Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Hoje à(s) 10:37

Quem está conectado
4 usuários online :: 1 usuário cadastrado, Nenhum Invisível e 3 Visitantes

RS_Computadores

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


URL:Mal Thread Como remover?

Página 2 de 3 Anterior  1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Sab 17 Maio 2014, 10:32

Print do problema com o exemplo chrome.exe
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Sab 17 Maio 2014, 10:35

Desative temporariamente seu antivirus para evitar conflitos.

Baixe: < Pre_Scan > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Você precisa estar registrado e conectado para ver esta imagem.]

Execute-o da forma indicada nesta postagem:

Tutorial de instalação e execução do Pre_Scan

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Sab 17 Maio 2014, 10:39

Isso ocorreu ao tentar baixar o arquivo.
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Sab 17 Maio 2014, 10:42

é porque você não fez o que te pedi:
Desative temporariamente seu antivirus para evitar conflitos.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Sab 17 Maio 2014, 13:04

Eu desativei ^^, consegui fazer o download, mais no meio do scan ocorre um erro:

"Usage variable content -> pre_scan.exe"*


*algo assim.

E o software para de funcionar

avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Sab 17 Maio 2014, 13:23

Baixe o Farbar Recovery Scan Tool e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

Analise importantes áreas do Windows com Farbar Recovery Scan Tool (versão 64 bits)

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Sab 17 Maio 2014, 14:23

Power, vou rodar o programa agora, mais antes de tudo queria te perguntar uma coisa:

Cada programa que eu baixei indicado por você, ao executa-lo é como c o virus tivesse infectado o mesmo.

Por exemplo ao invez do processo ser por exemplo o chrome.exe, muda para JRB.exe(programa que voce me passou).

Queria saber se isso impacta no scan.

Grato,
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Sab 17 Maio 2014, 14:27

FRST Log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lucca (administrator) on LUCCA-PC on 17-05-2014 14:24:07
Running from C:\Users\Lucca\Desktop
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Você precisa estar registrado e conectado para ver este link.]
Download link for 64-Bit Version: [Você precisa estar registrado e conectado para ver este link.]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Você precisa estar registrado e conectado para ver este link.]

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 1999-12-31] (IDT, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-10] ()
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-11-14] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
ShortcutTarget: _uninst_69375366.lnk -> C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL No File
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1389096 2013-05-23] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-11-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-14]

Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Docs) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]
CHR Extension: (Google Drive) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]
CHR Extension: (YouTube) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17]
CHR Extension: (Pesquisa do Google) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-05-17]
CHR Extension: (Gmail) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-02-12]

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [410152 2013-05-23] (GAS Tecnologia)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-12-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5110864 2013-03-06] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-06] ()

==================== Drivers (Whitelisted) ====================

R0 69375366; C:\Windows\System32\DRIVERS\69375366.sys [460888 2014-05-15] (Kaspersky Lab ZAO)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-26] (AVG Technologies)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 X6va011; No ImagePath
S3 X6va012; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-17 14:24 - 2014-05-17 14:24 - 00020358 _____ () C:\Users\Lucca\Desktop\FRST.txt
2014-05-17 14:21 - 2014-05-17 14:24 - 00000000 ____D () C:\FRST
2014-05-17 14:19 - 2014-05-17 14:20 - 02067456 _____ (Farbar) C:\Users\Lucca\Desktop\FRST64.exe
2014-05-17 10:42 - 2014-05-17 12:49 - 00029051 _____ () C:\Pre_Scan.txt
2014-05-17 10:41 - 2014-05-17 12:49 - 00000000 ____D () C:\Pre_Scan
2014-05-17 10:40 - 2014-05-17 10:40 - 02546688 _____ () C:\Users\Lucca\Desktop\Pre_Scan.exe
2014-05-17 10:37 - 2014-05-17 10:37 - 02388421 _____ () C:\Users\Lucca\Downloads\trz470E.tmp
2014-05-17 09:55 - 2014-05-17 09:55 - 00064656 _____ () C:\Users\Lucca\Desktop\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:20 - 2014-05-17 09:55 - 00064656 _____ () C:\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:14 - 2014-05-17 09:55 - 00000000 ____D () C:\Shortcut_Module
2014-05-17 09:12 - 2014-05-17 09:12 - 02560000 _____ () C:\Users\Lucca\Desktop\Shortcut_Module.exe
2014-05-16 15:55 - 2014-05-16 22:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 15:54 - 2014-05-16 15:54 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-16 15:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-16 15:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-16 15:14 - 2014-05-16 15:15 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lucca\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 14:48 - 2014-05-16 14:48 - 00002399 _____ () C:\Users\Lucca\Desktop\ZHPFixReport.txt
2014-05-16 14:06 - 2014-05-16 14:06 - 00038081 _____ () C:\Users\Lucca\Desktop\ZHPDiag.txt
2014-05-16 13:22 - 2014-05-16 14:48 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\ZHP
2014-05-16 13:22 - 2014-05-16 14:05 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-16 13:22 - 2014-05-16 13:22 - 00001993 _____ () C:\Users\Lucca\Desktop\ZHPFix.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00001866 _____ () C:\Users\Lucca\Desktop\ZHPDiag.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-16 13:20 - 2014-05-16 13:21 - 06778102 _____ (Nicolas Coolman ) C:\Users\Lucca\Downloads\ZHPDiag2.exe
2014-05-16 12:57 - 2014-05-16 12:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-16 06:11 - 2014-05-16 06:11 - 01016261 _____ (Thisisu) C:\Users\Lucca\Downloads\JRT (1).exe
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 22:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-15 22:56 - 2014-05-15 22:57 - 00000000 ____D () C:\AdwCleaner
2014-05-15 22:55 - 2014-05-15 22:55 - 01325827 _____ () C:\Users\Lucca\Desktop\AdwCleaner (1).exe
2014-05-15 22:32 - 2014-05-15 22:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 22:22 - 2014-05-15 22:38 - 00023348 _____ () C:\zoek-results.log
2014-05-15 22:20 - 2014-05-16 22:37 - 00000000 ____D () C:\zoek_backup
2014-05-15 22:20 - 2014-05-15 22:20 - 01285120 _____ () C:\Users\Lucca\Downloads\zoek.exe
2014-05-15 21:06 - 2014-05-15 21:07 - 00086858 _____ () C:\Users\Lucca\Desktop\Extras.Txt
2014-05-15 21:05 - 2014-05-15 21:05 - 00124118 _____ () C:\Users\Lucca\Desktop\OTL.Txt
2014-05-15 21:01 - 2014-05-15 21:01 - 00058402 _____ () C:\Users\Lucca\Downloads\OTL.Txt
2014-05-15 21:00 - 2014-05-15 21:00 - 00045348 _____ () C:\Users\Lucca\Downloads\Extras.Txt
2014-05-15 20:57 - 2014-05-15 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lucca\Desktop\OTL.exe
2014-05-15 20:55 - 2014-05-15 20:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\MicrosoftFixit.WinSecurity.LB.148323628781154625.1.1.Run.exe
2014-05-14 23:02 - 2014-05-15 04:25 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\69375366.sys
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 22:12 - 2014-05-14 22:16 - 136723680 _____ () C:\Users\Lucca\Downloads\setup_11.0.1.1245.x01_2014_05_15_04_26.exe
2014-05-13 22:22 - 2014-05-13 22:22 - 00008966 _____ () C:\Users\Lucca\Downloads\pista da hot wheels 5.Challenge.Gbx
2014-05-13 21:40 - 2014-05-13 21:40 - 00128360 _____ () C:\Users\Lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 20:12 - 2014-05-13 20:12 - 00004002 _____ () C:\Personalization_Panel_Undo.log
2014-05-13 19:21 - 2014-05-13 19:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-13 15:58 - 2014-05-13 16:07 - 00000000 ____D () C:\Users\Todos os Usuários\TrackMania
2014-05-13 15:58 - 2014-05-13 16:07 - 00000000 ____D () C:\ProgramData\TrackMania
2014-05-10 13:19 - 2014-05-10 13:19 - 00146918 _____ () C:\Users\Lucca\Downloads\resources_OmenJeraziah (1).rar
2014-05-04 15:01 - 2014-05-04 15:01 - 03443946 _____ () C:\Users\Lucca\Downloads\resources_GuardinCovenantBubbles.rar
2014-05-03 20:21 - 2014-05-03 20:21 - 00013789 _____ () C:\Users\Lucca\Downloads\FullSpeed #001.Challenge.Gbx
2014-04-30 19:49 - 2014-04-30 19:49 - 00000000 ____D () C:\Users\Lucca\Documents\Gunz2
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft OneDrive
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-28 21:44 - 2014-04-28 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-28 21:13 - 2014-04-28 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-28 21:04 - 2014-04-28 21:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-28 21:03 - 2014-04-28 21:03 - 00963800 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\Setup.X86.pt-BR_O365HomePremRetail_934c1b3c-717f-4a6c-8b74-c4e962c62ea2_TX_PR_.exe
2014-04-26 16:38 - 2014-04-26 16:39 - 00014138 _____ () C:\Users\Lucca\Downloads\resources_ApolloArtillery.rar
2014-04-26 13:30 - 2014-04-26 13:30 - 00215203 _____ () C:\Users\Lucca\Downloads\resources_FocusPocus.rar
2014-04-25 19:04 - 2014-04-25 19:04 - 00475370 _____ () C:\Users\Lucca\Downloads\resourcesFocusPocus.s2z
2014-04-24 22:08 - 2014-04-24 22:11 - 00000000 ____D () C:\LinhaDefensiva
2014-04-24 22:08 - 2014-04-24 22:08 - 00178597 _____ (Igor Pavlov) C:\Users\Lucca\Downloads\bankerfix (1).exe
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:24 - 2014-04-23 18:12 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-04-18 01:12 - 2014-04-18 06:02 - 1998326696 _____ () C:\Users\Lucca\Downloads\HoNClient-3.2.7.exe
2014-04-17 16:29 - 2014-04-17 16:29 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe
2014-04-17 16:27 - 2014-04-17 16:27 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe
2014-04-17 16:15 - 2014-04-17 16:29 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-04-17 16:08 - 2014-04-17 16:10 - 08392456 _____ () C:\Users\Lucca\Downloads\TBear-v2.exe
2014-04-17 16:06 - 2014-04-17 16:07 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe

