B5BCA765}_is1" = Vivo - Guia Vivo Internet versão 1.0
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{D53F9978-D5C1-4C71-9757-2F53DC8BEE6D}_is1" = Positivo Fotos
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"addlyrics@addlyrics.net" = AddLyrics
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AnySend" = AnySend, Any file, Any size, Anywhere!
"Bywifi" = Bywifi 2.8.1
"CA Research" = CA Research
"Canal Positivo_is1" = Canal Positivo
"Cheating-Death" = Cheating-Death 4.33.4
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Cross Fire AL_is1" = Cross Fire AL
"DealPly" = DealPly (remove only)
"DMUninstaller" = DMUninstaller
"Farmscapes(TM) Premium Edition" = Farmscapes(TM) Premium Edition (remove only)
"Feven 2.1" = Feven 2.1
"FilesFrog Update Checker" = FilesFrog Update Checker
"FlvPlayer" = FlvPlayer
"fst_br_41_is1" = fst_br_41
"funmoods" = Funmoods
"Google Chrome" = Google Chrome
"Hao123.com" = Hao123.com
"Haunted Past - Realm of Ghosts Deluxe" = Haunted Past - Realm of Ghosts Deluxe (remove only)
"IePlugins" = IePluginService12.27.0.3326
"ilividmoviestoolbar181FF" = Movies Toolbar for Firefox (Dist. by Bandoo Media, Inc.)
"ilividmoviestoolbar181IE" = Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gerenciador de dispositivo de plataforma
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.3.0
"lyrmix@lyrmix.net" = Lyrmix
"Megacubo_is1" = Megacubo 10
"Mozilla Firefox 28.0 (x86 pt-BR)" = Mozilla Firefox 28.0 (x86 pt-BR)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"NewPlayer" = NewPlayer
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Origin" = Origin
"Positivo Games" = Positivo Games
"PSafe Lockbox" = PSafe LockBox
"PSafe Suite Desktop" = PSafe Suite Desktop
"RealPlayer 16.0" = RealPlayer
"SimilarProducts" = SimilarProducts
"SuperFish" = WindowShopper
"SupTab" = SupTab
"Video Downloader" = Video Downloader
"Video Downloader_is1" = Video Downloader version 2.0
"VIVO INTERNET" = VIVO INTERNET
"VLC media player" = VLC media player 2.0.5
"VuuPC" = VuuPC, You're Always a Click Away!
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WPM" = WPM17.8.0.3325
"Zuma's Revenge!(TM)" = Zuma's Revenge!(TM) (remove only)
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-3189091403-1031282438-2557965035-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly
"FLV Player" = FLV Player
"FLV Player Packages" = FLV Player Packages
"UpdaterEX" = Extended Update
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 25/11/2013 17:57:27 | Computer Name = Ana | Source = Application Error | ID = 1000
Description = Nome do aplicativo com falha: NFSC.exe, versão: 0.0.0.0, carimbo de
 data/hora: 0x4534574b  Nome do módulo com falha: NFSC.exe, versão: 0.0.0.0, carimbo
 de data/hora: 0x4534574b  Código de exceção: 0xc0000005  Deslocamento da falha: 0x0033098a
ID
 do processo com falha: 0x1958  Hora de início do aplicativo com falha: 0x01ceea293d21e6e9
Caminho
 do aplicativo com falha: C:\Program Files (x86)\Need\NFSC.exe  Caminho do módulo
com falha: C:\Program Files (x86)\Need\NFSC.exe  ID do Relatório: 9218fe36-561c-11e3-beeb-eca86bb1f4e9
Nome
 completo do pacote com falha:   ID do aplicativo relativo ao pacote com falha:
 
Error - 25/11/2013 18:17:52 | Computer Name = Ana | Source = Application Error | ID = 1000
Description = Nome do aplicativo com falha: GTA-VC.exe, versão: 0.0.0.0, carimbo
 de data/hora: 0x00000000  Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo
 de data/hora: 0x00000000  Código de exceção: 0xc0000005  Deslocamento da falha: 0x0000010f
ID
 do processo com falha: 0x26dc  Hora de início do aplicativo com falha: 0x01ceea2c274f5695
Caminho
 do aplicativo com falha: C:\Program Files (x86)\GTA - Long Night\GTA-VC.exe  Caminho
 do módulo com falha: unknown  ID do Relatório: 6c5d04fa-561f-11e3-beeb-eca86bb1f4e9
Nome
 completo do pacote com falha:   ID do aplicativo relativo ao pacote com falha:
 
