Segue o log do OTL:
OTL logfile created on: 05/07/2012 11:03:35 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Fran Multimarcas\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
7,98 Gb Total Physical Memory | 5,66 Gb Available Physical Memory | 70,90% Memory free
15,96 Gb Paging File | 13,14 Gb Available in Paging File | 82,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1849,73 Gb Total Space | 1692,27 Gb Free Space | 91,49% Space Free | Partition Type: NTFS
Drive J: | 3,72 Gb Total Space | 3,12 Gb Free Space | 83,65% Space Free | Partition Type: FAT32
Computer Name: ESCRITORIO | User Name: Fran Multimarcas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - [2012/07/05 11:00:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Fran Multimarcas\Desktop\OTL.exe
PRC - [2012/06/28 09:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/28 09:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/06/28 09:51:48 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/06/21 23:59:14 | 003,669,712 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2012/06/08 21:42:12 | 001,668,952 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/06/08 21:42:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/06/01 18:01:54 | 004,407,296 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
PRC - [2012/06/01 18:01:44 | 000,720,896 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
PRC - [2012/05/18 11:00:02 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/18 10:56:14 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe
PRC - [2012/05/09 09:02:12 | 000,214,088 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/31 10:17:32 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/09/06 13:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2011/08/01 13:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/06/24 01:40:51 | 001,990,144 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4600\Scan2Pc.exe
PRC - [2011/04/29 17:18:16 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2010/11/17 09:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/09/13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 17:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/10 15:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2008/06/13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008/06/13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
========== Modules (No Company Name) ========== MOD - [2012/06/19 17:04:49 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/06/19 17:04:47 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012/06/19 17:04:45 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/19 17:04:43 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/06/19 17:04:41 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/06/14 12:10:26 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012/06/14 08:19:07 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 08:18:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 08:18:22 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 08:18:20 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/28 17:49:17 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2012/05/11 03:21:54 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/11 03:21:49 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/11 03:11:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/11 03:11:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 03:10:43 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 03:10:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 03:10:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 03:10:37 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 03:10:30 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/02/01 14:43:10 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/10/19 02:47:46 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2011/06/24 01:40:51 | 001,990,144 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4600\Scan2Pc.exe
MOD - [2011/04/29 17:18:16 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2011/04/29 17:13:50 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/04/29 17:13:48 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010/11/24 21:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010/11/21 06:37:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/17 09:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/02/19 19:17:32 | 001,384,520 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4600\SSOle.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2012/06/28 09:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! antivírus)
SRV:
64bit: - [2012/06/28 09:51:48 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:
64bit: - [2012/06/11 14:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2012/03/02 09:20:50 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:
64bit: - [2011/08/11 20:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:
64bit: - [2010/12/13 13:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:
64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:
64bit: - [2010/06/29 16:12:20 | 000,158,720 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV:
64bit: - [2009/07/13 22:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/22 17:43:23 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/21 23:59:22 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012/06/14 19:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/08 21:42:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/25 09:32:50 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2012/05/18 10:56:14 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012/05/09 09:02:12 | 000,214,088 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2012/01/13 10:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/18 21:18:44 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/10/18 21:14:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/03/16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/26 17:26:58 | 000,236,016 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/09/13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008/06/13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/07/02 16:56:58 | 000,051,496 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:
64bit: - [2012/06/28 09:52:39 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2012/06/28 09:52:38 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:
64bit: - [2012/06/28 09:52:36 | 000,958,912 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2012/06/28 09:52:36 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2012/06/28 09:52:36 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2012/06/28 09:52:35 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:
64bit: - [2012/06/28 09:52:35 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2012/06/28 09:52:35 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:
64bit: - [2012/06/28 09:52:34 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2012/06/11 15:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2012/06/11 13:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2012/06/08 21:42:30 | 000,101,400 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:
64bit: - [2012/04/10 16:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:
64bit: - [2012/03/06 20:44:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:
64bit: - [2012/03/02 09:20:50 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:
64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/23 09:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:
64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2011/11/30 13:45:01 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:
64bit: - [2011/10/19 02:47:49 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/10/19 02:47:49 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/07/22 13:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/12 18:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/05/18 07:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:
64bit: - [2010/12/13 13:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:
64bit: - [2010/11/21 00:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/21 00:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)
DRV:
64bit: - [2010/11/21 00:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:
64bit: - [2010/11/21 00:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:
64bit: - [2010/11/21 00:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2010/11/21 00:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2010/11/21 00:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)
DRV:
64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:
64bit: - [2010/09/14 09:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/08/31 21:07:06 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Áudio do vídeo Intel®
DRV:
64bit: - [2010/06/08 09:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:
64bit: - [2010/05/21 09:52:06 | 000,104,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\basp.sys -- (Blfp)
DRV:
64bit: - [2010/05/20 20:42:42 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2010/02/27 06:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:
64bit: - [2009/02/19 06:09:54 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:
64bit: - [2009/02/16 10:27:11 | 000,053,816 | R--- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV:
64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/06/08 21:42:32 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/06/08 21:42:30 | 000,297,048 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/04/12 09:21:11 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2012/04/05 09:34:04 | 000,046,408 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2011/06/12 17:52:34 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Cheat Engine 6.1\dbk64.sys -- (CEDRIVER60)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/20 02:09:54 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://start.facemoo...earchTerms}&f=4IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE:
64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/5IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.brturbo.com.br/IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {052B766E-550D-4788-B42D-2D9A09AB3306}
IE - HKCU\..\SearchScopes\{052B766E-550D-4788-B42D-2D9A09AB3306}: "URL" =
http://www.google.co...q={searchTerms}IE - HKCU\..\SearchScopes\{F8F77269-7449-4493-A55F-383EDC03850E}: "URL" =
http://br.search.yah...p={SearchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.brturbo.com.br/"FF - prefs.js..keyword.URL: "
http://br.search.yah...h?fr=mcafee&p="FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Fran Multimarcas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/23 07:28:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/18 11:00:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/02 13:41:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/03 10:31:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/24 09:40:44 | 000,000,000 | ---D | M]
[2011/10/25 09:50:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fran Multimarcas\AppData\Roaming\Mozilla\Extensions
[2012/06/28 16:19:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fran Multimarcas\AppData\Roaming\Mozilla\Firefox\Profiles\ljn9bbxi.default\extensions
[2012/01/12 08:09:55 | 000,000,000 | ---D | M] (Adicional de Seguranca CAIXA) -- C:\Users\Fran Multimarcas\AppData\Roaming\Mozilla\Firefox\Profiles\ljn9bbxi.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D}
[2012/06/18 15:57:28 | 000,000,000 | ---D | M] (Modulo de Protecao - Banco do Brasil) -- C:\Users\Fran Multimarcas\AppData\Roaming\Mozilla\Firefox\Profiles\ljn9bbxi.default\extensions\A40A8A5E886C
[2012/07/03 10:31:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/04/13 14:33:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/23 07:28:05 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012/07/02 13:41:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/06/14 19:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/05/18 11:00:11 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/06/14 20:20:55 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2012/05/01 15:01:32 | 000,002,029 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/14 20:20:55 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2012/06/14 20:20:55 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/06/14 20:20:55 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/06/14 20:20:55 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Fran Multimarcas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Fran Multimarcas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Fran Multimarcas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: avast! WebRep = C:\Users\Fran Multimarcas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Fran Multimarcas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
O1 HOSTS File: ([2012/06/28 16:19:45 | 000,000,262 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 72.52.179.92 www2.bancobrasil.com.br
O1 - Hosts: 72.52.179.97 aapj.bb.com.br
O1 - Hosts: 72.52.179.98 www.santandernet.com.br
O1 - Hosts: 72.52.179.99 bankline.itau.com.br
O1 - Hosts: 72.52.179.100 banklineplus.itau.com.br
O1 - Hosts: 72.52.179.101 internetbanking.caixa.gov.br
O1 - Hosts: 72.52.179.102 wwwss.bradesco.com.br
O2:
64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:
64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:
64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:
64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:
64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [4600 Scan2PC] C:\Windows\twain_32\Samsung\SCX4600\Scan2Pc.exe ()
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cobian Backup 11] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SCX4600_Scan2Pc] C:\Windows\twain_32\Samsung\SCX4600\Scan2Pc.exe ()
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:
64bit: - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:
64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKCU\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKCU\..Trusted Domains: caixa.gov.br ([]https in Sites confiáveis)
O16:
64bit: - DPF: {682C59F5-478C-4421-9070-AD170D143B77}
http://www.dell.com/...t/Ode/pcd64.cab (Launcher Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BE9BD86-2A03-4350-9564-3C5A91B83F66}: NameServer = 200.221.11.100,200.221.11.101
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1923FB4-44C2-4065-B707-E798A4446F3E}: NameServer = 200.221.11.100,200.221.11.101
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c9c5da45-1b3c-11e1-96b2-f04da2e1767c}\Shell - "" = AutoRun
O33 - MountPoints2\{c9c5da45-1b3c-11e1-96b2-f04da2e1767c}\Shell\AutoRun\command - "" = I:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:
64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: aux2 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:
64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:
64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:
64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:
64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:
64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:
64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:
64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:
64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32:
64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:
64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
========== Files/Folders - Created Within 90 Days ========== [2012/07/05 11:00:36 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Fran Multimarcas\Desktop\OTL.exe
[2012/07/05 08:36:56 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A6376179-E08A-45C1-A531-1F3B7500F6FD}
[2012/07/05 08:36:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{5C191908-18F2-487C-9FF2-D2129BCB6BC0}