==================== One Month Modified Files and Folders =======

2014-05-17 14:24 - 2014-05-17 14:24 - 00020358 _____ () C:\Users\Lucca\Desktop\FRST.txt
2014-05-17 14:24 - 2014-05-17 14:21 - 00000000 ____D () C:\FRST
2014-05-17 14:24 - 2013-05-10 16:17 - 00000000 ____D () C:\Users\Lucca\AppData\Local\PMB Files
2014-05-17 14:22 - 2012-11-14 13:27 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-17 14:20 - 2014-05-17 14:19 - 02067456 _____ (Farbar) C:\Users\Lucca\Desktop\FRST64.exe
2014-05-17 14:14 - 2013-01-31 23:16 - 00000000 ____D () C:\Users\Lucca\Documents\TrackMania
2014-05-17 13:40 - 2012-11-14 13:21 - 01368985 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 13:38 - 2013-01-31 22:30 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 13:05 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:05 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:01 - 2013-07-19 23:58 - 00000000 ____D () C:\Users\Lucca\AppData\Local\LogMeIn Hamachi
2014-05-17 13:01 - 2012-12-03 20:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-17 12:59 - 2013-01-31 22:30 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-05-17 12:57 - 2014-01-17 11:14 - 00021870 _____ () C:\Windows\PFRO.log
2014-05-17 12:57 - 2013-12-29 15:21 - 00003558 _____ () C:\Windows\setupact.log
2014-05-17 12:57 - 2013-07-19 16:14 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-05-17 12:57 - 2013-07-19 16:14 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-05-17 12:57 - 2013-07-19 16:14 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-05-17 12:57 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 12:49 - 2014-05-17 10:42 - 00029051 _____ () C:\Pre_Scan.txt
2014-05-17 12:49 - 2014-05-17 10:41 - 00000000 ____D () C:\Pre_Scan
2014-05-17 10:40 - 2014-05-17 10:40 - 02546688 _____ () C:\Users\Lucca\Desktop\Pre_Scan.exe
2014-05-17 10:37 - 2014-05-17 10:37 - 02388421 _____ () C:\Users\Lucca\Downloads\trz470E.tmp
2014-05-17 09:55 - 2014-05-17 09:55 - 00064656 _____ () C:\Users\Lucca\Desktop\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:55 - 2014-05-17 09:20 - 00064656 _____ () C:\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:55 - 2014-05-17 09:14 - 00000000 ____D () C:\Shortcut_Module
2014-05-17 09:48 - 2013-08-17 08:01 - 00000000 ____D () C:\Users\Lucca\Desktop\SPY
2014-05-17 09:47 - 2013-04-07 12:29 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Unity
2014-05-17 09:47 - 2012-12-22 16:55 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Macrovision
2014-05-17 09:46 - 2013-04-07 12:22 - 00000000 ____D () C:\Users\Lucca\AppData\Local\Unity
2014-05-17 09:46 - 2013-02-19 18:12 - 00000000 ____D () C:\Users\Lucca\AppData\Local\SoftorinoUpdates
2014-05-17 09:41 - 2012-11-14 14:02 - 00000000 ____D () C:\Users\Todos os Usuários\Macrovision
2014-05-17 09:41 - 2012-11-14 14:02 - 00000000 ____D () C:\ProgramData\Macrovision
2014-05-17 09:39 - 2013-11-26 20:58 - 00000000 ____D () C:\Program Files (x86)\F1 2012
2014-05-17 09:39 - 2013-02-02 15:34 - 00000000 ____D () C:\Program Files (x86)\"Hao123.com"
2014-05-17 09:19 - 2012-11-14 14:03 - 00000000 ____D () C:\Users\Todos os Usuários\Sonic
2014-05-17 09:19 - 2012-11-14 14:03 - 00000000 ____D () C:\ProgramData\Sonic
2014-05-17 09:16 - 2013-03-01 17:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-17 09:15 - 2013-02-12 12:23 - 00000000 ____D () C:\Windows\rescache
2014-05-17 09:15 - 2012-12-19 13:44 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-17 09:12 - 2014-05-17 09:12 - 02560000 _____ () C:\Users\Lucca\Desktop\Shortcut_Module.exe
2014-05-16 22:40 - 2014-05-16 15:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 22:37 - 2014-05-15 22:20 - 00000000 ____D () C:\zoek_backup
2014-05-16 15:54 - 2014-05-16 15:54 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 15:15 - 2014-05-16 15:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lucca\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 14:48 - 2014-05-16 14:48 - 00002399 _____ () C:\Users\Lucca\Desktop\ZHPFixReport.txt
2014-05-16 14:48 - 2014-05-16 13:22 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\ZHP
2014-05-16 14:06 - 2014-05-16 14:06 - 00038081 _____ () C:\Users\Lucca\Desktop\ZHPDiag.txt
2014-05-16 14:05 - 2014-05-16 13:22 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-16 13:22 - 2014-05-16 13:22 - 00001993 _____ () C:\Users\Lucca\Desktop\ZHPFix.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00001866 _____ () C:\Users\Lucca\Desktop\ZHPDiag.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-16 13:21 - 2014-05-16 13:20 - 06778102 _____ (Nicolas Coolman ) C:\Users\Lucca\Downloads\ZHPDiag2.exe
2014-05-16 12:57 - 2014-05-16 12:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-16 06:11 - 2014-05-16 06:11 - 01016261 _____ (Thisisu) C:\Users\Lucca\Downloads\JRT (1).exe
2014-05-15 23:03 - 2012-12-09 17:26 - 00000000 ____D () C:\Users\Lucca\AppData\Local\CrashDumps
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 22:57 - 2014-05-15 22:56 - 00000000 ____D () C:\AdwCleaner
2014-05-15 22:55 - 2014-05-15 22:55 - 01325827 _____ () C:\Users\Lucca\Desktop\AdwCleaner (1).exe
2014-05-15 22:42 - 2013-01-31 22:31 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 22:38 - 2014-05-15 22:22 - 00023348 _____ () C:\zoek-results.log
2014-05-15 22:30 - 2012-12-01 15:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 22:22 - 2014-05-15 22:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 22:20 - 2014-05-15 22:20 - 01285120 _____ () C:\Users\Lucca\Downloads\zoek.exe
2014-05-15 21:07 - 2014-05-15 21:06 - 00086858 _____ () C:\Users\Lucca\Desktop\Extras.Txt
2014-05-15 21:05 - 2014-05-15 21:05 - 00124118 _____ () C:\Users\Lucca\Desktop\OTL.Txt
2014-05-15 21:01 - 2014-05-15 21:01 - 00058402 _____ () C:\Users\Lucca\Downloads\OTL.Txt
2014-05-15 21:00 - 2014-05-15 21:00 - 00045348 _____ () C:\Users\Lucca\Downloads\Extras.Txt
2014-05-15 20:57 - 2014-05-15 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lucca\Desktop\OTL.exe