Error - 25/11/2013 18:19:47 | Computer Name = Ana | Source = Application Error | ID = 1000
Description = Nome do aplicativo com falha: GerenciadorLocal.exe, versão: 0.0.0.0,
 carimbo de data/hora: 0x5273febf  Nome do módulo com falha: MSVCR100.dll, versão:
 10.0.40219.325, carimbo de data/hora: 0x4df2bcac  Código de exceção: 0xc0000417  Deslocamento
 da falha: 0x0000000000070468  ID do processo com falha: 0x62c  Hora de início do aplicativo
 com falha: 0x01ceea291786906d  Caminho do aplicativo com falha: C:\Positivo\Deskmedia\GerenciadorLocal.exe
Caminho
 do módulo com falha: C:\Windows\SYSTEM32\MSVCR100.dll  ID do Relatório: b1244bfd-561f-11e3-beeb-eca86bb1f4e9
Nome
 completo do pacote com falha:   ID do aplicativo relativo ao pacote com falha:
 
Error - 25/11/2013 18:21:41 | Computer Name = Ana | Source = Application Error | ID = 1000
Description = Nome do aplicativo com falha: GTA-VC.exe, versão: 0.0.0.0, carimbo
 de data/hora: 0x00000000  Nome do módulo com falha: apphelp.dll, versão: 6.2.9200.16420,
 carimbo de data/hora: 0x505aa904  Código de exceção: 0xc0000005  Deslocamento da falha:
 0x00049628  ID do processo com falha: 0x14f8  Hora de início do aplicativo com falha:
 0x01ceea2caf9ac6e3  Caminho do aplicativo com falha: C:\Program Files (x86)\GTA -
 Long Night\GTA-VC.exe  Caminho do módulo com falha: C:\Windows\system32\apphelp.dll
ID
 do Relatório: f4f7b448-561f-11e3-beeb-eca86bb1f4e9  Nome completo do pacote com falha:
   ID do aplicativo relativo ao pacote com falha:
 
Error - 25/11/2013 19:41:53 | Computer Name = Ana | Source = Application Hang | ID = 1002
Description = O programa psprotege.exe versão 4.0.11311.21102 parou de interagir
 com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre
o problema, verifique o histórico de problemas no painel de controle da Central
de Ações.    ID do Processo: 1720    Hora de Início: 01ceea292c4f9004    Hora de Término: 2    Caminho
 do Aplicativo: C:\Program Files (x86)\PSafe\Protege\psprotege.exe    ID do Relatório:
 4cff93b3-562a-11e3-beeb-eca86bb1f4e9    Nome completo do pacote com falha:     ID do aplicativo
 relativo ao pacote com falha:  
 
Error - 26/11/2013 16:31:19 | Computer Name = Ana | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
 não foi iniciado dentro do tempo alocado.
 
Error - 26/11/2013 16:31:19 | Computer Name = Ana | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Falha na ativação do aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter
 informações adicionais.
 
Error - 26/11/2013 18:03:59 | Computer Name = Ana | Source = Application Error | ID = 1000
Description = Nome do aplicativo com falha: Sims3Setup.exe, versão: 15.0.0.498,
carimbo de data/hora: 0x482518da  Nome do módulo com falha: ISRT.dll_unloaded, versão:
 0.0.0.0, carimbo de data/hora: 0x482518ba  Código de exceção: 0xc0000005  Deslocamento
 da falha: 0x046f3da0  ID do processo com falha: 0x1fc4  Hora de início do aplicativo
 com falha: 0x01ceeaeadc601836  Caminho do aplicativo com falha: C:\The.Sims.3\Sims3Setup.exe
Caminho
 do módulo com falha: ISRT.dll  ID do Relatório: a66091bb-56e6-11e3-beed-eca86bb1f4e9
Nome
 completo do pacote com falha:   ID do aplicativo relativo ao pacote com falha:
 
Error - 26/11/2013 19:43:57 | Computer Name = Ana | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
 não foi iniciado dentro do tempo alocado.
 
Error - 26/11/2013 19:43:57 | Computer Name = Ana | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Falha na ativação do aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter
 informações adicionais.
 
[ System Events ]
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
Error - 13/02/2014 14:57:34 | Computer Name = Ana | Source = DCOM | ID = 10010
Description =
 
 
< End of report >
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: Meu pc fica abrindo varias janelas de anuncios a todo momento

Guilherme
Administrador
Aina precisa de ajuda?
MODERADOR
Carregando...