[2012/07/04 12:05:39 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Roaming\Auslogics
[2012/07/04 09:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/07/04 09:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/07/04 09:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2012/07/04 09:36:42 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{358A5EE9-5DE1-4A6B-A585-F7EE00B2E232}
[2012/07/04 09:36:31 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A56BAC0F-3B98-401B-8E9C-C99EFD7AD315}
[2012/07/03 10:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/07/03 08:48:15 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{FF77DF36-F822-410B-9E2B-8A4E17BFB7AA}
[2012/07/03 08:48:01 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A5019E34-4A6A-460A-83C8-A74E8B22E8EB}
[2012/07/02 17:26:39 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/02 17:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/07/02 17:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/02 17:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/02 16:59:41 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Roaming\Malwarebytes
[2012/07/02 16:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/02 16:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/02 16:59:35 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/02 16:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/02 16:56:58 | 000,051,496 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012/07/02 16:56:57 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Roaming\Spyware Terminator
[2012/07/02 16:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012/07/02 16:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012/07/02 16:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2012/07/02 16:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/07/02 16:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/07/02 16:09:24 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\HijackThis.exe
[2012/07/02 13:47:32 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\Chromium
[2012/07/02 13:21:57 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{6ACE7E7D-1C9D-444D-A9AA-71A147510DD3}
[2012/07/02 13:21:45 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8BA5B536-0284-4751-83E0-F8E9AC5919D1}
[2012/07/02 13:21:32 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\Tracing
[2012/06/30 14:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/06/30 14:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/06/30 14:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/06/30 12:28:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/06/30 09:51:34 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{6F98A4C0-3A85-4939-B79D-E845E2CAC3A3}
[2012/06/30 09:51:22 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{29E4728A-7B40-40A2-90FB-3A9610C72F93}
[2012/06/29 17:31:24 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{1EFBB966-0691-4706-BA6A-D0A6FDDC15B2}
[2012/06/29 17:31:11 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{886CF02A-8231-4A4A-A79A-4722EB1421BC}
[2012/06/29 11:46:14 | 000,007,680 | ---- | C] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\gbmr.sys
[2012/06/29 05:30:44 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{94F7AF51-58E7-4996-813C-EB7E025A042F}
[2012/06/29 05:30:32 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{CEC7B196-03FD-4275-A832-8F1D2E962A0E}
[2012/06/29 05:29:43 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
[2012/06/28 16:19:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\etc
[2012/06/28 09:00:08 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{AF294A47-7A28-43F9-AF96-FA3EE01274B6}
[2012/06/28 08:59:50 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C5610932-0D7D-4640-9227-5DF967B817B5}
[2012/06/27 09:31:56 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{2704F88B-7AF8-41C4-9285-E79116C5A473}
[2012/06/27 09:31:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C020584A-1ABA-47DC-9794-FA2952510BF5}
[2012/06/26 09:00:08 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{7712B0C3-DB4A-4519-84E4-114DD68D7226}
[2012/06/26 08:59:54 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A703C041-79A2-4AF4-8364-F3EF1EBA6716}
[2012/06/25 08:15:22 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8EB11F31-ACAF-473E-8A21-469EDF00A064}
[2012/06/25 08:15:01 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{666630DF-F6EC-41AF-B7CC-7831BDCE200A}
[2012/06/23 10:00:28 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Roaming\RealNetworks
[2012/06/23 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{BA2266AE-9BC2-44D7-99B2-CCA0C346FC34}
[2012/06/23 09:15:31 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{6C7C1861-2FE3-48F8-A552-2CBF130938DD}
[2012/06/22 10:34:00 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\Desktop\Arabescos
[2012/06/22 09:00:17 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C8A69038-0EFA-48B7-9DF5-690F57C86554}
[2012/06/22 09:00:06 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{33161DE1-8E05-48B8-AC9B-77FEF6F59A96}
[2012/06/21 08:57:50 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{2B0F3895-BF3F-46EC-9DE7-C7673D572794}
[2012/06/21 08:57:33 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{47DA0ED5-42C4-4721-AEB9-FD2F0A2A8049}
[2012/06/20 10:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/20 08:56:19 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{B1F55ECA-F538-438C-B83A-6EC3A553724E}
[2012/06/20 08:56:08 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{9991BB9D-09C7-4F80-B13E-24B8AB96E13F}
[2012/06/19 09:11:05 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{1BBBB42B-6DFE-4164-BA4C-2C6E668EC239}
[2012/06/19 09:10:54 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{56D7EC1B-5D7B-4419-BFAD-C9ED556BA017}
[2012/06/18 10:01:53 | 000,000,000 | ---D | C] -- C:\Infoger Sistemas
[2012/06/18 09:47:53 | 000,450,560 | ---- | C] (Firebird Project) -- C:\Windows\SysWow64\GDS32.DLL
[2012/06/18 09:47:53 | 000,450,560 | ---- | C] (Firebird Project) -- C:\Windows\SysWow64\FBCLIENT.DLL
[2012/06/18 09:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.1 (Win32)
[2012/06/18 09:47:50 | 000,462,848 | ---- | C] (IBPhoenix) -- C:\Windows\SysWow64\Firebird2Control.cpl
[2012/06/18 09:43:32 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Roaming\TeamViewer
[2012/06/18 09:15:16 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{EDD9EA3C-3CF1-4620-83B1-2CE79C7726FD}
[2012/06/16 09:06:26 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{1C1AD37C-52AF-4EC7-AAF1-5555E20C568B}
[2012/06/15 15:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/06/15 15:09:58 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/06/15 15:09:58 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/06/15 15:09:57 | 000,142,128 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012/06/15 15:09:46 | 000,958,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/06/15 15:09:46 | 000,266,776 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012/06/15 15:09:46 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/06/15 15:09:46 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/06/15 15:09:46 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/06/15 15:09:46 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/06/15 15:09:37 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012/06/15 15:09:18 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/06/15 15:09:17 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/06/15 11:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
[2012/06/15 08:40:16 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/06/15 08:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/06/15 08:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/15 08:24:31 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{1DDBA2C8-1AED-4627-868D-F330C22CF600}