2014-05-15 20:55 - 2014-05-15 20:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\MicrosoftFixit.WinSecurity.LB.148323628781154625.1.1.Run.exe
2014-05-15 20:39 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 05:59 - 2013-08-18 16:41 - 00000000 ____D () C:\Users\Lucca\Desktop\L2
2014-05-15 04:25 - 2014-05-14 23:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\69375366.sys
2014-05-14 23:02 - 2012-11-20 19:17 - 00000000 ___RD () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 22:16 - 2014-05-14 22:12 - 136723680 _____ () C:\Users\Lucca\Downloads\setup_11.0.1.1245.x01_2014_05_15_04_26.exe
2014-05-13 22:22 - 2014-05-13 22:22 - 00008966 _____ () C:\Users\Lucca\Downloads\pista da hot wheels 5.Challenge.Gbx
2014-05-13 21:53 - 2012-11-21 20:23 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth (Latin America)
2014-05-13 21:40 - 2014-05-13 21:40 - 00128360 _____ () C:\Users\Lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 21:34 - 2012-11-20 19:14 - 00000000 ____D () C:\Users\Lucca
2014-05-13 21:33 - 2013-01-31 22:30 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 21:33 - 2013-01-31 22:30 - 00003810 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-13 21:33 - 2012-11-14 14:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-13 21:30 - 2013-03-01 17:56 - 00001924 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-13 21:30 - 2013-03-01 17:56 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-05-13 21:29 - 2009-07-14 01:45 - 05088704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-13 21:28 - 2014-02-19 15:43 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-13 21:28 - 2012-11-20 19:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-13 21:28 - 2012-11-14 13:27 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-13 21:28 - 2012-11-14 13:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-13 21:28 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-13 21:28 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 21:27 - 2013-01-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 21:27 - 2012-12-21 10:31 - 00000000 ____D () C:\Program Files (x86)\Lineage II
2014-05-13 21:27 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-13 21:26 - 2012-11-14 13:20 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\spp
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2014-05-13 21:25 - 2013-02-01 16:22 - 00000000 ___HD () C:\W7P_Backups
2014-05-13 21:25 - 2012-11-20 19:43 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Skype
2014-05-13 20:12 - 2014-05-13 20:12 - 00004002 _____ () C:\Personalization_Panel_Undo.log
2014-05-13 19:21 - 2014-05-13 19:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-13 16:07 - 2014-05-13 15:58 - 00000000 ____D () C:\Users\Todos os Usuários\TrackMania
2014-05-13 16:07 - 2014-05-13 15:58 - 00000000 ____D () C:\ProgramData\TrackMania
2014-05-10 13:19 - 2014-05-10 13:19 - 00146918 _____ () C:\Users\Lucca\Downloads\resources_OmenJeraziah (1).rar
2014-05-04 15:01 - 2014-05-04 15:01 - 03443946 _____ () C:\Users\Lucca\Downloads\resources_GuardinCovenantBubbles.rar
2014-05-03 20:21 - 2014-05-03 20:21 - 00013789 _____ () C:\Users\Lucca\Downloads\FullSpeed #001.Challenge.Gbx
2014-04-30 19:49 - 2014-04-30 19:49 - 00000000 ____D () C:\Users\Lucca\Documents\Gunz2
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft OneDrive
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-28 22:09 - 2014-04-28 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-28 21:44 - 2014-04-28 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-28 21:44 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-28 21:10 - 2012-11-20 19:17 - 00000000 ____D () C:\Users\Lucca\AppData\Local\VirtualStore
2014-04-28 21:06 - 2014-04-28 21:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-28 21:03 - 2014-04-28 21:03 - 00963800 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\Setup.X86.pt-BR_O365HomePremRetail_934c1b3c-717f-4a6c-8b74-c4e962c62ea2_TX_PR_.exe
2014-04-26 16:39 - 2014-04-26 16:38 - 00014138 _____ () C:\Users\Lucca\Downloads\resources_ApolloArtillery.rar
2014-04-26 13:30 - 2014-04-26 13:30 - 00215203 _____ () C:\Users\Lucca\Downloads\resources_FocusPocus.rar
2014-04-25 19:04 - 2014-04-25 19:04 - 00475370 _____ () C:\Users\Lucca\Downloads\resourcesFocusPocus.s2z
2014-04-24 22:11 - 2014-04-24 22:08 - 00000000 ____D () C:\LinhaDefensiva
2014-04-24 22:08 - 2014-04-24 22:08 - 00178597 _____ (Igor Pavlov) C:\Users\Lucca\Downloads\bankerfix (1).exe
2014-04-24 21:46 - 2013-11-24 16:23 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\TS3Client
2014-04-23 22:00 - 2013-12-29 09:20 - 00000000 ____D () C:\Users\Lucca\Desktop\ZumbiBlock
2014-04-23 18:12 - 2014-04-18 09:24 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-04-21 20:04 - 2010-11-21 06:37 - 00703580 _____ () C:\Windows\system32\prfh0416.dat
2014-04-21 20:04 - 2010-11-21 06:37 - 00146366 _____ () C:\Windows\system32\prfc0416.dat
2014-04-21 20:04 - 2009-07-14 02:13 - 01628224 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 15:44 - 2013-10-22 19:17 - 00000000 ____D () C:\Users\Lucca\Desktop\HoN Modifications
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2013-10-25 23:34 - 00001931 _____ () C:\Users\Lucca\Desktop\Heroes of Newerth.lnk
2014-04-18 09:28 - 2013-04-16 21:44 - 00000000 ____D () C:\Users\Lucca\Documents\Heroes of Newerth
2014-04-18 06:02 - 2014-04-18 01:12 - 1998326696 _____ () C:\Users\Lucca\Downloads\HoNClient-3.2.7.exe
2014-04-17 22:18 - 2014-04-16 20:36 - 00000000 ____D () C:\Users\Lucca\Downloads\Project2
2014-04-17 16:29 - 2014-04-17 16:29 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe
2014-04-17 16:29 - 2014-04-17 16:15 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-04-17 16:27 - 2014-04-17 16:27 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe
2014-04-17 16:10 - 2014-04-17 16:08 - 08392456 _____ () C:\Users\Lucca\Downloads\TBear-v2.exe
2014-04-17 16:07 - 2014-04-17 16:06 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-13 15:51

==================== End Of Log ============================
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Sab 17 Maio 2014, 14:27

Addition Log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lucca at 2014-05-17 14:24:34
Running from C:\Users\Lucca\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.1 - IObit)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1497.0 - AVAST Software)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5425 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.5425 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dell Bluetooth Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dxtory 2.0.109 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.109 - Dxtory Software)
F1 2012 (HKLM-x32\...\F1 2012_is1) (Version: - )
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Gerenciador de Downloads (HKCU\...\0dd67a782103f089) (Version: 0.9.3.40 - Level Up! Gerenciador)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6421.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lineage II (HKLM-x32\...\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}) (Version: 90.7.2281 - NCSoft)
Lineage II Gate (HKCU\...\Lineage II Gate) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.477 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Monitor da tecnologia Intel® Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Game Long Name (HKLM\...\UDK-c09f47ce-3fe0-4a07-ab66-df0979cfd2c7) (Version: - Epic Games, Inc.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outwars (HKLM-x32\...\Outwars) (Version: - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version: - )
Suporte para Aplicativos Apple (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Tibia (HKLM-x32\...\Tibia_is1) (Version: 8.60 - CipSoft GmbH)
Tibia MULTI-ip changer (HKLM-x32\...\TMIPC) (Version: - Asprate)
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)
VVVVVV (Window v1.0) (HKLM-x32\...\{423B39E8-0A8E-4522-BB0A-FCCF86479977}_is1) (Version: - Terry Cavanagh)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Disk Cleaner 7.74 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
X PROJECT Personalization Panel v1.4 (HKLM\...\W7Patcher_Personalization_Panel) (Version: v1.4 - Smarty)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Restore Points =========================

18-04-2014 12:25:08 DirectX instalado
29-04-2014 01:11:28 Ponto de Verificação Agendado
14-05-2014 00:20:50 Operação de restauração
16-05-2014 01:23:01 zoek.exe restore point
16-05-2014 16:58:14 ZHPFix Restore System Point
16-05-2014 17:48:17 ZHPFix Restore System Point

==================== Hosts content: ==========================

2014-03-03 13:43 - 2010-12-23 15:08 - 00000780 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04E4C1DE-8BCC-40A7-A598-62C0548AC31D} - System32\Tasks\{00A2AB9E-4506-4A7F-93C0-74D1D30A88F9} => C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe [2014-05-13] (S2 Games)
Task: {20447713-2BCF-4067-90A4-C274F43AB0BD} - \DealPly No Task File <==== ATTENTION
Task: {31877BDA-A35D-4EBC-B437-C37C85940BB2} - \RunAsStdUser No Task File <==== ATTENTION
Task: {67877349-7431-4A7A-A8E3-BA2DB4F0203D} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-01-15] (IObit)
Task: {694F8949-8606-42C1-97B5-ED3C22772610} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {984A284B-6FDB-425B-898F-C5F8E797EADE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {BA5E25C3-D3EA-4934-BA93-DFDDF6B5A999} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {CB674AAA-5A3C-4E67-99EF-D4E82EDA6273} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-14] (Adobe Systems Incorporated)
Task: {D4216EA0-AA4E-413B-962F-68D155D714F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {D95AA2D9-68AB-4C72-ADDB-9E1FA0D6BDCA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {EAD1E12E-6825-471C-81F6-2F39A51460F3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-11] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () C:\Windows\system32\slc.dll
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () C:\Windows\System32\slc.dll
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () c:\windows\system32\slc.dll
2014-04-28 21:04 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-28 21:04 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-06-06 16:55 - 2013-06-06 16:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-14 13:46 - 2012-01-26 20:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-11-14 18:45 - 2011-03-25 22:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-10 16:17 - 2013-05-10 16:17 - 04284976 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2014-05-17 09:12 - 2014-05-17 06:00 - 02292736 _____ () C:\Program Files\AVAST Software\Avast\defs\14051700\algo.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-12 11:29 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-02-12 11:29 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-02-12 11:29 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-02-12 11:28 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Windows\System32:D0D4D86B_Bb.gbp
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B
AlternateDataStreams: C:\Users\Lucca\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Lucca\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Advanced SystemCare 6 => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

==================== Faulty Device Manager Devices =============

Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2014 01:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x15b4
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3

Error: (05/17/2014 01:02:46 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (05/17/2014 01:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x18a8
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3

Error: (05/17/2014 01:01:38 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (05/17/2014 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0xbc8
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3

Error: (05/17/2014 01:00:20 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (05/17/2014 00:59:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2014 00:57:43 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (05/17/2014 00:48:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x828
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3

Error: (05/17/2014 00:48:51 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3


System errors:
=============
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Anti-Spam Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Proxy Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Network Agent foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee VirusScan Announcer foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Services foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Personal Firewall Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).

Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Anti-Spam Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Proxy Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Network Agent foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee VirusScan Announcer foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.


Microsoft Office Sessions:
=========================
Error: (05/17/2014 01:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd515b401cf71e9717ce4c5C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dllaf850e25-dddc-11e3-a201-7845c4fd51c6

Error: (05/17/2014 01:02:46 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3

Error: (05/17/2014 01:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd518a801cf71e948958caaC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dll8753d5ca-dddc-11e3-a201-7845c4fd51c6

Error: (05/17/2014 01:01:38 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3

Error: (05/17/2014 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd5bc801cf71e8bc744971C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dll5ac12b9e-dddc-11e3-a201-7845c4fd51c6

Error: (05/17/2014 01:00:20 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3

Error: (05/17/2014 00:59:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2014 00:57:43 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3

Error: (05/17/2014 00:48:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd582801cf71e77f8ed1a1C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dllbd9a938d-ddda-11e3-80e8-7845c4fd51c6

Error: (05/17/2014 00:48:51 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3


CodeIntegrity Errors:
===================================
Date: 2014-05-16 15:57:57.265
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-16 15:57:57.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-16 15:57:57.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-16 15:57:54.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-16 15:57:54.242
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-16 15:57:54.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 4003.89 MB
Available physical RAM: 2774 MB
Total Pagefile: 8005.08 MB
Available Pagefile: 6333.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:681.93 GB) (Free:547.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 38183161)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=682 GB) - (Type=07 NTFS)

==================== End Of Log ============================
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Sab 17 Maio 2014, 16:13

Estou analisando os relatórios do Farbar. Enquanto isto, tente executar este procedimento abaixo:

Acesse o site abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Execute o Nod32 Online seguindo as dicas deste artigo:

Tutorial do antivirus Nod32 Online

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt

Na sua próxima resposta poste este log do Nod32 Online.

Ficamos no aguardo de sua resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Sab 17 Maio 2014, 16:57

Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).

Execute o FRST64. Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta juntamente com o relatório do Nod32 Online pedido na postagem anterior.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 11:40

Bom dia novamente Power,

Antes de postar os logs queria te relatar um problema que aconteceu durante o processo de tantas tentativas de remoção do vírus.

Apesar de nao ser um erro tao grave, queria te informar sobre ele.



O meu pc perdeu a capacidade de "Suspender" segue o anexo abaixo:
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 11:52

Log FRST64:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Lucca at 2014-05-18 11:42:35 Run:1
Running from C:\Users\Lucca\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
SearchScopes: HKLM - DefaultScope value is missing.
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
ShortcutTarget: _uninst_69375366.lnk -> C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat (No File)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-11-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-14]
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-12-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
2014-05-17 09:39 - 2013-02-02 15:34 - 00000000 ____D () C:\Program Files (x86)\"Hao123.com"
2014-05-17 09:15 - 2012-12-19 13:44 - 00000000 ____D () C:\Program Files\Bonjour
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.477 - McAfee, Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Task: {20447713-2BCF-4067-90A4-C274F43AB0BD} - \DealPly No Task File <==== ATTENTION
Task: {31877BDA-A35D-4EBC-B437-C37C85940BB2} - \RunAsStdUser No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B
AlternateDataStreams: C:\Users\Lucca\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Lucca\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
end
*****************

C:\Windows\System32\mfevtps.exe => Failed to close process.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe => Failed to close process.
C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe => Failed to close process.
C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\PROTOCOLS\Filter\application/x-mfe-ipt => Key deleted successfully.
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Filter\application/x-mfe-ipt => Key not found.
HKCR\Wow6432Node\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60} => Value deleted successfully.

"C:\Program Files (x86)\Common Files\McAfee\SystemCore" directory move:

Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfeavfa.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfefwctl.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3_worker.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\rkscan.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptFF.js" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.gif" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\scriptff.js" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.xul" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore" directory. => Scheduled to move on reboot.

HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Value deleted successfully.

"C:\Program Files\McAfee\MSK" directory move:

Could not move "C:\Program Files\McAfee\MSK\chrome.manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\install.rdf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\masecore64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mcabimp.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmcnt.cab" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmcnt.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmupd.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcore64.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcshim.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskengn.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskjsres.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskLI.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskmisp.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskmisp.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskoeplg.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskola64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskoladd.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskplg64.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskppv.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskpxplg.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskres.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\MskSet.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\MskSet64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\msksrv.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\msksrvr.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskuc.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskuc.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskupd.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskwm.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskxagnt.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskxaif.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\oemcfg.xml" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\rptspam.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\rptspm64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\substLI.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\tbirdins.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\mas_ui_1" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\sentag.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\sentence.lut" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\tags.lut" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\rbl\5\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\rbl\5\rbl.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.rgx" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\config.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\core.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\core.rgx" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\custom.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\dometa.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\filter.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\main.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\overrides.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\phish.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\received.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\scoremapper.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\tlds.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\utils.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\components\msktbcl.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\chrome\msktbird_3.jar" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK" directory. => Scheduled to move on reboot.

McMPFSvc => Error deleting Service
mcmscsvc => Error deleting Service
McNaiAnn => Error deleting Service
McNASvc => Error deleting Service
McODS => Error deleting Service
McProxy => Error deleting Service
McShield => Unable to stop service
McShield => Error deleting Service
mfefire => Unable to stop service
mfefire => Error deleting Service
mfevtp => Unable to stop service
mfevtp => Error deleting Service
MSK80Service => Error deleting Service
cfwids => Service deleted successfully.
HipShieldK => Service deleted successfully.
mfeapfk => Unable to stop service
mfeapfk => Error deleting Service
mfeavfk => Unable to stop service
mfeavfk => Error deleting Service
mfeavfk01 => Service deleted successfully.
mfefirek => Unable to stop service
mfefirek => Error deleting Service
mfehidk => Unable to stop service
mfehidk => Error deleting Service
mferkdet => Error deleting Service
mfewfpk => Unable to stop service
mfewfpk => Error deleting Service
"C:\Program Files (x86)\"Hao123.com"" => File/Directory not found.
C:\Program Files\Bonjour => Moved successfully.
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} => The item is protected. Make sure the software is uninstalled and its services is removed.
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} => The item is protected. Make sure the software is uninstalled and its services is removed.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20447713-2BCF-4067-90A4-C274F43AB0BD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20447713-2BCF-4067-90A4-C274F43AB0BD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31877BDA-A35D-4EBC-B437-C37C85940BB2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31877BDA-A35D-4EBC-B437-C37C85940BB2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser => Key deleted successfully.
C:\ProgramData => ":NT" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\Todos os Usuários" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Dados de aplicativos" => ":NT" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\Temp => ":6BE50C2B" ADS removed successfully.
"C:\Users\Lucca\Dados de aplicativos" => ":NT" ADS not found.
C:\Users\Lucca\AppData\Roaming => ":NT" ADS removed successfully.
"C:\Users\Todos os Usuários\Application Data" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\Dados de aplicativos" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\Temp" => ":6BE50C2B" ADS not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefire => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp => Key deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-05-18 11:50:03)<=