[2012/06/14 10:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/14 10:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/14 10:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/06/14 10:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/14 10:21:09 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\Desktop\AUDAC
[2012/06/14 08:19:47 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{517F6645-3ADF-47A0-B4D6-D74572A37709}
[2012/06/14 08:19:33 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{AC6E6E1C-2A8F-4B08-9423-856A899F14B4}
[2012/06/13 20:10:47 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{44BA4AF5-034A-4A8A-8138-BF7A1BE1FD18}
[2012/06/11 15:35:48 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_8.98.dll
[2012/06/11 14:19:58 | 000,532,992 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012/06/11 14:19:14 | 000,239,616 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012/06/11 14:17:56 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012/06/11 14:17:42 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012/06/09 10:49:05 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\Macromedia
[2012/06/09 10:08:29 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{D03E01F9-3A93-485A-BE90-50219E6670E1}
[2012/06/09 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{3ADE47CB-287E-4B68-B7CB-E48D7349C01A}
[2012/06/08 08:55:11 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F1786EE1-463B-4169-9486-30CA3DB36D9B}
[2012/06/08 08:54:59 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A06D3D09-31F4-46CE-9CFB-F3505419D9F8}
[2012/06/08 08:52:07 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{CFC9C88A-3995-4E9D-92A7-3605A34C8867}
[2012/06/08 08:51:51 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F36A4037-A556-4641-B80A-FEECE0CF94B9}
[2012/06/06 08:48:18 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{5AA64FFC-05F5-4F2A-A901-FF1230FC9995}
[2012/06/06 08:48:06 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{4B01CEC8-9B12-401A-816B-50796DAA93A0}
[2012/06/05 08:58:27 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{22135D65-DA7E-4AAB-AA18-E5E7BE88C2B4}
[2012/06/05 08:58:15 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C80E6454-4112-4D2B-81A3-B4755541BAE0}
[2012/06/04 08:27:47 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{9E537B17-BEEC-4DE8-961F-CC57CE5B4AEA}
[2012/06/04 08:27:20 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{7B297A71-00A8-4892-B709-FB3DCAFECB70}
[2012/06/02 10:27:29 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8377854A-DF31-4DB8-BDA6-A9A975BA3AA1}
[2012/06/02 10:27:15 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{28A2AFDE-80E9-45DD-BD95-263242A0A65F}
[2012/06/01 09:01:23 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{58895632-66DB-4522-BCDC-44BCF7AEEDA0}
[2012/06/01 09:01:07 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{B8C1EB03-BC8B-4F2D-92DC-EF7633493FEF}
[2012/05/31 09:20:06 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8858B4B4-2789-4A4D-8183-C98CE28CEA3D}
[2012/05/31 09:19:54 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{32F599BA-7A40-4A0C-BD98-DC178E21FBB2}
[2012/05/30 13:43:46 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\Desktop\Cães
[2012/05/30 08:58:54 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{48C6490B-C10A-425C-9FC8-45017D36575A}
[2012/05/30 08:58:42 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{19FE4B4F-A9BF-403E-97A9-90D9BA29A036}
[2012/05/29 08:54:58 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F93C6E99-93CF-4CF3-BF8E-7EDE63CDECE8}
[2012/05/29 08:54:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F0E2A49B-B63F-4964-ABA9-898325B35176}
[2012/05/26 14:00:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{DD21D461-28FB-47AB-B386-D4183564575D}
[2012/05/26 14:00:24 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{EA8FD576-C181-4916-A647-1B5CDEF2A8DB}
[2012/05/25 08:56:21 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{69BD4D09-9047-4200-A81C-7F3E0DCF7012}
[2012/05/25 08:56:08 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{268E4813-2132-4F4C-8F30-2F9E67C0FD37}
[2012/05/24 09:00:02 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{442159B4-9BDD-4577-983B-9629EC89845F}
[2012/05/24 08:59:48 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{582FB533-3086-4BBB-985E-38D65D09AEA9}
[2012/05/23 08:58:38 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{0AE91B68-7FD9-4791-BE95-6EFD06FCBA2D}
[2012/05/22 09:06:54 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{7C94F93A-D139-4471-8050-FB1AC50C3FD9}
[2012/05/22 09:06:39 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{CA7B12F1-346F-4630-87F2-63E0CB9DFB65}
[2012/05/21 09:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/21 09:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/05/21 09:01:04 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{1423114F-5F89-46B9-AD37-8FDF453E5D74}
[2012/05/21 09:00:49 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{978085C9-62D6-48A2-B241-D34534BF6C15}
[2012/05/19 10:15:25 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F85D442E-6C7E-4454-988D-F0EDE212855B}
[2012/05/19 10:15:11 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{0E47EC02-095B-4C95-B555-2177E5FEF309}
[2012/05/18 11:01:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/05/18 08:50:25 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{CF879F76-F118-4780-B27C-B56F87EB2D46}
[2012/05/18 08:50:13 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8E2C798B-4A90-421E-B4EF-5673278B9884}
[2012/05/17 16:27:14 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/05/17 16:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 11
[2012/05/17 08:31:09 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{DAE42D90-E611-4C92-8E5B-40DAA125E6A7}
[2012/05/17 08:30:21 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F9F000EE-B25C-43A5-B347-D29CB7120984}
[2012/05/16 09:23:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
[2012/05/16 09:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedBit Video Accelerator
[2012/05/16 09:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/05/16 08:40:49 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{E13AD96B-975F-44AD-8C42-6CCCEB7FD654}
[2012/05/16 08:40:37 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{6ABC14D0-BE3D-4893-954D-4B51115B0233}
[2012/05/15 08:16:59 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{CCE0FA1C-CC0C-4E7C-A68E-E4BF48A67170}
[2012/05/15 08:16:45 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{9F4CF0BB-ADE7-4266-A40E-E02F7C47C9B9}
[2012/05/14 09:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
[2012/05/14 09:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/05/14 09:08:07 | 000,000,000 | ---D | C] -- C:\Windows\Dell
[2012/05/14 08:33:37 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F65DA564-7A2E-4A40-A845-6C62D25BDA18}
[2012/05/14 08:32:59 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{EB7D2597-71DE-44A4-ABD3-8F7765E7E4F0}
[2012/05/14 08:30:44 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{0D4A1FF0-26B5-4965-A0D7-80F300AE2409}
[2012/05/14 08:23:32 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{85224250-21F5-4023-A2D6-D44BA15D181C}
[2012/05/14 08:18:31 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{6C2E965D-B48F-4E59-BEFF-56F1FC6FE12E}
[2012/05/12 08:50:46 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{4B35B4F9-4DC9-44F1-807B-9FBE7F4DFA0B}
[2012/05/12 08:50:33 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F1FC4068-D813-4A67-ABB8-B08990AC17ED}
[2012/05/11 08:37:45 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C8117A31-AF73-438F-B93A-7586D3E5A0B9}
[2012/05/11 08:37:34 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{20B60CB5-2948-4A4C-A45A-2E48C1C8EA49}
[2012/05/10 09:32:56 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{921F4DF6-DFA0-4114-8258-B20D8E922BA8}
[2012/05/10 09:32:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F32B2048-0CCB-41F8-BF25-8C3641A7A21A}
[2012/05/09 08:42:17 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{7E607516-341B-4C9F-A530-71D574F8DA5A}
[2012/05/09 08:42:05 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{DCAF8031-BED5-45F4-8DBA-B2120DD9ACC8}
[2012/05/08 08:27:24 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C5A0104E-4970-4778-BC4C-65ABEFCB88FE}
[2012/05/08 08:27:12 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{0A4648E7-F9BC-43FA-A057-FC1762937ECF}
[2012/05/07 08:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012/05/07 08:15:16 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{9B424FCF-FAE6-4C10-B3AC-7F376DE395B6}
[2012/05/07 08:15:03 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{3DA821A1-4BD8-4926-A28D-18BAD503E762}
[2012/05/05 09:43:00 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{5E709878-A828-4129-986A-F0348D2D1C2C}
[2012/05/05 09:42:45 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{95D77D20-CA94-4A3E-B085-78664952C4FD}
[2012/05/04 08:22:09 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8E8AA212-EB75-4A27-AB72-45089ED87595}
[2012/05/04 08:19:00 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{E91F3DCC-F053-4040-905F-4EC02DE8A8C9}
[2012/05/04 07:51:32 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{54A74A03-CCAB-476E-9F19-7C87A96CEE44}
[2012/05/04 07:51:21 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{23DC5FAF-F1D5-4323-9F7D-26C5CC84FB6D}
[2012/05/02 08:15:43 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{1E8AB520-89B4-4EDD-9124-98C8D16AF47B}
[2012/05/02 08:15:29 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{3CD85711-C532-4DC7-9798-9B7B5718376F}
[2012/05/01 14:47:53 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{328EC681-D3DA-4CD7-82B1-074140554914}
[2012/05/01 14:45:16 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{D49EF3AC-0DC3-4BE4-9515-A1E6D7AA3073}
[2012/05/01 14:40:37 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{28F27BF2-D2B5-4181-9E3B-22E61E4B6C4E}
[2012/04/30 08:28:17 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{E3547950-F498-46AC-A138-8FE9FEDA08DD}
[2012/04/30 08:28:09 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F741199D-2259-4369-9DDE-5638AD554C47}
[2012/04/28 09:40:22 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{D2AC870D-AD6C-4CBC-8A46-D7BA12FF8334}
[2012/04/28 09:40:08 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{41A64791-3A29-4D52-9D47-D9CA5F9F83C4}
[2012/04/27 08:41:13 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{8A8B84BA-7A72-488C-8150-6DE64F3A906B}
[2012/04/27 08:41:02 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{EE0EB182-46A3-4BF0-A8D6-B556617D3B58}
[2012/04/26 10:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/26 08:31:25 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{FC48752B-C290-4EF0-8B3C-F3F393A3C90E}
[2012/04/26 08:31:13 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{17DF8B15-133F-4103-9846-8328A43CB015}
[2012/04/25 08:58:12 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C21AE507-C7D8-4A77-A5F3-B0C02A60B466}
[2012/04/25 08:58:01 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F06CA8DD-5DBB-42E4-B088-177348FE18E3}
[2012/04/24 08:16:39 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{BD36B531-F4E2-42DE-93EE-846314F69369}
[2012/04/24 08:16:25 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{88958786-A6BB-4A37-8C32-E0DB82DE3909}
[2012/04/23 08:39:37 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A056463A-0169-428A-BCA8-51986BEA954B}
[2012/04/23 08:39:19 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{768246F5-C978-4C00-8357-CDF33C7F386C}
[2012/04/20 13:59:26 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\Documents\Almost Human
[2012/04/20 08:23:35 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{84F39A75-A7DC-49FF-A0BF-37318C9BB7BC}
[2012/04/20 08:23:22 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{972FB419-7940-4674-AD82-CC4C6846ABBA}
[2012/04/19 14:04:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/04/19 08:52:50 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{91ACEC20-87F3-46EA-A3D0-8CAF6C31B87B}
[2012/04/19 08:52:36 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{971D6564-1CCF-40E4-92CE-89CAB66808A2}
[2012/04/18 08:22:47 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{3E30DCF2-4E0F-47E4-8A01-CF28743DE42C}
[2012/04/18 08:22:28 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{53898AD6-D884-4F8E-AAFB-D3163C63D2A7}
[2012/04/17 08:20:13 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{0CB3B47C-26F7-46E7-BB67-25FD5DC8A636}
[2012/04/17 08:19:59 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F1A89583-35FF-401F-BB5C-B3F85B799506}
[2012/04/16 08:55:58 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{D7892549-CF70-488E-B0DD-EA2D6FEDD093}
[2012/04/16 08:55:44 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{A8E3AC8E-591B-48BF-B64E-78A078C0D138}
[2012/04/16 08:33:07 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{FE1549E1-EF7E-4EFC-806E-433FD61B27DB}
[2012/04/14 14:32:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/04/14 09:21:42 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F6779DE4-A6B2-4BFB-8036-375BF2D0EC55}
[2012/04/14 09:21:29 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{4298BD73-6893-4A67-9149-8AA0D41813C9}
[2012/04/13 16:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/04/13 16:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/04/13 16:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/04/13 16:22:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/04/13 14:47:14 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\Real
[2012/04/13 14:46:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/04/13 14:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/04/13 14:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/13 14:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/13 14:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/13 08:35:49 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{0B28B053-D1C2-435E-8833-7BB7BFADCF28}
[2012/04/13 08:35:26 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C1900034-DEA9-4C9C-9ADE-53BD68FBC029}
[2012/04/12 09:21:09 | 000,101,400 | ---- | C] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/04/12 09:20:40 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\Trusteer
[2012/04/12 09:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Rapport
[2012/04/12 09:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trusteer
[2012/04/12 09:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusteer
[2012/04/12 08:14:06 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{7E1E0BEA-CC08-43E1-909C-7399E3518450}
[2012/04/11 08:24:14 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{08F6B530-2538-441B-9F24-D2DC5AAE4FE0}
[2012/04/10 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\Documents\Readiris
[2012/04/10 08:31:03 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{2EF81D3C-4054-4EE8-A189-980EDFABA42C}
[2012/04/09 08:35:57 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{F27C2C24-84D0-44DA-8DA1-DE4EABA1BC3A}
[2012/04/07 09:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2012/04/07 08:52:49 | 000,000,000 | ---D | C] -- C:\Users\Fran Multimarcas\AppData\Local\{C4C5E50C-17C1-417B-9446-B6BD10BC5958}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2012/07/05 11:02:07 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/05 11:02:07 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/05 11:00:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Fran Multimarcas\Desktop\OTL.exe
[2012/07/05 10:55:20 | 000,001,863 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\Navegador da SafeZone.lnk
[2012/07/05 10:54:28 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/05 10:53:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/05 10:53:32 | 2133,647,359 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/05 10:51:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/05 10:43:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/05 09:35:28 | 000,000,183 | ---- | M] () -- C:\ProgramData\RmUserCfg.ini
[2012/07/05 09:35:28 | 000,000,045 | ---- | M] () -- C:\ProgramData\IpAndPort.fig
[2012/07/04 09:50:30 | 000,001,252 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\Auslogics Disk Defrag.lnk
[2012/07/03 10:28:29 | 000,041,288 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\bookmarks-2012-07-03.json
[2012/07/02 17:24:50 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/02 16:59:36 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/02 16:56:58 | 000,051,496 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012/07/02 16:56:56 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012/07/02 16:56:07 | 000,001,085 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\SpywareBlaster.lnk
[2012/07/02 16:09:29 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HijackThis.exe
[2012/07/02 13:41:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/06/29 10:42:50 | 001,636,276 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/29 10:42:50 | 000,706,312 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2012/06/29 10:42:50 | 000,654,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/29 10:42:50 | 000,147,038 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2012/06/29 10:42:50 | 000,121,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/29 10:27:26 | 000,123,584 | ---- | M] () -- C:\Users\Fran Multimarcas\Documents\cc_20120629_102720.reg
[2012/06/28 16:19:47 | 000,007,680 | ---- | M] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\gbmr.sys
[2012/06/28 16:19:45 | 000,000,262 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/06/28 09:52:39 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/06/28 09:52:38 | 000,142,128 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012/06/28 09:52:36 | 000,958,912 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/06/28 09:52:36 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/06/28 09:52:36 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/06/28 09:52:35 | 000,266,776 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012/06/28 09:52:35 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/06/28 09:52:35 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/06/28 09:52:34 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/06/28 09:52:20 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/06/28 09:51:49 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/06/28 09:51:33 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/06/25 10:18:52 | 000,011,266 | ---- | M] () -- C:\Users\Fran Multimarcas\AppData\Roaming\SmarThruOptions.xml
[2012/06/21 14:21:22 | 000,000,221 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\Sniper Ghost Warrior.url
[2012/06/18 18:01:45 | 000,001,729 | ---- | M] () -- C:\Users\Public\Desktop\InfoCom 7.5.lnk
[2012/06/18 09:43:20 | 001,452,488 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\Team Viewer Acesso Remoto.exe
[2012/06/14 10:22:55 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/14 08:17:19 | 000,479,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/11 15:35:48 | 000,070,144 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_8.98.dll
[2012/06/11 14:26:12 | 000,263,840 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012/06/11 14:26:12 | 000,263,840 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2012/06/11 14:19:58 | 000,532,992 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012/06/11 14:19:14 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012/06/11 14:17:56 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012/06/11 14:17:42 | 000,021,504 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012/06/11 13:50:46 | 000,187,392 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2012/06/11 13:50:16 | 002,936,864 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2012/06/11 13:41:48 | 002,971,136 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2012/06/08 21:42:30 | 000,101,400 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/05/24 09:35:36 | 000,000,660 | ---- | M] () -- C:\Users\Fran Multimarcas\Desktop\Cedente - Atalho.lnk
[2012/05/18 11:00:05 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/05/05 08:27:57 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/05 08:27:57 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/04/12 16:30:10 | 000,637,743 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/07/04 09:50:30 | 000,001,252 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\Auslogics Disk Defrag.lnk
[2012/07/03 16:20:10 | 000,000,045 | ---- | C] () -- C:\ProgramData\IpAndPort.fig
[2012/07/03 15:44:13 | 000,001,863 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\Navegador da SafeZone.lnk
[2012/07/03 10:31:53 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/03 10:28:29 | 000,041,288 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\bookmarks-2012-07-03.json
[2012/07/02 17:24:50 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/02 16:59:36 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/02 16:56:56 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012/07/02 16:56:07 | 000,001,085 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\SpywareBlaster.lnk
[2012/06/29 10:27:23 | 000,123,584 | ---- | C] () -- C:\Users\Fran Multimarcas\Documents\cc_20120629_102720.reg
[2012/06/21 14:21:22 | 000,000,221 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\Sniper Ghost Warrior.url
[2012/06/18 09:43:14 | 001,452,488 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\Team Viewer Acesso Remoto.exe
[2012/06/15 08:40:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/06/14 10:22:55 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/11 14:26:12 | 000,263,840 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012/06/11 14:26:12 | 000,263,840 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012/06/11 13:50:46 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2012/06/11 13:50:16 | 002,936,864 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2012/06/11 13:41:48 | 002,971,136 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2012/05/24 09:35:36 | 000,000,660 | ---- | C] () -- C:\Users\Fran Multimarcas\Desktop\Cedente - Atalho.lnk
[2012/04/19 14:04:19 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/04/19 14:04:19 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/04/16 08:48:08 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/04/16 08:47:59 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/04/16 08:47:50 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/04/16 08:47:45 | 000,002,492 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/04/13 08:38:22 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/04/12 16:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/14 23:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 23:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/12/26 13:46:00 | 000,569,489 | ---- | C] () -- C:\Users\Fran Multimarcas\Personalizadas Ouro Fino.pdf
[2011/12/21 11:02:12 | 000,685,118 | ---- | C] () -- C:\Users\Fran Multimarcas\água(1).jpg
[2011/12/21 11:02:04 | 000,433,759 | ---- | C] () -- C:\Users\Fran Multimarcas\Água_ curvas.cdr
[2011/12/21 08:51:54 | 000,000,183 | ---- | C] () -- C:\ProgramData\RmUserCfg.ini
[2011/12/06 18:06:53 | 000,002,793 | ---- | C] () -- C:\Windows\RBuilder.ini
[2011/12/06 11:26:35 | 000,004,608 | ---- | C] () -- C:\Users\Fran Multimarcas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/07 09:24:03 | 000,092,160 | ---- | C] () -- C:\Windows\smgrinst.exe
[2011/11/07 09:24:00 | 000,143,872 | ---- | C] () -- C:\Windows\Wiainst64.exe
[2011/10/25 20:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/25 17:24:41 | 000,174,976 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/25 13:40:43 | 000,000,047 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/10/25 07:37:56 | 000,011,266 | ---- | C] () -- C:\Users\Fran Multimarcas\AppData\Roaming\SmarThruOptions.xml
[2011/10/25 07:37:45 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SvcMan.exe
[2011/10/25 07:37:25 | 000,000,137 | ---- | C] () -- C:\Windows\Readiris.ini
[2011/10/25 07:37:23 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll
[2011/10/25 07:34:34 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/10/25 07:34:33 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe
[2011/10/24 17:00:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/10/18 21:19:25 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/10/18 21:19:25 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/10/18 21:19:25 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/10/18 21:19:25 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/10/18 21:19:25 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/10/18 20:52:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/12 19:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/08/26 19:22:30 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/02/12 14:07:12 | 001,604,028 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/01 06:18:04 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\DvrOcxRUS.dll
[2010/09/01 06:17:50 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\CovH264ToAvi.dll
========== LOP Check ========== [2012/07/04 12:05:39 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\Auslogics
[2012/05/17 10:47:01 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\DAEMON Tools Lite
[2011/12/07 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\FileHunter
[2011/10/24 16:22:58 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\Fingertapps
[2011/12/14 08:26:22 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\FreeAudioPack
[2012/05/14 09:17:45 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\PCDr
[2011/10/25 17:36:36 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\SoftGrid Client
[2012/07/02 16:56:57 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\Spyware Terminator
[2012/06/18 09:43:32 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\TeamViewer
[2011/10/25 08:09:16 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\TP
[2012/05/30 19:16:11 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\TS3Client
[2011/11/21 12:52:45 | 000,000,000 | ---D | M] -- C:\Users\Fran Multimarcas\AppData\Roaming\ZinioReader4
[2012/05/05 08:27:57 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/17 10:39:17 | 000,032,502 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/05 08:27:57 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.* /90 > < %systemdrive%\drivers\*.exe > < %SYSTEMDRIVE%\*.* >[2011/10/19 02:49:44 | 000,025,941 | RH-- | M] () -- C:\dell.sdr
[2012/07/05 10:53:32 | 2133,647,359 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/02 16:09:29 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HijackThis.exe
[2012/07/02 18:23:40 | 000,020,039 | ---- | M] () -- C:\hijackthis.log
[2012/07/05 10:53:37 | 4276,523,007 | -HS- | M] () -- C:\pagefile.sys
[2012/06/28 16:19:49 | 000,000,008 | ---- | M] () -- C:\wUpdate7.txt
< %LOCALAPPDATA%\*.exe > < %LOCALAPPDATA%\*.txt > < %LOCALAPPDATA%\*.ini >[2011/12/06 12:46:14 | 000,004,608 | ---- | M] () -- C:\Users\Fran Multimarcas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
< %LOCALAPPDATA%\*.dll > < %LOCALAPPDATA%\*.dat >[2011/10/25 09:03:46 | 000,134,432 | ---- | M] () -- C:\Users\Fran Multimarcas\AppData\Local\GDIPFONTCACHEV1.DAT
< %USERPROFILE%\*.exe > < %USERPROFILE%\*.txt > < %USERPROFILE%\*.ini >[2011/10/24 16:14:00 | 000,000,020 | -HS- | M] () -- C:\Users\Fran Multimarcas\ntuser.ini
< %USERPROFILE%\*.dll > < %USERPROFILE%\*.dat /30 >[2012/07/05 11:08:44 | 006,291,456 | -HS- | M] () -- C:\Users\Fran Multimarcas\ntuser.dat
< C:\windows\system32\Tasks\*.* /s > < C:\windows\system32\Tasks\*.* /s /64 >[2012/06/22 17:43:26 | 000,003,840 | ---- | M] () -- C:\Windows\SysNative\Tasks\Adobe Flash Player Updater
[2012/04/23 20:23:47 | 000,003,082 | ---- | M] () -- C:\Windows\SysNative\Tasks\AutoKMS
[2012/03/26 14:38:37 | 000,003,662 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineCore
[2012/03/26 14:38:37 | 000,003,914 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineUA
[2012/06/29 10:38:41 | 000,003,488 | ---- | M] () -- C:\Windows\SysNative\Tasks\PCDEventLauncher
[2012/05/01 15:06:02 | 000,004,292 | ---- | M] () -- C:\Windows\SysNative\Tasks\PCDoctorBackgroundMonitorTask
[2012/05/18 11:47:36 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask10790448S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/06/14 08:41:44 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask1499091S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/04 08:28:35 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask706590S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:01:31 | 000,003,108 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8025097S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:01:34 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8027811S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:03:41 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8155435S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:05:05 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8238958S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:10:32 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8566358S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:10:37 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8571662S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/18 11:11:09 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask8603673S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/05/29 08:54:53 | 000,003,124 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealCreateProcessScheduledTask86513848S-1-5-21-4268702854-4258170008-1519531945-1000
[2012/07/05 10:55:15 | 000,003,254 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealUpgradeLogonTaskS-1-5-21-4268702854-4258170008-1519531945-1000
[2012/07/05 10:55:06 | 000,003,366 | ---- | M] () -- C:\Windows\SysNative\Tasks\RealUpgradeScheduledTaskS-1-5-21-4268702854-4258170008-1519531945-1000
[2011/12/05 13:55:29 | 000,003,148 | ---- | M] () -- C:\Windows\SysNative\Tasks\SidebarExecute
[2012/05/02 16:00:03 | 000,003,558 | ---- | M] () -- C:\Windows\SysNative\Tasks\SystemToolsDailyTest
[2011/10/24 17:53:54 | 000,003,370 | ---- | M] () -- C:\Windows\SysNative\Tasks\{025FD0E6-CD5E-40C0-8518-27068E9F4D4C}
[2011/11/10 17:06:51 | 000,003,154 | ---- | M] () -- C:\Windows\SysNative\Tasks\{CCAA98C4-827E-4A24-AF36-96694343BBD5}
[2012/05/18 10:58:59 | 000,003,140 | ---- | M] () -- C:\Windows\SysNative\Tasks\{EA9125DF-9178-4909-B9FD-6CA918531247}
[2012/07/05 11:02:08 | 000,003,856 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows Defender\MP Scheduled Scan
[2012/04/16 08:47:34 | 000,004,158 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
[2009/07/14 01:53:29 | 000,004,472 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
[2009/07/14 01:53:29 | 000,003,854 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
[2009/07/14 01:54:39 | 000,002,900 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\PolicyConverter
[2009/07/14 01:54:39 | 000,003,790 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
[2009/07/14 01:54:05 | 000,003,458 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\AitAgent
[2009/07/14 01:54:05 | 000,003,614 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater
[2009/07/14 01:49:22 | 000,003,026 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Autochk\Proxy
[2009/07/14 01:57:09 | 000,001,862 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask
[2009/07/14 01:53:22 | 000,004,130 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask
[2009/07/14 01:53:22 | 000,003,868 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask
[2009/07/14 02:09:01 | 000,003,134 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
[2009/07/14 01:57:09 | 000,002,934 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
[2009/07/14 01:53:33 | 000,003,946 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask
[2009/07/14 01:54:08 | 000,003,598 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
[2009/07/14 01:57:12 | 000,003,886 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag
[2009/07/14 01:57:07 | 000,004,018 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Diagnosis\Scheduled
[2011/11/28 08:02:05 | 000,003,760 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
[2011/02/12 10:01:19 | 000,002,538 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
[2009/07/14 01:57:13 | 000,003,554 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Location\Notifications
[2011/10/26 11:00:23 | 000,004,084 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maintenance\WinSAT
[2011/02/12 10:01:23 | 000,002,420 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch
[2011/02/12 10:01:22 | 000,002,448 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService
[2011/02/12 10:01:23 | 000,002,592 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
[2011/02/12 10:01:22 | 000,002,400 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ehDRMInit
[2011/02/12 10:01:22 | 000,002,546 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\InstallPlayReady
[2011/02/12 10:01:23 | 000,002,790 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\mcupdate
[2011/02/12 10:01:24 | 000,002,954 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask
[2011/02/12 10:01:24 | 000,002,958 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
[2011/02/12 10:01:22 | 000,002,380 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\OCURActivate
[2011/02/12 10:01:22 | 000,002,400 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\OCURDiscovery
[2011/02/12 10:01:22 | 000,002,384 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PBDADiscovery
[2011/02/12 10:01:27 | 000,003,226 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1
[2011/02/12 10:01:27 | 000,003,228 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2
[2011/02/12 10:01:21 | 000,003,822 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry
[2011/02/12 10:01:23 | 000,002,926 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask
[2011/02/12 10:01:24 | 000,002,918 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask
[2011/02/12 10:01:21 | 000,003,078 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\RecordingRestart
[2011/02/12 10:01:22 | 000,002,408 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\RegisterSearch
[2011/02/12 10:01:23 | 000,002,432 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot
[2011/02/12 10:01:24 | 000,002,942 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask
[2011/02/12 10:01:22 | 000,002,736 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath
[2009/07/14 01:53:33 | 000,003,304 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
[2009/07/14 01:53:33 | 000,003,510 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
[2011/02/12 10:01:22 | 000,003,576 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MobilePC\HotStart
[2009/07/14 01:54:22 | 000,003,168 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MUI\LPRemove
[2009/07/14 01:57:07 | 000,002,602 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService
[2009/07/14 01:54:39 | 000,002,044 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo
[2011/02/12 14:03:55 | 000,004,082 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Offline Files\Background Synchronization
[2011/02/12 10:01:19 | 000,003,058 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization
[2009/07/14 01:55:03 | 000,002,832 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor
[2009/07/14 01:53:47 | 000,003,752 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
[2009/07/14 01:57:07 | 000,004,370 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RAC\RacTask
[2009/07/14 01:49:35 | 000,003,052 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Ras\MobilityManager
[2009/07/14 01:54:36 | 000,003,956 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Registry\RegIdleBackup
[2009/07/14 01:57:09 | 000,004,596 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
[2009/07/14 01:57:07 | 000,003,616 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\WindowsParentalControls
[2009/07/14 02:09:03 | 000,003,912 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration
[2011/02/12 10:01:19 | 000,003,784 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\AutoWake
[2011/02/12 10:01:19 | 000,003,612 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\GadgetManager
[2011/10/18 20:56:15 | 000,003,698 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\SessionAgent
[2011/10/18 20:57:09 | 000,003,792 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\SystemDataProviders
[2009/07/14 01:49:17 | 000,003,942 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
[2009/07/14 02:01:13 | 000,003,506 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SystemRestore\SR
[2009/07/14 01:53:50 | 000,002,614 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Task Manager\Interactive
[2009/07/14 01:53:21 | 000,003,950 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1
[2009/07/14 01:53:21 | 000,004,066 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2
[2009/07/14 01:53:46 | 000,002,978 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
[2009/07/14 01:49:48 | 000,003,388 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime
[2009/07/14 01:49:26 | 000,001,730 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig
[2009/07/14 01:53:37 | 000,003,420 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask
[2009/07/14 01:49:24 | 000,002,682 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WDI\ResolutionHost
[2012/04/23 10:44:40 | 000,004,364 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask
[2012/04/23 10:44:41 | 000,004,362 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline
[2009/07/14 01:49:16 | 000,003,048 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting
[2009/07/14 01:49:42 | 000,003,290 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange
[2009/07/14 01:57:13 | 000,003,304 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
[2010/11/20 23:53:42 | 000,004,330 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification
[2009/07/14 02:09:01 | 000,003,532 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011/10/25 08:08:44 | 000,004,392 | ---- | M] () -- C:\Windows\SysNative\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask
[2011/10/25 10:28:38 | 000,004,504 | ---- | M] () -- C:\Windows\SysNative\Tasks\WPD\SqmUpload_S-1-5-21-4268702854-4258170008-1519531945-1000
< %windir%\tasks\*.* /s >[2012/07/05 10:51:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/05 10:54:28 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/05 10:43:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/05 08:27:57 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/07/05 10:53:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/05/17 10:39:17 | 000,032,502 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
[2012/05/05 08:27:57 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2009/06/10 17:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.com >[2009/07/14 02:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 02:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 02:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 02:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\*.scr >[2012/06/28 09:52:20 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >"DefaultConnectionSettings" = [Binary data over 100 bytes]
"SavedLegacySettings" = [Binary data over 100 bytes]
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations > < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments > < HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 357 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