C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfeavfa.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfefwctl.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3_worker.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\rkscan.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptFF.js => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.gif => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\scriptff.js => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.xul => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore => Moved successfully.
"C:\Program Files\McAfee\MSK\chrome.manifest" => File could not move.
"C:\Program Files\McAfee\MSK\install.rdf" => File could not move.
"C:\Program Files\McAfee\MSK\masecore64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mcabimp.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmcnt.cab" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmcnt.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmupd.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcore64.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcshim.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskengn.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskjsres.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskLI.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskmisp.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskmisp.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskoeplg.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskola64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskoladd.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskplg64.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskppv.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskpxplg.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskres.dll" => File could not move.
"C:\Program Files\McAfee\MSK\MskSet.dll" => File could not move.
"C:\Program Files\McAfee\MSK\MskSet64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\msksrv.inf" => File could not move.
"C:\Program Files\McAfee\MSK\msksrvr.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskuc.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskuc.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskupd.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskwm.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskxagnt.exe" => File could not move.
"C:\Program Files\McAfee\MSK\mskxaif.dll" => File could not move.
"C:\Program Files\McAfee\MSK\oemcfg.xml" => File could not move.
"C:\Program Files\McAfee\MSK\rptspam.dll" => File could not move.
"C:\Program Files\McAfee\MSK\rptspm64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\substLI.inf" => File could not move.
"C:\Program Files\McAfee\MSK\tbirdins.dll" => File could not move.
"C:\Program Files\McAfee\MSK\Config\mas_ui_1" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\sentag.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\sentence.lut" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\tags.lut" => File could not move.
"C:\Program Files\McAfee\MSK\Config\rbl\5\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\rbl\5\rbl.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.rgx" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\config.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\core.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\core.rgx" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\custom.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\dometa.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\filter.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\main.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\overrides.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\phish.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\received.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\scoremapper.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\tlds.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\utils.lua" => File could not move.
"C:\Program Files\McAfee\MSK\components\msktbcl.dll" => File could not move.
"C:\Program Files\McAfee\MSK\chrome\msktbird_3.jar" => File could not move.
"C:\Program Files\McAfee\MSK" => Directory could not move.

==== End of Fixlog ====
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Dom 18 Maio 2014, 12:00

Você executou o Nod32 online como te passei? se tiver executado poste o log dele também para análise.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 13:30

Estou executando ele no momento, ja posto o log.

Mas o problema do computador nao ter mais o modo de suspençao aconteceu em decorrencia do virus ou de sua respectiva de remoçao?.
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Dom 18 Maio 2014, 13:31

Estes malwares alteram várias coisas no registro do Windows, o que pode causar este e outros problemas. Vamos ver se com a retirada dos vírus os problemas vão embora junto com eles.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 14:56

log.txt



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=35220ecb8a1e8342900e83a261a02d73
# engine=18312
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-18 05:50:55
# local_time=2014-05-18 02:50:55 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 18174404 176230927 0 0
# compatibility_mode=5122 16777213 100 88 29508801 148289251 0 0
# compatibility_mode=5893 16776574 100 94 29508756 151982505 0 0
# scanned=245615
# found=36
# cleaned=36
# scan_time=8650
sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe"
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat"
sh=78D39055963B638142A26F6A1CA0858557F1553D ft=1 fh=22097666a78966a3 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"
sh=E51D31466DA5738E4D029C788B93EF7D428648A3 ft=1 fh=5cf3f026d273c9eb vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"
sh=D3DF3B07ECA2121949D1C17AC957D0117072E4B6 ft=1 fh=dbddf532259a68ab vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\ccsetup324.exe"
sh=A285B6AB3A4B305D62BD64167DDCF20CBC334A1E ft=1 fh=8ef37e04d274dcbb vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\CheatEngine63.exe"
sh=DE920743BEC3CC62C146EBCB49F535C6A11CEFD3 ft=1 fh=608d746846f76de3 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\game-booster-35-baixaki-32-bits.exe"
sh=754ED33B7F3BBDE6E05AE6FD5767C50F32C59B13 ft=1 fh=6263762a569d5de0 vn="a variant of Win32/InstallCore.AF potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\mz-game-accelerator-1-1-0-en-win-setup.exe"
sh=E97F49CF755006D1C20CE2B4158D4A74361D7440 ft=1 fh=384c5c3746f76de3 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\winrar-420-baixaki-32-bits.exe"
sh=5BCBA1C25D5BEB2AD67A91FD407CF2D36710901A ft=1 fh=00640f97360e4fc8 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\PhotoScapee\PhotoScape_V3.6.3.exe"
sh=AF9C5CB72E9C0BB6D8AB0BCCA1C2FAA55CCDDCE2 ft=0 fh=0000000000000000 vn="Win32/Keygen.HU potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\Vegas\SVP 11 i7.rar"
sh=131570445D6E0DCCC0BCB04F80570F25AFB894FE ft=1 fh=6255ad7170b21b1e vn="a variant of Win32/HackTool.Inject.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\war\Winject.exe"
sh=ACC01DDA32E4EF801BEA7265ACE2C7C3BF0F3BAC ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Inject.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\war\Winject.rar"
sh=A42B53D7A2DAF356969D5961AA7D0533BDF0FDC9 ft=1 fh=0cc57f0d3f7428e3 vn="Win32/HackTool.Crack.M potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Tibia\ElfCrack.exe"
sh=011811A08D4EE49BD60E4E7F1C9DC4BAAD40FAAF ft=1 fh=13029dce81e57bd0 vn="a variant of Win32/InstallCore.AZ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Utilidades\950502_SlimDrivers-DW.exe"
sh=3CFFA088D9BC2BB2E57F5777F561133202A385BA ft=1 fh=a8bc6723eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\advanced-systemcare-619221-baixaki-32-bits.exe"
sh=C06F4564CB4251CAE2D8EF99BC1ED461A799626F ft=1 fh=fac5f2f2f4c4c1be vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\asc-setup.exe"
sh=4F7B0EEDAA8F96CDE4A05909FED0A37B2E83C6CD ft=1 fh=567a13cfe4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\audacity-203-baixaki-32-bits.exe"
sh=CC0F7CAA0683D028B0CDA6E265246546D1F07549 ft=1 fh=4dd94c23ca901d44 vn="MSIL/Solimba.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\avast.exe"
sh=F262D8F708F1E29C62BCF7A6876601B27A8A47CB ft=1 fh=c67285a7eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\daemon-tools-lite-44610328-baixaki-32-bits.exe"
sh=BECBC8A4096CAD30C091DC83533D829EBC23814D ft=1 fh=48c9390da8713cae vn="Win32/DownWare.L potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\DTLite4461-0328.exe"
sh=C4F0E4BD6F6B25918C7C89153A01A5D09B70D6C5 ft=1 fh=7f8e6b47eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\fraps-359-baixaki-32-bits (1).exe"
sh=2AB0EB6FF47DBA3D27A804BF5C646C3933897738 ft=1 fh=ad6a125cd449c7d0 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hamachi²-210374-32-bits.exe"
sh=20BA0E7DA38707664DD7A58F4A87F656E81A291F ft=1 fh=336e32bbeaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hd-tune-pro-500-baixaki-32-bits.exe"
sh=C91529398B2156A5703D2AF637D882EB3F5BBFD4 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe"
sh=C6957E4CC1A0E904A65B930F131B2761D58991A3 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe"
sh=424243697B1909C0CDED0EBF9552F490BFDB75FD ft=1 fh=af768ae3eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\msi-afterburner-231-baixaki-32-bits.exe"
sh=490FE7FC087756CDB58788C126EDD8629601C09A ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\powerstrip-390-build-712-32-bits.exe"
sh=EA2D67EF0D45E8119357771ABD428056946584C6 ft=1 fh=5b0170507ab1d346 vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\speccy-122536-32-bits.exe"
sh=B8895BB21261766F960D2B6D5F22B0DD7A818812 ft=1 fh=fd6c520b6b39aef5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\spsetup122_536.exe"
sh=28C1782B73F01B71E653BCBA3FFBE06C574F7DD7 ft=1 fh=3cea4d0feaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\trackmania-nations-forever--baixaki-32-bits (1).exe"
sh=28C1782B73F01B71E653BCBA3FFBE06C574F7DD7 ft=1 fh=3cea4d0feaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\trackmania-nations-forever--baixaki-32-bits.exe"
sh=516432369E1E4974BBFC0F70E922B1735EF740F6 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe"
sh=FAD8931750B9F778F5C2C870219A8734B31A35E3 ft=1 fh=55b183798df9139a vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\utorrent-323-build-28705-baixaki-32-bits (1).exe"
sh=FAD8931750B9F778F5C2C870219A8734B31A35E3 ft=1 fh=55b183798df9139a vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\utorrent-323-build-28705-baixaki-32-bits.exe"
sh=1716FE9A2A698BE48053918584177213BEE2F0A4 ft=1 fh=136221bcdc008b1d vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_Lucca_Downloads_749-HSS-install-hss-391-conduit.exe.vir"
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Dom 18 Maio 2014, 15:04

O problema ainda está aparecendo? Em quais navegadores ele aparece?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 15:13

Os processos que ele mais aparece sao os seguintes:

svchost.exe
chrome.exe
launcher.exe
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Dom 18 Maio 2014, 15:29

Sim, mas em quais navegadores o problema da URL maliciosa ocorre?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 15:47

Google Chrome
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Dom 18 Maio 2014, 15:49

Execute novamente o OTL (como você fez no início de seu tópico) e poste aqui os novos relatórios dele para podermos analisar.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Dom 18 Maio 2014, 15:49

Esse é a detecção mais comum do mesmo.
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Power Max em Dom 18 Maio 2014, 16:09

sim, poste os novos logs do OTL para vermos como está a situação.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por UCshot em Seg 19 Maio 2014, 20:50

OLG LOG



OTL logfile created on: 19/05/2014 20:40:08 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucca\Desktop
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,91 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 69,25% Memory free
7,82 Gb Paging File | 6,11 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): c:\pagefile.sys 4003 20009 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681,93 Gb Total Space | 545,71 Gb Free Space | 80,02% Space Free | Partition Type: NTFS

Computer Name: LUCCA-PC | User Name: Lucca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/05/15 20:57:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
PRC - [2013/08/30 04:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 04:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/06 16:55:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2013/05/10 16:17:33 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013/01/15 17:47:28 | 000,703,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2013/01/15 17:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/02/16 14:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2012/01/27 15:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2012/01/26 20:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011/09/24 17:43:40 | 000,534,016 | ---- | M] (Dxtory Software) -- C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe
PRC - [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/10 16:17:33 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2013/01/15 17:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
MOD - [2013/01/15 17:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
MOD - [2013/01/15 17:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
MOD - [2013/01/15 17:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
MOD - [2012/11/26 14:32:47 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a3ffdc1316821b5ceb32c9a788334329\System.Xaml.ni.dll
MOD - [2012/11/26 14:32:33 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\613ca3fba5bbcf6e9346170c9c2e4e65\System.WorkflowServices.ni.dll
MOD - [2012/11/26 14:32:18 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\01a1449b79d76e7cf39438cdd55cefbf\System.ServiceModel.Web.ni.dll
MOD - [2012/11/26 14:32:14 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
MOD - [2012/11/26 14:31:30 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2012/11/26 14:31:13 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\92422bb40324d57ccd11c1cd9d50d8cf\System.IdentityModel.ni.dll
MOD - [2012/11/26 14:31:12 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
MOD - [2012/11/26 14:31:10 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\64ef7169e1266b6a98131b82bddd234b\System.ServiceModel.ni.dll
MOD - [2012/11/26 14:31:10 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
MOD - [2012/11/14 19:12:24 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012/11/14 13:42:27 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\813a0913bea1269e48613509609e72b4\PresentationFramework.ni.dll
MOD - [2012/11/14 13:42:18 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8244412387a82c0acd3d63622e22cef5\PresentationCore.ni.dll
MOD - [2012/11/14 13:42:16 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9211f2faac02f0082b201a95731736c4\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 13:42:12 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\44a7d2597981a82da8b9e3e2298602de\System.Core.ni.dll
MOD - [2012/11/14 13:42:09 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\419103071a5a5d17738afbe9dd03d58a\System.Xml.ni.dll
MOD - [2012/11/14 13:42:07 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9dacf8a5033dfbcb435be166d2f42cdf\WindowsBase.ni.dll
MOD - [2012/11/14 13:42:06 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\17bfc7131aca3a393f430121f79307bd\System.Drawing.ni.dll
MOD - [2012/11/14 13:42:05 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\4844dd28e0611d1ebd1e449fe822c2a5\System.Configuration.ni.dll
MOD - [2012/11/14 13:42:04 | 009,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5286fe2d0167eb835a9f11025f1cb756\System.ni.dll
MOD - [2012/11/14 13:42:00 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
MOD - [2012/11/14 13:31:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 13:31:10 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2012/11/14 13:30:57 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2012/11/14 13:30:46 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2012/11/14 13:30:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2012/11/14 13:30:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2012/11/14 13:30:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2012/11/14 13:30:34 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2012/11/14 13:30:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2012/11/14 13:30:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2012/11/14 13:21:42 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2010/11/21 06:37:11 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2010/11/21 06:37:04 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.resources.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/03/30 03:43:28 | 002,211,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2012/12/26 09:52:34 | 000,182,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/12/26 09:49:32 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/12/26 09:47:40 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2014/05/13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/04/23 19:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/04/15 16:07:54 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/03/30 06:17:18 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe -- (BBSvc)
SRV - [2013/08/30 04:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/06/06 16:55:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2013/03/06 20:37:43 | 005,110,864 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/15 17:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/16 20:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2012/11/14 13:27:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/16 14:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/05/20 10:15:20 | 000,080,032 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [1999/12/31 21:00:00 | 000,322,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [1999/12/31 21:00:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/15 04:25:38 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\69375366.sys -- (69375366)
DRV:64bit: - [2014/03/24 17:12:06 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/08/30 04:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 04:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 04:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/30 04:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/08/30 04:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/08/30 04:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 04:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 04:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/06/26 14:19:03 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/02 15:34:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/12/26 09:52:44 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/12/26 09:51:24 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/12/26 09:50:48 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/12/26 09:49:42 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/12/26 09:49:00 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/12/26 09:48:30 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/14 19:12:35 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/11/14 19:12:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/11/14 19:12:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/12 11:22:50 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/16 13:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/05/20 11:15:34 | 000,282,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/05/20 10:15:34 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/05/20 10:15:34 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/05/20 10:15:34 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/05/20 10:15:34 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/05/20 10:15:34 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/05/20 10:15:32 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/05/17 03:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/01 00:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/01/12 21:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 21:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 21:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 06:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [1999/12/31 21:00:00 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [1999/12/31 21:00:00 | 000,541,184 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV - [2013/05/08 09:52:48 | 000,049,536 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2010/11/01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,BrowserMngr Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = C:\Windows\SysWOW64\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{22B788EC-E645-44CD-9889-0404060E62D2}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,BrowserMngr Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\..\SearchScopes\{22B788EC-E645-44CD-9889-0404060E62D2}: "URL" = [Você precisa estar registrado e conectado para ver este link.]


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = [Você precisa estar registrado e conectado para ver este link.]


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)


[2012/12/01 15:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Pesquisa do Google = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2010/12/23 15:08:04 | 000,000,780 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL File not found
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL File not found
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\URLREDIR.DLL ()
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Arquivos de Programas\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Arquivos de Programas\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIE.dll ()
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIE.dll ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll ()
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/16 22:57:01 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/18 12:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/05/18 11:53:15 | 000,000,000 | ---D | C] -- C:\Users\Lucca\Desktop\Vírus
[2014/05/17 14:21:21 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/17 14:19:47 | 002,067,456 | ---- | C] (Farbar) -- C:\Users\Lucca\Desktop\FRST64.exe
[2014/05/17 10:41:34 | 000,000,000 | ---D | C] -- C:\Pre_Scan
[2014/05/17 09:14:07 | 000,000,000 | ---D | C] -- C:\Shortcut_Module
[2014/05/16 15:55:01 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/16 15:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/16 15:54:43 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/16 15:54:43 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/16 15:54:42 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/16 15:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/16 15:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/16 13:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/05/16 13:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/05/16 13:22:08 | 000,000,000 | ---D | C] -- C:\Users\Lucca\AppData\Roaming\ZHP
[2014/05/16 12:57:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/15 23:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014/05/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014/05/15 22:57:00 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/15 22:56:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/15 22:39:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/05/15 22:32:54 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014/05/15 22:32:54 | 000,000,000 | ---D | C] -- C:\Users\Lucca\AppData\Local\Temp
[2014/05/15 22:20:44 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/05/15 20:57:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
[2014/05/14 23:02:22 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\69375366.sys
[2014/05/14 22:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/05/13 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/13 19:21:14 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/05/13 15:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2014/04/30 19:49:45 | 000,000,000 | ---D | C] -- C:\Users\Lucca\Documents\Gunz2
[2014/04/28 22:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/04/28 21:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/04/28 21:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/04/28 21:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/04/24 22:08:37 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/19 20:39:20 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/19 20:38:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/19 20:33:02 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/19 20:32:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/18 11:53:36 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/18 11:53:36 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/18 11:45:00 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2014/05/18 11:45:00 | 000,010,266 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2014/05/18 11:45:00 | 000,003,641 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2014/05/18 11:45:00 | 000,001,814 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2014/05/18 11:45:00 | 000,001,402 | ---- | M] () -- C:\Windows\SysWow64\drivers\gas.cer
[2014/05/18 11:44:51 | 3148,787,712 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/17 14:20:05 | 002,067,456 | ---- | M] (Farbar) -- C:\Users\Lucca\Desktop\FRST64.exe
[2014/05/16 22:40:25 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/15 22:42:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/15 22:22:01 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/05/15 20:57:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
[2014/05/15 04:25:38 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\69375366.sys
[2014/05/14 23:02:44 | 000,000,974 | ---- | M] () -- C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
[2014/05/13 21:30:50 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/05/13 21:30:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/05/13 21:29:19 | 005,088,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/21 20:04:19 | 001,628,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/21 20:04:19 | 000,703,580 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2014/04/21 20:04:19 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/21 20:04:19 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2014/04/21 20:04:19 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/15 22:32:55 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/05/14 23:02:44 | 000,000,974 | ---- | C] () -- C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
[2013/08/08 16:09:51 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/08/08 16:09:49 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2013/08/08 16:09:46 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013/06/29 14:58:34 | 000,000,105 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/06/06 19:58:13 | 000,011,776 | ---- | C] () -- C:\Users\Lucca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/06 16:55:12 | 000,291,096 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/06 16:55:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/02/24 17:44:58 | 000,524,288 | ---- | C] () -- C:\Program Files (x86)\HoNLatinClient-3.0.0.5.exe.a5hon
[2013/02/21 19:33:50 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012/11/28 19:25:56 | 000,007,632 | ---- | C] () -- C:\Users\Lucca\AppData\Local\Resmon.ResmonCfg
[2012/11/14 18:45:51 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/11/14 18:45:45 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/06/22 12:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\ESGScanner.sys

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/14 19:12:36 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/14 19:12:36 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/02/15 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\.minecraft
[2014/03/11 15:26:25 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Audacity
[2012/11/26 13:26:16 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Awesomium
[2013/02/10 11:04:04 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/04/21 14:20:01 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\com.shirogames.evoland
[2013/11/26 20:57:48 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\DAEMON Tools Lite
[2013/02/26 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\HD Tune Pro
[2012/12/19 15:55:29 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\IDT
[2013/07/23 00:22:06 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\IObit
[2013/05/10 19:15:20 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\LolClient
[2013/12/16 15:14:07 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\openvr
[2013/05/31 10:57:49 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\PhotoScape
[2013/02/12 13:56:39 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Publish Providers
[2013/10/04 13:07:21 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Riot Games
[2012/12/09 14:42:23 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\RotMG.Production
[2013/02/12 13:56:37 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Sony
[2013/12/26 18:24:04 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Tibia
[2014/04/24 21:46:17 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\TS3Client
[2014/05/17 09:47:36 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Unity
[2013/12/27 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\uTorrent
[2013/12/16 18:46:52 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Wise Disk Cleaner
[2014/05/16 14:48:43 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\ZHP

========== Purity Check ==========



< End of report >
avatar
UCshot
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: URL:Mal Thread Como remover?

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 2 de 3 Anterior  1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum