Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 68 usuários online :: 0 registrados, 0 invisíveis e 68 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
URL:Mal Thread Como remover?
3 participantes
Página 2 de 3
Página 2 de 3 • 1, 2, 3
Re: URL:Mal Thread Como remover?
Print do problema com o exemplo chrome.exe
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Desative temporariamente seu antivirus para evitar conflitos.
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Isso ocorreu ao tentar baixar o arquivo.
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
é porque você não fez o que te pedi:
Desative temporariamente seu antivirus para evitar conflitos.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Eu desativei ^^, consegui fazer o download, mais no meio do scan ocorre um erro:
"Usage variable content -> pre_scan.exe"*
*algo assim.
E o software para de funcionar
"Usage variable content -> pre_scan.exe"*
*algo assim.
E o software para de funcionar
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
Execute o Farbar seguindo as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
Execute o Farbar seguindo as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Power, vou rodar o programa agora, mais antes de tudo queria te perguntar uma coisa:
Cada programa que eu baixei indicado por você, ao executa-lo é como c o virus tivesse infectado o mesmo.
Por exemplo ao invez do processo ser por exemplo o chrome.exe, muda para JRB.exe(programa que voce me passou).
Queria saber se isso impacta no scan.
Grato,
Cada programa que eu baixei indicado por você, ao executa-lo é como c o virus tivesse infectado o mesmo.
Por exemplo ao invez do processo ser por exemplo o chrome.exe, muda para JRB.exe(programa que voce me passou).
Queria saber se isso impacta no scan.
Grato,
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
FRST Log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lucca (administrator) on LUCCA-PC on 17-05-2014 14:24:07
Running from C:\Users\Lucca\Desktop
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 1999-12-31] (IDT, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-10] ()
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-11-14] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
ShortcutTarget: _uninst_69375366.lnk -> C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL No File
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1389096 2013-05-23] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-11-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-14]
Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Docs) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]
CHR Extension: (Google Drive) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]
CHR Extension: (YouTube) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17]
CHR Extension: (Pesquisa do Google) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-05-17]
CHR Extension: (Gmail) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-02-12]
==================== Services (Whitelisted) =================
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [410152 2013-05-23] (GAS Tecnologia)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-12-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5110864 2013-03-06] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-06] ()
==================== Drivers (Whitelisted) ====================
R0 69375366; C:\Windows\System32\DRIVERS\69375366.sys [460888 2014-05-15] (Kaspersky Lab ZAO)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-26] (AVG Technologies)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 X6va011; No ImagePath
S3 X6va012; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-17 14:24 - 2014-05-17 14:24 - 00020358 _____ () C:\Users\Lucca\Desktop\FRST.txt
2014-05-17 14:21 - 2014-05-17 14:24 - 00000000 ____D () C:\FRST
2014-05-17 14:19 - 2014-05-17 14:20 - 02067456 _____ (Farbar) C:\Users\Lucca\Desktop\FRST64.exe
2014-05-17 10:42 - 2014-05-17 12:49 - 00029051 _____ () C:\Pre_Scan.txt
2014-05-17 10:41 - 2014-05-17 12:49 - 00000000 ____D () C:\Pre_Scan
2014-05-17 10:40 - 2014-05-17 10:40 - 02546688 _____ () C:\Users\Lucca\Desktop\Pre_Scan.exe
2014-05-17 10:37 - 2014-05-17 10:37 - 02388421 _____ () C:\Users\Lucca\Downloads\trz470E.tmp
2014-05-17 09:55 - 2014-05-17 09:55 - 00064656 _____ () C:\Users\Lucca\Desktop\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:20 - 2014-05-17 09:55 - 00064656 _____ () C:\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:14 - 2014-05-17 09:55 - 00000000 ____D () C:\Shortcut_Module
2014-05-17 09:12 - 2014-05-17 09:12 - 02560000 _____ () C:\Users\Lucca\Desktop\Shortcut_Module.exe
2014-05-16 15:55 - 2014-05-16 22:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 15:54 - 2014-05-16 15:54 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-16 15:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-16 15:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-16 15:14 - 2014-05-16 15:15 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lucca\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 14:48 - 2014-05-16 14:48 - 00002399 _____ () C:\Users\Lucca\Desktop\ZHPFixReport.txt
2014-05-16 14:06 - 2014-05-16 14:06 - 00038081 _____ () C:\Users\Lucca\Desktop\ZHPDiag.txt
2014-05-16 13:22 - 2014-05-16 14:48 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\ZHP
2014-05-16 13:22 - 2014-05-16 14:05 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-16 13:22 - 2014-05-16 13:22 - 00001993 _____ () C:\Users\Lucca\Desktop\ZHPFix.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00001866 _____ () C:\Users\Lucca\Desktop\ZHPDiag.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-16 13:20 - 2014-05-16 13:21 - 06778102 _____ (Nicolas Coolman ) C:\Users\Lucca\Downloads\ZHPDiag2.exe
2014-05-16 12:57 - 2014-05-16 12:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-16 06:11 - 2014-05-16 06:11 - 01016261 _____ (Thisisu) C:\Users\Lucca\Downloads\JRT (1).exe
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 22:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-15 22:56 - 2014-05-15 22:57 - 00000000 ____D () C:\AdwCleaner
2014-05-15 22:55 - 2014-05-15 22:55 - 01325827 _____ () C:\Users\Lucca\Desktop\AdwCleaner (1).exe
2014-05-15 22:32 - 2014-05-15 22:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 22:22 - 2014-05-15 22:38 - 00023348 _____ () C:\zoek-results.log
2014-05-15 22:20 - 2014-05-16 22:37 - 00000000 ____D () C:\zoek_backup
2014-05-15 22:20 - 2014-05-15 22:20 - 01285120 _____ () C:\Users\Lucca\Downloads\zoek.exe
2014-05-15 21:06 - 2014-05-15 21:07 - 00086858 _____ () C:\Users\Lucca\Desktop\Extras.Txt
2014-05-15 21:05 - 2014-05-15 21:05 - 00124118 _____ () C:\Users\Lucca\Desktop\OTL.Txt
2014-05-15 21:01 - 2014-05-15 21:01 - 00058402 _____ () C:\Users\Lucca\Downloads\OTL.Txt
2014-05-15 21:00 - 2014-05-15 21:00 - 00045348 _____ () C:\Users\Lucca\Downloads\Extras.Txt
2014-05-15 20:57 - 2014-05-15 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lucca\Desktop\OTL.exe
2014-05-15 20:55 - 2014-05-15 20:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\MicrosoftFixit.WinSecurity.LB.148323628781154625.1.1.Run.exe
2014-05-14 23:02 - 2014-05-15 04:25 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\69375366.sys
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 22:12 - 2014-05-14 22:16 - 136723680 _____ () C:\Users\Lucca\Downloads\setup_11.0.1.1245.x01_2014_05_15_04_26.exe
2014-05-13 22:22 - 2014-05-13 22:22 - 00008966 _____ () C:\Users\Lucca\Downloads\pista da hot wheels 5.Challenge.Gbx
2014-05-13 21:40 - 2014-05-13 21:40 - 00128360 _____ () C:\Users\Lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 20:12 - 2014-05-13 20:12 - 00004002 _____ () C:\Personalization_Panel_Undo.log
2014-05-13 19:21 - 2014-05-13 19:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-13 15:58 - 2014-05-13 16:07 - 00000000 ____D () C:\Users\Todos os Usuários\TrackMania
2014-05-13 15:58 - 2014-05-13 16:07 - 00000000 ____D () C:\ProgramData\TrackMania
2014-05-10 13:19 - 2014-05-10 13:19 - 00146918 _____ () C:\Users\Lucca\Downloads\resources_OmenJeraziah (1).rar
2014-05-04 15:01 - 2014-05-04 15:01 - 03443946 _____ () C:\Users\Lucca\Downloads\resources_GuardinCovenantBubbles.rar
2014-05-03 20:21 - 2014-05-03 20:21 - 00013789 _____ () C:\Users\Lucca\Downloads\FullSpeed #001.Challenge.Gbx
2014-04-30 19:49 - 2014-04-30 19:49 - 00000000 ____D () C:\Users\Lucca\Documents\Gunz2
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft OneDrive
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-28 21:44 - 2014-04-28 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-28 21:13 - 2014-04-28 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-28 21:04 - 2014-04-28 21:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-28 21:03 - 2014-04-28 21:03 - 00963800 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\Setup.X86.pt-BR_O365HomePremRetail_934c1b3c-717f-4a6c-8b74-c4e962c62ea2_TX_PR_.exe
2014-04-26 16:38 - 2014-04-26 16:39 - 00014138 _____ () C:\Users\Lucca\Downloads\resources_ApolloArtillery.rar
2014-04-26 13:30 - 2014-04-26 13:30 - 00215203 _____ () C:\Users\Lucca\Downloads\resources_FocusPocus.rar
2014-04-25 19:04 - 2014-04-25 19:04 - 00475370 _____ () C:\Users\Lucca\Downloads\resourcesFocusPocus.s2z
2014-04-24 22:08 - 2014-04-24 22:11 - 00000000 ____D () C:\LinhaDefensiva
2014-04-24 22:08 - 2014-04-24 22:08 - 00178597 _____ (Igor Pavlov) C:\Users\Lucca\Downloads\bankerfix (1).exe
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:24 - 2014-04-23 18:12 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-04-18 01:12 - 2014-04-18 06:02 - 1998326696 _____ () C:\Users\Lucca\Downloads\HoNClient-3.2.7.exe
2014-04-17 16:29 - 2014-04-17 16:29 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe
2014-04-17 16:27 - 2014-04-17 16:27 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe
2014-04-17 16:15 - 2014-04-17 16:29 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-04-17 16:08 - 2014-04-17 16:10 - 08392456 _____ () C:\Users\Lucca\Downloads\TBear-v2.exe
2014-04-17 16:06 - 2014-04-17 16:07 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe
==================== One Month Modified Files and Folders =======
2014-05-17 14:24 - 2014-05-17 14:24 - 00020358 _____ () C:\Users\Lucca\Desktop\FRST.txt
2014-05-17 14:24 - 2014-05-17 14:21 - 00000000 ____D () C:\FRST
2014-05-17 14:24 - 2013-05-10 16:17 - 00000000 ____D () C:\Users\Lucca\AppData\Local\PMB Files
2014-05-17 14:22 - 2012-11-14 13:27 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-17 14:20 - 2014-05-17 14:19 - 02067456 _____ (Farbar) C:\Users\Lucca\Desktop\FRST64.exe
2014-05-17 14:14 - 2013-01-31 23:16 - 00000000 ____D () C:\Users\Lucca\Documents\TrackMania
2014-05-17 13:40 - 2012-11-14 13:21 - 01368985 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 13:38 - 2013-01-31 22:30 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 13:05 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:05 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:01 - 2013-07-19 23:58 - 00000000 ____D () C:\Users\Lucca\AppData\Local\LogMeIn Hamachi
2014-05-17 13:01 - 2012-12-03 20:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-17 12:59 - 2013-01-31 22:30 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-05-17 12:57 - 2014-01-17 11:14 - 00021870 _____ () C:\Windows\PFRO.log
2014-05-17 12:57 - 2013-12-29 15:21 - 00003558 _____ () C:\Windows\setupact.log
2014-05-17 12:57 - 2013-07-19 16:14 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-05-17 12:57 - 2013-07-19 16:14 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-05-17 12:57 - 2013-07-19 16:14 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-05-17 12:57 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 12:49 - 2014-05-17 10:42 - 00029051 _____ () C:\Pre_Scan.txt
2014-05-17 12:49 - 2014-05-17 10:41 - 00000000 ____D () C:\Pre_Scan
2014-05-17 10:40 - 2014-05-17 10:40 - 02546688 _____ () C:\Users\Lucca\Desktop\Pre_Scan.exe
2014-05-17 10:37 - 2014-05-17 10:37 - 02388421 _____ () C:\Users\Lucca\Downloads\trz470E.tmp
2014-05-17 09:55 - 2014-05-17 09:55 - 00064656 _____ () C:\Users\Lucca\Desktop\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:55 - 2014-05-17 09:20 - 00064656 _____ () C:\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:55 - 2014-05-17 09:14 - 00000000 ____D () C:\Shortcut_Module
2014-05-17 09:48 - 2013-08-17 08:01 - 00000000 ____D () C:\Users\Lucca\Desktop\SPY
2014-05-17 09:47 - 2013-04-07 12:29 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Unity
2014-05-17 09:47 - 2012-12-22 16:55 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Macrovision
2014-05-17 09:46 - 2013-04-07 12:22 - 00000000 ____D () C:\Users\Lucca\AppData\Local\Unity
2014-05-17 09:46 - 2013-02-19 18:12 - 00000000 ____D () C:\Users\Lucca\AppData\Local\SoftorinoUpdates
2014-05-17 09:41 - 2012-11-14 14:02 - 00000000 ____D () C:\Users\Todos os Usuários\Macrovision
2014-05-17 09:41 - 2012-11-14 14:02 - 00000000 ____D () C:\ProgramData\Macrovision
2014-05-17 09:39 - 2013-11-26 20:58 - 00000000 ____D () C:\Program Files (x86)\F1 2012
2014-05-17 09:39 - 2013-02-02 15:34 - 00000000 ____D () C:\Program Files (x86)\"Hao123.com"
2014-05-17 09:19 - 2012-11-14 14:03 - 00000000 ____D () C:\Users\Todos os Usuários\Sonic
2014-05-17 09:19 - 2012-11-14 14:03 - 00000000 ____D () C:\ProgramData\Sonic
2014-05-17 09:16 - 2013-03-01 17:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-17 09:15 - 2013-02-12 12:23 - 00000000 ____D () C:\Windows\rescache
2014-05-17 09:15 - 2012-12-19 13:44 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-17 09:12 - 2014-05-17 09:12 - 02560000 _____ () C:\Users\Lucca\Desktop\Shortcut_Module.exe
2014-05-16 22:40 - 2014-05-16 15:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 22:37 - 2014-05-15 22:20 - 00000000 ____D () C:\zoek_backup
2014-05-16 15:54 - 2014-05-16 15:54 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 15:15 - 2014-05-16 15:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lucca\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 14:48 - 2014-05-16 14:48 - 00002399 _____ () C:\Users\Lucca\Desktop\ZHPFixReport.txt
2014-05-16 14:48 - 2014-05-16 13:22 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\ZHP
2014-05-16 14:06 - 2014-05-16 14:06 - 00038081 _____ () C:\Users\Lucca\Desktop\ZHPDiag.txt
2014-05-16 14:05 - 2014-05-16 13:22 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-16 13:22 - 2014-05-16 13:22 - 00001993 _____ () C:\Users\Lucca\Desktop\ZHPFix.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00001866 _____ () C:\Users\Lucca\Desktop\ZHPDiag.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-16 13:21 - 2014-05-16 13:20 - 06778102 _____ (Nicolas Coolman ) C:\Users\Lucca\Downloads\ZHPDiag2.exe
2014-05-16 12:57 - 2014-05-16 12:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-16 06:11 - 2014-05-16 06:11 - 01016261 _____ (Thisisu) C:\Users\Lucca\Downloads\JRT (1).exe
2014-05-15 23:03 - 2012-12-09 17:26 - 00000000 ____D () C:\Users\Lucca\AppData\Local\CrashDumps
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 22:57 - 2014-05-15 22:56 - 00000000 ____D () C:\AdwCleaner
2014-05-15 22:55 - 2014-05-15 22:55 - 01325827 _____ () C:\Users\Lucca\Desktop\AdwCleaner (1).exe
2014-05-15 22:42 - 2013-01-31 22:31 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 22:38 - 2014-05-15 22:22 - 00023348 _____ () C:\zoek-results.log
2014-05-15 22:30 - 2012-12-01 15:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 22:22 - 2014-05-15 22:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 22:20 - 2014-05-15 22:20 - 01285120 _____ () C:\Users\Lucca\Downloads\zoek.exe
2014-05-15 21:07 - 2014-05-15 21:06 - 00086858 _____ () C:\Users\Lucca\Desktop\Extras.Txt
2014-05-15 21:05 - 2014-05-15 21:05 - 00124118 _____ () C:\Users\Lucca\Desktop\OTL.Txt
2014-05-15 21:01 - 2014-05-15 21:01 - 00058402 _____ () C:\Users\Lucca\Downloads\OTL.Txt
2014-05-15 21:00 - 2014-05-15 21:00 - 00045348 _____ () C:\Users\Lucca\Downloads\Extras.Txt
2014-05-15 20:57 - 2014-05-15 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lucca\Desktop\OTL.exe
2014-05-15 20:55 - 2014-05-15 20:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\MicrosoftFixit.WinSecurity.LB.148323628781154625.1.1.Run.exe
2014-05-15 20:39 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 05:59 - 2013-08-18 16:41 - 00000000 ____D () C:\Users\Lucca\Desktop\L2
2014-05-15 04:25 - 2014-05-14 23:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\69375366.sys
2014-05-14 23:02 - 2012-11-20 19:17 - 00000000 ___RD () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 22:16 - 2014-05-14 22:12 - 136723680 _____ () C:\Users\Lucca\Downloads\setup_11.0.1.1245.x01_2014_05_15_04_26.exe
2014-05-13 22:22 - 2014-05-13 22:22 - 00008966 _____ () C:\Users\Lucca\Downloads\pista da hot wheels 5.Challenge.Gbx
2014-05-13 21:53 - 2012-11-21 20:23 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth (Latin America)
2014-05-13 21:40 - 2014-05-13 21:40 - 00128360 _____ () C:\Users\Lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 21:34 - 2012-11-20 19:14 - 00000000 ____D () C:\Users\Lucca
2014-05-13 21:33 - 2013-01-31 22:30 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 21:33 - 2013-01-31 22:30 - 00003810 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-13 21:33 - 2012-11-14 14:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-13 21:30 - 2013-03-01 17:56 - 00001924 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-13 21:30 - 2013-03-01 17:56 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-05-13 21:29 - 2009-07-14 01:45 - 05088704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-13 21:28 - 2014-02-19 15:43 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-13 21:28 - 2012-11-20 19:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-13 21:28 - 2012-11-14 13:27 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-13 21:28 - 2012-11-14 13:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-13 21:28 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-13 21:28 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 21:27 - 2013-01-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 21:27 - 2012-12-21 10:31 - 00000000 ____D () C:\Program Files (x86)\Lineage II
2014-05-13 21:27 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-13 21:26 - 2012-11-14 13:20 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\spp
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2014-05-13 21:25 - 2013-02-01 16:22 - 00000000 ___HD () C:\W7P_Backups
2014-05-13 21:25 - 2012-11-20 19:43 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Skype
2014-05-13 20:12 - 2014-05-13 20:12 - 00004002 _____ () C:\Personalization_Panel_Undo.log
2014-05-13 19:21 - 2014-05-13 19:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-13 16:07 - 2014-05-13 15:58 - 00000000 ____D () C:\Users\Todos os Usuários\TrackMania
2014-05-13 16:07 - 2014-05-13 15:58 - 00000000 ____D () C:\ProgramData\TrackMania
2014-05-10 13:19 - 2014-05-10 13:19 - 00146918 _____ () C:\Users\Lucca\Downloads\resources_OmenJeraziah (1).rar
2014-05-04 15:01 - 2014-05-04 15:01 - 03443946 _____ () C:\Users\Lucca\Downloads\resources_GuardinCovenantBubbles.rar
2014-05-03 20:21 - 2014-05-03 20:21 - 00013789 _____ () C:\Users\Lucca\Downloads\FullSpeed #001.Challenge.Gbx
2014-04-30 19:49 - 2014-04-30 19:49 - 00000000 ____D () C:\Users\Lucca\Documents\Gunz2
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft OneDrive
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-28 22:09 - 2014-04-28 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-28 21:44 - 2014-04-28 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-28 21:44 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-28 21:10 - 2012-11-20 19:17 - 00000000 ____D () C:\Users\Lucca\AppData\Local\VirtualStore
2014-04-28 21:06 - 2014-04-28 21:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-28 21:03 - 2014-04-28 21:03 - 00963800 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\Setup.X86.pt-BR_O365HomePremRetail_934c1b3c-717f-4a6c-8b74-c4e962c62ea2_TX_PR_.exe
2014-04-26 16:39 - 2014-04-26 16:38 - 00014138 _____ () C:\Users\Lucca\Downloads\resources_ApolloArtillery.rar
2014-04-26 13:30 - 2014-04-26 13:30 - 00215203 _____ () C:\Users\Lucca\Downloads\resources_FocusPocus.rar
2014-04-25 19:04 - 2014-04-25 19:04 - 00475370 _____ () C:\Users\Lucca\Downloads\resourcesFocusPocus.s2z
2014-04-24 22:11 - 2014-04-24 22:08 - 00000000 ____D () C:\LinhaDefensiva
2014-04-24 22:08 - 2014-04-24 22:08 - 00178597 _____ (Igor Pavlov) C:\Users\Lucca\Downloads\bankerfix (1).exe
2014-04-24 21:46 - 2013-11-24 16:23 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\TS3Client
2014-04-23 22:00 - 2013-12-29 09:20 - 00000000 ____D () C:\Users\Lucca\Desktop\ZumbiBlock
2014-04-23 18:12 - 2014-04-18 09:24 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-04-21 20:04 - 2010-11-21 06:37 - 00703580 _____ () C:\Windows\system32\prfh0416.dat
2014-04-21 20:04 - 2010-11-21 06:37 - 00146366 _____ () C:\Windows\system32\prfc0416.dat
2014-04-21 20:04 - 2009-07-14 02:13 - 01628224 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 15:44 - 2013-10-22 19:17 - 00000000 ____D () C:\Users\Lucca\Desktop\HoN Modifications
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2013-10-25 23:34 - 00001931 _____ () C:\Users\Lucca\Desktop\Heroes of Newerth.lnk
2014-04-18 09:28 - 2013-04-16 21:44 - 00000000 ____D () C:\Users\Lucca\Documents\Heroes of Newerth
2014-04-18 06:02 - 2014-04-18 01:12 - 1998326696 _____ () C:\Users\Lucca\Downloads\HoNClient-3.2.7.exe
2014-04-17 22:18 - 2014-04-16 20:36 - 00000000 ____D () C:\Users\Lucca\Downloads\Project2
2014-04-17 16:29 - 2014-04-17 16:29 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe
2014-04-17 16:29 - 2014-04-17 16:15 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-04-17 16:27 - 2014-04-17 16:27 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe
2014-04-17 16:10 - 2014-04-17 16:08 - 08392456 _____ () C:\Users\Lucca\Downloads\TBear-v2.exe
2014-04-17 16:07 - 2014-04-17 16:06 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-13 15:51
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lucca (administrator) on LUCCA-PC on 17-05-2014 14:24:07
Running from C:\Users\Lucca\Desktop
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 1999-12-31] (IDT, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-10] ()
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-11-14] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
ShortcutTarget: _uninst_69375366.lnk -> C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL No File
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1389096 2013-05-23] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-11-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-14]
Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Docs) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]
CHR Extension: (Google Drive) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]
CHR Extension: (YouTube) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17]
CHR Extension: (Pesquisa do Google) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-05-17]
CHR Extension: (Gmail) - C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-02-12]
==================== Services (Whitelisted) =================
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [410152 2013-05-23] (GAS Tecnologia)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-12-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5110864 2013-03-06] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-06] ()
==================== Drivers (Whitelisted) ====================
R0 69375366; C:\Windows\System32\DRIVERS\69375366.sys [460888 2014-05-15] (Kaspersky Lab ZAO)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-26] (AVG Technologies)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 X6va011; No ImagePath
S3 X6va012; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-17 14:24 - 2014-05-17 14:24 - 00020358 _____ () C:\Users\Lucca\Desktop\FRST.txt
2014-05-17 14:21 - 2014-05-17 14:24 - 00000000 ____D () C:\FRST
2014-05-17 14:19 - 2014-05-17 14:20 - 02067456 _____ (Farbar) C:\Users\Lucca\Desktop\FRST64.exe
2014-05-17 10:42 - 2014-05-17 12:49 - 00029051 _____ () C:\Pre_Scan.txt
2014-05-17 10:41 - 2014-05-17 12:49 - 00000000 ____D () C:\Pre_Scan
2014-05-17 10:40 - 2014-05-17 10:40 - 02546688 _____ () C:\Users\Lucca\Desktop\Pre_Scan.exe
2014-05-17 10:37 - 2014-05-17 10:37 - 02388421 _____ () C:\Users\Lucca\Downloads\trz470E.tmp
2014-05-17 09:55 - 2014-05-17 09:55 - 00064656 _____ () C:\Users\Lucca\Desktop\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:20 - 2014-05-17 09:55 - 00064656 _____ () C:\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:14 - 2014-05-17 09:55 - 00000000 ____D () C:\Shortcut_Module
2014-05-17 09:12 - 2014-05-17 09:12 - 02560000 _____ () C:\Users\Lucca\Desktop\Shortcut_Module.exe
2014-05-16 15:55 - 2014-05-16 22:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 15:54 - 2014-05-16 15:54 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-16 15:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-16 15:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-16 15:14 - 2014-05-16 15:15 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lucca\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 14:48 - 2014-05-16 14:48 - 00002399 _____ () C:\Users\Lucca\Desktop\ZHPFixReport.txt
2014-05-16 14:06 - 2014-05-16 14:06 - 00038081 _____ () C:\Users\Lucca\Desktop\ZHPDiag.txt
2014-05-16 13:22 - 2014-05-16 14:48 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\ZHP
2014-05-16 13:22 - 2014-05-16 14:05 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-16 13:22 - 2014-05-16 13:22 - 00001993 _____ () C:\Users\Lucca\Desktop\ZHPFix.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00001866 _____ () C:\Users\Lucca\Desktop\ZHPDiag.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-16 13:20 - 2014-05-16 13:21 - 06778102 _____ (Nicolas Coolman ) C:\Users\Lucca\Downloads\ZHPDiag2.exe
2014-05-16 12:57 - 2014-05-16 12:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-16 06:11 - 2014-05-16 06:11 - 01016261 _____ (Thisisu) C:\Users\Lucca\Downloads\JRT (1).exe
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 22:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-15 22:56 - 2014-05-15 22:57 - 00000000 ____D () C:\AdwCleaner
2014-05-15 22:55 - 2014-05-15 22:55 - 01325827 _____ () C:\Users\Lucca\Desktop\AdwCleaner (1).exe
2014-05-15 22:32 - 2014-05-15 22:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 22:22 - 2014-05-15 22:38 - 00023348 _____ () C:\zoek-results.log
2014-05-15 22:20 - 2014-05-16 22:37 - 00000000 ____D () C:\zoek_backup
2014-05-15 22:20 - 2014-05-15 22:20 - 01285120 _____ () C:\Users\Lucca\Downloads\zoek.exe
2014-05-15 21:06 - 2014-05-15 21:07 - 00086858 _____ () C:\Users\Lucca\Desktop\Extras.Txt
2014-05-15 21:05 - 2014-05-15 21:05 - 00124118 _____ () C:\Users\Lucca\Desktop\OTL.Txt
2014-05-15 21:01 - 2014-05-15 21:01 - 00058402 _____ () C:\Users\Lucca\Downloads\OTL.Txt
2014-05-15 21:00 - 2014-05-15 21:00 - 00045348 _____ () C:\Users\Lucca\Downloads\Extras.Txt
2014-05-15 20:57 - 2014-05-15 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lucca\Desktop\OTL.exe
2014-05-15 20:55 - 2014-05-15 20:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\MicrosoftFixit.WinSecurity.LB.148323628781154625.1.1.Run.exe
2014-05-14 23:02 - 2014-05-15 04:25 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\69375366.sys
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 22:12 - 2014-05-14 22:16 - 136723680 _____ () C:\Users\Lucca\Downloads\setup_11.0.1.1245.x01_2014_05_15_04_26.exe
2014-05-13 22:22 - 2014-05-13 22:22 - 00008966 _____ () C:\Users\Lucca\Downloads\pista da hot wheels 5.Challenge.Gbx
2014-05-13 21:40 - 2014-05-13 21:40 - 00128360 _____ () C:\Users\Lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 20:12 - 2014-05-13 20:12 - 00004002 _____ () C:\Personalization_Panel_Undo.log
2014-05-13 19:21 - 2014-05-13 19:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-13 15:58 - 2014-05-13 16:07 - 00000000 ____D () C:\Users\Todos os Usuários\TrackMania
2014-05-13 15:58 - 2014-05-13 16:07 - 00000000 ____D () C:\ProgramData\TrackMania
2014-05-10 13:19 - 2014-05-10 13:19 - 00146918 _____ () C:\Users\Lucca\Downloads\resources_OmenJeraziah (1).rar
2014-05-04 15:01 - 2014-05-04 15:01 - 03443946 _____ () C:\Users\Lucca\Downloads\resources_GuardinCovenantBubbles.rar
2014-05-03 20:21 - 2014-05-03 20:21 - 00013789 _____ () C:\Users\Lucca\Downloads\FullSpeed #001.Challenge.Gbx
2014-04-30 19:49 - 2014-04-30 19:49 - 00000000 ____D () C:\Users\Lucca\Documents\Gunz2
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft OneDrive
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-28 21:44 - 2014-04-28 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-28 21:13 - 2014-04-28 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-28 21:04 - 2014-04-28 21:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-28 21:03 - 2014-04-28 21:03 - 00963800 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\Setup.X86.pt-BR_O365HomePremRetail_934c1b3c-717f-4a6c-8b74-c4e962c62ea2_TX_PR_.exe
2014-04-26 16:38 - 2014-04-26 16:39 - 00014138 _____ () C:\Users\Lucca\Downloads\resources_ApolloArtillery.rar
2014-04-26 13:30 - 2014-04-26 13:30 - 00215203 _____ () C:\Users\Lucca\Downloads\resources_FocusPocus.rar
2014-04-25 19:04 - 2014-04-25 19:04 - 00475370 _____ () C:\Users\Lucca\Downloads\resourcesFocusPocus.s2z
2014-04-24 22:08 - 2014-04-24 22:11 - 00000000 ____D () C:\LinhaDefensiva
2014-04-24 22:08 - 2014-04-24 22:08 - 00178597 _____ (Igor Pavlov) C:\Users\Lucca\Downloads\bankerfix (1).exe
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:24 - 2014-04-23 18:12 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-04-18 01:12 - 2014-04-18 06:02 - 1998326696 _____ () C:\Users\Lucca\Downloads\HoNClient-3.2.7.exe
2014-04-17 16:29 - 2014-04-17 16:29 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe
2014-04-17 16:27 - 2014-04-17 16:27 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe
2014-04-17 16:15 - 2014-04-17 16:29 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-04-17 16:08 - 2014-04-17 16:10 - 08392456 _____ () C:\Users\Lucca\Downloads\TBear-v2.exe
2014-04-17 16:06 - 2014-04-17 16:07 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe
==================== One Month Modified Files and Folders =======
2014-05-17 14:24 - 2014-05-17 14:24 - 00020358 _____ () C:\Users\Lucca\Desktop\FRST.txt
2014-05-17 14:24 - 2014-05-17 14:21 - 00000000 ____D () C:\FRST
2014-05-17 14:24 - 2013-05-10 16:17 - 00000000 ____D () C:\Users\Lucca\AppData\Local\PMB Files
2014-05-17 14:22 - 2012-11-14 13:27 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-17 14:20 - 2014-05-17 14:19 - 02067456 _____ (Farbar) C:\Users\Lucca\Desktop\FRST64.exe
2014-05-17 14:14 - 2013-01-31 23:16 - 00000000 ____D () C:\Users\Lucca\Documents\TrackMania
2014-05-17 13:40 - 2012-11-14 13:21 - 01368985 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 13:38 - 2013-01-31 22:30 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 13:05 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:05 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:01 - 2013-07-19 23:58 - 00000000 ____D () C:\Users\Lucca\AppData\Local\LogMeIn Hamachi
2014-05-17 13:01 - 2012-12-03 20:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-17 12:59 - 2013-01-31 22:30 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:51 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-05-17 12:59 - 2012-11-14 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-05-17 12:57 - 2014-01-17 11:14 - 00021870 _____ () C:\Windows\PFRO.log
2014-05-17 12:57 - 2013-12-29 15:21 - 00003558 _____ () C:\Windows\setupact.log
2014-05-17 12:57 - 2013-07-19 16:14 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-05-17 12:57 - 2013-07-19 16:14 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-05-17 12:57 - 2013-07-19 16:14 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-05-17 12:57 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 12:49 - 2014-05-17 10:42 - 00029051 _____ () C:\Pre_Scan.txt
2014-05-17 12:49 - 2014-05-17 10:41 - 00000000 ____D () C:\Pre_Scan
2014-05-17 10:40 - 2014-05-17 10:40 - 02546688 _____ () C:\Users\Lucca\Desktop\Pre_Scan.exe
2014-05-17 10:37 - 2014-05-17 10:37 - 02388421 _____ () C:\Users\Lucca\Downloads\trz470E.tmp
2014-05-17 09:55 - 2014-05-17 09:55 - 00064656 _____ () C:\Users\Lucca\Desktop\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:55 - 2014-05-17 09:20 - 00064656 _____ () C:\Shortcut_Module_17_05_2014_09_55_09.txt
2014-05-17 09:55 - 2014-05-17 09:14 - 00000000 ____D () C:\Shortcut_Module
2014-05-17 09:48 - 2013-08-17 08:01 - 00000000 ____D () C:\Users\Lucca\Desktop\SPY
2014-05-17 09:47 - 2013-04-07 12:29 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Unity
2014-05-17 09:47 - 2012-12-22 16:55 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Macrovision
2014-05-17 09:46 - 2013-04-07 12:22 - 00000000 ____D () C:\Users\Lucca\AppData\Local\Unity
2014-05-17 09:46 - 2013-02-19 18:12 - 00000000 ____D () C:\Users\Lucca\AppData\Local\SoftorinoUpdates
2014-05-17 09:41 - 2012-11-14 14:02 - 00000000 ____D () C:\Users\Todos os Usuários\Macrovision
2014-05-17 09:41 - 2012-11-14 14:02 - 00000000 ____D () C:\ProgramData\Macrovision
2014-05-17 09:39 - 2013-11-26 20:58 - 00000000 ____D () C:\Program Files (x86)\F1 2012
2014-05-17 09:39 - 2013-02-02 15:34 - 00000000 ____D () C:\Program Files (x86)\"Hao123.com"
2014-05-17 09:19 - 2012-11-14 14:03 - 00000000 ____D () C:\Users\Todos os Usuários\Sonic
2014-05-17 09:19 - 2012-11-14 14:03 - 00000000 ____D () C:\ProgramData\Sonic
2014-05-17 09:16 - 2013-03-01 17:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-17 09:15 - 2013-02-12 12:23 - 00000000 ____D () C:\Windows\rescache
2014-05-17 09:15 - 2012-12-19 13:44 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-17 09:12 - 2014-05-17 09:12 - 02560000 _____ () C:\Users\Lucca\Desktop\Shortcut_Module.exe
2014-05-16 22:40 - 2014-05-16 15:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 22:37 - 2014-05-15 22:20 - 00000000 ____D () C:\zoek_backup
2014-05-16 15:54 - 2014-05-16 15:54 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 15:54 - 2014-05-16 15:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 15:15 - 2014-05-16 15:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lucca\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 14:48 - 2014-05-16 14:48 - 00002399 _____ () C:\Users\Lucca\Desktop\ZHPFixReport.txt
2014-05-16 14:48 - 2014-05-16 13:22 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\ZHP
2014-05-16 14:06 - 2014-05-16 14:06 - 00038081 _____ () C:\Users\Lucca\Desktop\ZHPDiag.txt
2014-05-16 14:05 - 2014-05-16 13:22 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-16 13:22 - 2014-05-16 13:22 - 00001993 _____ () C:\Users\Lucca\Desktop\ZHPFix.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00001866 _____ () C:\Users\Lucca\Desktop\ZHPDiag.lnk
2014-05-16 13:22 - 2014-05-16 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-16 13:21 - 2014-05-16 13:20 - 06778102 _____ (Nicolas Coolman ) C:\Users\Lucca\Downloads\ZHPDiag2.exe
2014-05-16 12:57 - 2014-05-16 12:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-16 06:11 - 2014-05-16 06:11 - 01016261 _____ (Thisisu) C:\Users\Lucca\Downloads\JRT (1).exe
2014-05-15 23:03 - 2012-12-09 17:26 - 00000000 ____D () C:\Users\Lucca\AppData\Local\CrashDumps
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 23:02 - 2014-05-15 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 22:57 - 2014-05-15 22:56 - 00000000 ____D () C:\AdwCleaner
2014-05-15 22:55 - 2014-05-15 22:55 - 01325827 _____ () C:\Users\Lucca\Desktop\AdwCleaner (1).exe
2014-05-15 22:42 - 2013-01-31 22:31 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 22:38 - 2014-05-15 22:22 - 00023348 _____ () C:\zoek-results.log
2014-05-15 22:30 - 2012-12-01 15:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 22:22 - 2014-05-15 22:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 22:20 - 2014-05-15 22:20 - 01285120 _____ () C:\Users\Lucca\Downloads\zoek.exe
2014-05-15 21:07 - 2014-05-15 21:06 - 00086858 _____ () C:\Users\Lucca\Desktop\Extras.Txt
2014-05-15 21:05 - 2014-05-15 21:05 - 00124118 _____ () C:\Users\Lucca\Desktop\OTL.Txt
2014-05-15 21:01 - 2014-05-15 21:01 - 00058402 _____ () C:\Users\Lucca\Downloads\OTL.Txt
2014-05-15 21:00 - 2014-05-15 21:00 - 00045348 _____ () C:\Users\Lucca\Downloads\Extras.Txt
2014-05-15 20:57 - 2014-05-15 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lucca\Desktop\OTL.exe
2014-05-15 20:55 - 2014-05-15 20:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\MicrosoftFixit.WinSecurity.LB.148323628781154625.1.1.Run.exe
2014-05-15 20:39 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 05:59 - 2013-08-18 16:41 - 00000000 ____D () C:\Users\Lucca\Desktop\L2
2014-05-15 04:25 - 2014-05-14 23:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\69375366.sys
2014-05-14 23:02 - 2012-11-20 19:17 - 00000000 ___RD () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-14 22:18 - 2014-05-14 22:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 22:16 - 2014-05-14 22:12 - 136723680 _____ () C:\Users\Lucca\Downloads\setup_11.0.1.1245.x01_2014_05_15_04_26.exe
2014-05-13 22:22 - 2014-05-13 22:22 - 00008966 _____ () C:\Users\Lucca\Downloads\pista da hot wheels 5.Challenge.Gbx
2014-05-13 21:53 - 2012-11-21 20:23 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth (Latin America)
2014-05-13 21:40 - 2014-05-13 21:40 - 00128360 _____ () C:\Users\Lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-13 21:34 - 2012-11-20 19:14 - 00000000 ____D () C:\Users\Lucca
2014-05-13 21:33 - 2013-01-31 22:30 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 21:33 - 2013-01-31 22:30 - 00003810 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-13 21:33 - 2012-11-14 14:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-13 21:30 - 2013-03-01 17:56 - 00001924 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-13 21:30 - 2013-03-01 17:56 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-05-13 21:29 - 2009-07-14 01:45 - 05088704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-13 21:28 - 2014-02-19 15:43 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-13 21:28 - 2012-11-20 19:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-13 21:28 - 2012-11-14 13:27 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-13 21:28 - 2012-11-14 13:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-13 21:28 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-13 21:28 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 21:27 - 2013-01-31 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 21:27 - 2012-12-21 10:31 - 00000000 ____D () C:\Program Files (x86)\Lineage II
2014-05-13 21:27 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-13 21:26 - 2012-11-14 13:20 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\spp
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-05-13 21:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2014-05-13 21:25 - 2013-02-01 16:22 - 00000000 ___HD () C:\W7P_Backups
2014-05-13 21:25 - 2012-11-20 19:43 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Skype
2014-05-13 20:12 - 2014-05-13 20:12 - 00004002 _____ () C:\Personalization_Panel_Undo.log
2014-05-13 19:21 - 2014-05-13 19:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-13 16:07 - 2014-05-13 15:58 - 00000000 ____D () C:\Users\Todos os Usuários\TrackMania
2014-05-13 16:07 - 2014-05-13 15:58 - 00000000 ____D () C:\ProgramData\TrackMania
2014-05-10 13:19 - 2014-05-10 13:19 - 00146918 _____ () C:\Users\Lucca\Downloads\resources_OmenJeraziah (1).rar
2014-05-04 15:01 - 2014-05-04 15:01 - 03443946 _____ () C:\Users\Lucca\Downloads\resources_GuardinCovenantBubbles.rar
2014-05-03 20:21 - 2014-05-03 20:21 - 00013789 _____ () C:\Users\Lucca\Downloads\FullSpeed #001.Challenge.Gbx
2014-04-30 19:49 - 2014-04-30 19:49 - 00000000 ____D () C:\Users\Lucca\Documents\Gunz2
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft OneDrive
2014-04-28 22:55 - 2014-04-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-28 22:09 - 2014-04-28 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-28 21:44 - 2014-04-28 21:44 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-28 21:44 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-28 21:10 - 2012-11-20 19:17 - 00000000 ____D () C:\Users\Lucca\AppData\Local\VirtualStore
2014-04-28 21:06 - 2014-04-28 21:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-28 21:03 - 2014-04-28 21:03 - 00963800 _____ (Microsoft Corporation) C:\Users\Lucca\Downloads\Setup.X86.pt-BR_O365HomePremRetail_934c1b3c-717f-4a6c-8b74-c4e962c62ea2_TX_PR_.exe
2014-04-26 16:39 - 2014-04-26 16:38 - 00014138 _____ () C:\Users\Lucca\Downloads\resources_ApolloArtillery.rar
2014-04-26 13:30 - 2014-04-26 13:30 - 00215203 _____ () C:\Users\Lucca\Downloads\resources_FocusPocus.rar
2014-04-25 19:04 - 2014-04-25 19:04 - 00475370 _____ () C:\Users\Lucca\Downloads\resourcesFocusPocus.s2z
2014-04-24 22:11 - 2014-04-24 22:08 - 00000000 ____D () C:\LinhaDefensiva
2014-04-24 22:08 - 2014-04-24 22:08 - 00178597 _____ (Igor Pavlov) C:\Users\Lucca\Downloads\bankerfix (1).exe
2014-04-24 21:46 - 2013-11-24 16:23 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\TS3Client
2014-04-23 22:00 - 2013-12-29 09:20 - 00000000 ____D () C:\Users\Lucca\Desktop\ZumbiBlock
2014-04-23 18:12 - 2014-04-18 09:24 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-04-21 20:04 - 2010-11-21 06:37 - 00703580 _____ () C:\Windows\system32\prfh0416.dat
2014-04-21 20:04 - 2010-11-21 06:37 - 00146366 _____ () C:\Windows\system32\prfc0416.dat
2014-04-21 20:04 - 2009-07-14 02:13 - 01628224 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 15:44 - 2013-10-22 19:17 - 00000000 ____D () C:\Users\Lucca\Desktop\HoN Modifications
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2014-04-18 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2014-04-18 09:28 - 2013-10-25 23:34 - 00001931 _____ () C:\Users\Lucca\Desktop\Heroes of Newerth.lnk
2014-04-18 09:28 - 2013-04-16 21:44 - 00000000 ____D () C:\Users\Lucca\Documents\Heroes of Newerth
2014-04-18 06:02 - 2014-04-18 01:12 - 1998326696 _____ () C:\Users\Lucca\Downloads\HoNClient-3.2.7.exe
2014-04-17 22:18 - 2014-04-16 20:36 - 00000000 ____D () C:\Users\Lucca\Downloads\Project2
2014-04-17 16:29 - 2014-04-17 16:29 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe
2014-04-17 16:29 - 2014-04-17 16:15 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-04-17 16:27 - 2014-04-17 16:27 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe
2014-04-17 16:10 - 2014-04-17 16:08 - 08392456 _____ () C:\Users\Lucca\Downloads\TBear-v2.exe
2014-04-17 16:07 - 2014-04-17 16:06 - 00629280 _____ ( ) C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-13 15:51
==================== End Of Log ============================
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Addition Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lucca at 2014-05-17 14:24:34
Running from C:\Users\Lucca\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.1 - IObit)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1497.0 - AVAST Software)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5425 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.5425 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dell Bluetooth Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dxtory 2.0.109 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.109 - Dxtory Software)
F1 2012 (HKLM-x32\...\F1 2012_is1) (Version: - )
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Gerenciador de Downloads (HKCU\...\0dd67a782103f089) (Version: 0.9.3.40 - Level Up! Gerenciador)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6421.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lineage II (HKLM-x32\...\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}) (Version: 90.7.2281 - NCSoft)
Lineage II Gate (HKCU\...\Lineage II Gate) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.477 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Monitor da tecnologia Intel® Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Game Long Name (HKLM\...\UDK-c09f47ce-3fe0-4a07-ab66-df0979cfd2c7) (Version: - Epic Games, Inc.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outwars (HKLM-x32\...\Outwars) (Version: - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version: - )
Suporte para Aplicativos Apple (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Tibia (HKLM-x32\...\Tibia_is1) (Version: 8.60 - CipSoft GmbH)
Tibia MULTI-ip changer (HKLM-x32\...\TMIPC) (Version: - Asprate)
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)
VVVVVV (Window v1.0) (HKLM-x32\...\{423B39E8-0A8E-4522-BB0A-FCCF86479977}_is1) (Version: - Terry Cavanagh)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Disk Cleaner 7.74 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
X PROJECT Personalization Panel v1.4 (HKLM\...\W7Patcher_Personalization_Panel) (Version: v1.4 - Smarty)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
18-04-2014 12:25:08 DirectX instalado
29-04-2014 01:11:28 Ponto de Verificação Agendado
14-05-2014 00:20:50 Operação de restauração
16-05-2014 01:23:01 zoek.exe restore point
16-05-2014 16:58:14 ZHPFix Restore System Point
16-05-2014 17:48:17 ZHPFix Restore System Point
==================== Hosts content: ==========================
2014-03-03 13:43 - 2010-12-23 15:08 - 00000780 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {04E4C1DE-8BCC-40A7-A598-62C0548AC31D} - System32\Tasks\{00A2AB9E-4506-4A7F-93C0-74D1D30A88F9} => C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe [2014-05-13] (S2 Games)
Task: {20447713-2BCF-4067-90A4-C274F43AB0BD} - \DealPly No Task File <==== ATTENTION
Task: {31877BDA-A35D-4EBC-B437-C37C85940BB2} - \RunAsStdUser No Task File <==== ATTENTION
Task: {67877349-7431-4A7A-A8E3-BA2DB4F0203D} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-01-15] (IObit)
Task: {694F8949-8606-42C1-97B5-ED3C22772610} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {984A284B-6FDB-425B-898F-C5F8E797EADE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {BA5E25C3-D3EA-4934-BA93-DFDDF6B5A999} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {CB674AAA-5A3C-4E67-99EF-D4E82EDA6273} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-14] (Adobe Systems Incorporated)
Task: {D4216EA0-AA4E-413B-962F-68D155D714F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {D95AA2D9-68AB-4C72-ADDB-9E1FA0D6BDCA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {EAD1E12E-6825-471C-81F6-2F39A51460F3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-11] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () C:\Windows\system32\slc.dll
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () C:\Windows\System32\slc.dll
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () c:\windows\system32\slc.dll
2014-04-28 21:04 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-28 21:04 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-06-06 16:55 - 2013-06-06 16:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-14 13:46 - 2012-01-26 20:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-11-14 18:45 - 2011-03-25 22:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-10 16:17 - 2013-05-10 16:17 - 04284976 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2014-05-17 09:12 - 2014-05-17 06:00 - 02292736 _____ () C:\Program Files\AVAST Software\Avast\defs\14051700\algo.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-12 11:29 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-02-12 11:29 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-02-12 11:29 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-02-12 11:28 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Windows\System32:D0D4D86B_Bb.gbp
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B
AlternateDataStreams: C:\Users\Lucca\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Lucca\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Advanced SystemCare 6 => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
==================== Faulty Device Manager Devices =============
Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/17/2014 01:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x15b4
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 01:02:46 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 01:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x18a8
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 01:01:38 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0xbc8
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 01:00:20 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 00:59:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2014 00:57:43 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 00:48:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x828
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 00:48:51 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
System errors:
=============
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Anti-Spam Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Proxy Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Network Agent foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee VirusScan Announcer foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Services foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Personal Firewall Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Anti-Spam Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Proxy Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Network Agent foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee VirusScan Announcer foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Microsoft Office Sessions:
=========================
Error: (05/17/2014 01:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd515b401cf71e9717ce4c5C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dllaf850e25-dddc-11e3-a201-7845c4fd51c6
Error: (05/17/2014 01:02:46 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 01:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd518a801cf71e948958caaC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dll8753d5ca-dddc-11e3-a201-7845c4fd51c6
Error: (05/17/2014 01:01:38 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd5bc801cf71e8bc744971C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dll5ac12b9e-dddc-11e3-a201-7845c4fd51c6
Error: (05/17/2014 01:00:20 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 00:59:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2014 00:57:43 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 00:48:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd582801cf71e77f8ed1a1C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dllbd9a938d-ddda-11e3-80e8-7845c4fd51c6
Error: (05/17/2014 00:48:51 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
CodeIntegrity Errors:
===================================
Date: 2014-05-16 15:57:57.265
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:57.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:57.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:54.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:54.242
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:54.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 4003.89 MB
Available physical RAM: 2774 MB
Total Pagefile: 8005.08 MB
Available Pagefile: 6333.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:681.93 GB) (Free:547.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 38183161)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=682 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Lucca at 2014-05-17 14:24:34
Running from C:\Users\Lucca\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.1 - IObit)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1497.0 - AVAST Software)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5425 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.5425 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dell Bluetooth Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dxtory 2.0.109 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.109 - Dxtory Software)
F1 2012 (HKLM-x32\...\F1 2012_is1) (Version: - )
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Gerenciador de Downloads (HKCU\...\0dd67a782103f089) (Version: 0.9.3.40 - Level Up! Gerenciador)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6421.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lineage II (HKLM-x32\...\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}) (Version: 90.7.2281 - NCSoft)
Lineage II Gate (HKCU\...\Lineage II Gate) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.477 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Monitor da tecnologia Intel® Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Game Long Name (HKLM\...\UDK-c09f47ce-3fe0-4a07-ab66-df0979cfd2c7) (Version: - Epic Games, Inc.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outwars (HKLM-x32\...\Outwars) (Version: - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version: - )
Suporte para Aplicativos Apple (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Tibia (HKLM-x32\...\Tibia_is1) (Version: 8.60 - CipSoft GmbH)
Tibia MULTI-ip changer (HKLM-x32\...\TMIPC) (Version: - Asprate)
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)
VVVVVV (Window v1.0) (HKLM-x32\...\{423B39E8-0A8E-4522-BB0A-FCCF86479977}_is1) (Version: - Terry Cavanagh)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Disk Cleaner 7.74 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
X PROJECT Personalization Panel v1.4 (HKLM\...\W7Patcher_Personalization_Panel) (Version: v1.4 - Smarty)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
18-04-2014 12:25:08 DirectX instalado
29-04-2014 01:11:28 Ponto de Verificação Agendado
14-05-2014 00:20:50 Operação de restauração
16-05-2014 01:23:01 zoek.exe restore point
16-05-2014 16:58:14 ZHPFix Restore System Point
16-05-2014 17:48:17 ZHPFix Restore System Point
==================== Hosts content: ==========================
2014-03-03 13:43 - 2010-12-23 15:08 - 00000780 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {04E4C1DE-8BCC-40A7-A598-62C0548AC31D} - System32\Tasks\{00A2AB9E-4506-4A7F-93C0-74D1D30A88F9} => C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe [2014-05-13] (S2 Games)
Task: {20447713-2BCF-4067-90A4-C274F43AB0BD} - \DealPly No Task File <==== ATTENTION
Task: {31877BDA-A35D-4EBC-B437-C37C85940BB2} - \RunAsStdUser No Task File <==== ATTENTION
Task: {67877349-7431-4A7A-A8E3-BA2DB4F0203D} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-01-15] (IObit)
Task: {694F8949-8606-42C1-97B5-ED3C22772610} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {984A284B-6FDB-425B-898F-C5F8E797EADE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {BA5E25C3-D3EA-4934-BA93-DFDDF6B5A999} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {CB674AAA-5A3C-4E67-99EF-D4E82EDA6273} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-14] (Adobe Systems Incorporated)
Task: {D4216EA0-AA4E-413B-962F-68D155D714F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {D95AA2D9-68AB-4C72-ADDB-9E1FA0D6BDCA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {EAD1E12E-6825-471C-81F6-2F39A51460F3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-11] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () C:\Windows\system32\slc.dll
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () C:\Windows\System32\slc.dll
2009-07-13 20:51 - 2012-02-02 15:52 - 00044544 _____ () c:\windows\system32\slc.dll
2014-04-28 21:04 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-28 21:04 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-06-06 16:55 - 2013-06-06 16:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-14 13:46 - 2012-01-26 20:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-11-14 18:45 - 2011-03-25 22:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-10 16:17 - 2013-05-10 16:17 - 04284976 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2014-05-17 09:12 - 2014-05-17 06:00 - 02292736 _____ () C:\Program Files\AVAST Software\Avast\defs\14051700\algo.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-12 11:29 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-02-12 11:29 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-02-12 11:29 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-02-12 11:28 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Windows\System32:D0D4D86B_Bb.gbp
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B
AlternateDataStreams: C:\Users\Lucca\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Lucca\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Advanced SystemCare 6 => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
==================== Faulty Device Manager Devices =============
Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/17/2014 01:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x15b4
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 01:02:46 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 01:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x18a8
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 01:01:38 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0xbc8
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 01:00:20 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 00:59:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2014 00:57:43 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
Error: (05/17/2014 00:48:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: McSvHost.exe, versão: 2.6.259.0, carimbo de hora: 0x5040f1f9
Nome do módulo de falhas: mcmscshm.dll, versão: 11.6.434.0, carimbo de hora: 0x5050b568
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000003dcd5
Identificação do processo com falha: 0x828
Hora de início do aplicativo com falha: 0xMcSvHost.exe0
Caminho do aplicativo com falha: McSvHost.exe1
FCaminho do módulo de falhas: McSvHost.exe2
Identificação do Relatório: McSvHost.exe3
Error: (05/17/2014 00:48:51 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
System errors:
=============
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Anti-Spam Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Proxy Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Network Agent foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee VirusScan Announcer foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Services foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço McAfee Personal Firewall Service foi encerrado inesperadamente. Isso aconteceu 3 vez(es).
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Anti-Spam Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Proxy Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee Network Agent foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (05/17/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço McAfee VirusScan Announcer foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Microsoft Office Sessions:
=========================
Error: (05/17/2014 01:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd515b401cf71e9717ce4c5C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dllaf850e25-dddc-11e3-a201-7845c4fd51c6
Error: (05/17/2014 01:02:46 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 01:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd518a801cf71e948958caaC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dll8753d5ca-dddc-11e3-a201-7845c4fd51c6
Error: (05/17/2014 01:01:38 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd5bc801cf71e8bc744971C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dll5ac12b9e-dddc-11e3-a201-7845c4fd51c6
Error: (05/17/2014 01:00:20 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 00:59:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2014 00:57:43 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
Error: (05/17/2014 00:48:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe2.6.259.05040f1f9mcmscshm.dll11.6.434.05050b568c0000005000000000003dcd582801cf71e77f8ed1a1C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\msc\mcmscshm.dllbd9a938d-ddda-11e3-80e8-7845c4fd51c6
Error: (05/17/2014 00:48:51 PM) (Source: McLogEvent) (EventID: 5022) (User: AUTORIDADE NT)
Description: 3
CodeIntegrity Errors:
===================================
Date: 2014-05-16 15:57:57.265
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:57.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:57.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:54.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:54.242
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:57:54.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 4003.89 MB
Available physical RAM: 2774 MB
Total Pagefile: 8005.08 MB
Available Pagefile: 6333.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:681.93 GB) (Free:547.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 38183161)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=682 GB) - (Type=07 NTFS)
==================== End Of Log ============================
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Estou analisando os relatórios do Farbar. Enquanto isto, tente executar este procedimento abaixo:
Acesse o site abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Execute o Nod32 Online seguindo as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt
Na sua próxima resposta poste este log do Nod32 Online.
Ficamos no aguardo de sua resposta.
Acesse o site abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Execute o Nod32 Online seguindo as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt
Na sua próxima resposta poste este log do Nod32 Online.
Ficamos no aguardo de sua resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).
Execute o FRST64. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta juntamente com o relatório do Nod32 Online pedido na postagem anterior.
Execute o FRST64. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta juntamente com o relatório do Nod32 Online pedido na postagem anterior.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Bom dia novamente Power,
Antes de postar os logs queria te relatar um problema que aconteceu durante o processo de tantas tentativas de remoção do vírus.
Apesar de nao ser um erro tao grave, queria te informar sobre ele.
O meu pc perdeu a capacidade de "Suspender" segue o anexo abaixo:
Antes de postar os logs queria te relatar um problema que aconteceu durante o processo de tantas tentativas de remoção do vírus.
Apesar de nao ser um erro tao grave, queria te informar sobre ele.
O meu pc perdeu a capacidade de "Suspender" segue o anexo abaixo:
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Log FRST64:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Lucca at 2014-05-18 11:42:35 Run:1
Running from C:\Users\Lucca\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
SearchScopes: HKLM - DefaultScope value is missing.
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
ShortcutTarget: _uninst_69375366.lnk -> C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat (No File)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-11-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-14]
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-12-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
2014-05-17 09:39 - 2013-02-02 15:34 - 00000000 ____D () C:\Program Files (x86)\"Hao123.com"
2014-05-17 09:15 - 2012-12-19 13:44 - 00000000 ____D () C:\Program Files\Bonjour
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.477 - McAfee, Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Task: {20447713-2BCF-4067-90A4-C274F43AB0BD} - \DealPly No Task File <==== ATTENTION
Task: {31877BDA-A35D-4EBC-B437-C37C85940BB2} - \RunAsStdUser No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B
AlternateDataStreams: C:\Users\Lucca\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Lucca\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
end
*****************
C:\Windows\System32\mfevtps.exe => Failed to close process.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe => Failed to close process.
C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe => Failed to close process.
C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\PROTOCOLS\Filter\application/x-mfe-ipt => Key deleted successfully.
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Filter\application/x-mfe-ipt => Key not found.
HKCR\Wow6432Node\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60} => Value deleted successfully.
"C:\Program Files (x86)\Common Files\McAfee\SystemCore" directory move:
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfeavfa.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfefwctl.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3_worker.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\rkscan.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptFF.js" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.gif" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\scriptff.js" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.xul" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore" directory. => Scheduled to move on reboot.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Value deleted successfully.
"C:\Program Files\McAfee\MSK" directory move:
Could not move "C:\Program Files\McAfee\MSK\chrome.manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\install.rdf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\masecore64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mcabimp.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmcnt.cab" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmcnt.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmupd.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcore64.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcshim.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskengn.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskjsres.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskLI.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskmisp.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskmisp.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskoeplg.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskola64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskoladd.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskplg64.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskppv.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskpxplg.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskres.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\MskSet.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\MskSet64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\msksrv.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\msksrvr.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskuc.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskuc.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskupd.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskwm.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskxagnt.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskxaif.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\oemcfg.xml" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\rptspam.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\rptspm64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\substLI.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\tbirdins.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\mas_ui_1" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\sentag.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\sentence.lut" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\tags.lut" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\rbl\5\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\rbl\5\rbl.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.rgx" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\config.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\core.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\core.rgx" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\custom.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\dometa.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\filter.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\main.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\overrides.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\phish.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\received.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\scoremapper.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\tlds.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\utils.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\components\msktbcl.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\chrome\msktbird_3.jar" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK" directory. => Scheduled to move on reboot.
McMPFSvc => Error deleting Service
mcmscsvc => Error deleting Service
McNaiAnn => Error deleting Service
McNASvc => Error deleting Service
McODS => Error deleting Service
McProxy => Error deleting Service
McShield => Unable to stop service
McShield => Error deleting Service
mfefire => Unable to stop service
mfefire => Error deleting Service
mfevtp => Unable to stop service
mfevtp => Error deleting Service
MSK80Service => Error deleting Service
cfwids => Service deleted successfully.
HipShieldK => Service deleted successfully.
mfeapfk => Unable to stop service
mfeapfk => Error deleting Service
mfeavfk => Unable to stop service
mfeavfk => Error deleting Service
mfeavfk01 => Service deleted successfully.
mfefirek => Unable to stop service
mfefirek => Error deleting Service
mfehidk => Unable to stop service
mfehidk => Error deleting Service
mferkdet => Error deleting Service
mfewfpk => Unable to stop service
mfewfpk => Error deleting Service
"C:\Program Files (x86)\"Hao123.com"" => File/Directory not found.
C:\Program Files\Bonjour => Moved successfully.
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} => The item is protected. Make sure the software is uninstalled and its services is removed.
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} => The item is protected. Make sure the software is uninstalled and its services is removed.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20447713-2BCF-4067-90A4-C274F43AB0BD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20447713-2BCF-4067-90A4-C274F43AB0BD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31877BDA-A35D-4EBC-B437-C37C85940BB2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31877BDA-A35D-4EBC-B437-C37C85940BB2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser => Key deleted successfully.
C:\ProgramData => ":NT" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\Todos os Usuários" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Dados de aplicativos" => ":NT" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\Temp => ":6BE50C2B" ADS removed successfully.
"C:\Users\Lucca\Dados de aplicativos" => ":NT" ADS not found.
C:\Users\Lucca\AppData\Roaming => ":NT" ADS removed successfully.
"C:\Users\Todos os Usuários\Application Data" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\Dados de aplicativos" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\Temp" => ":6BE50C2B" ADS not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefire => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-05-18 11:50:03)<=
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfeavfa.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfefwctl.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3_worker.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\rkscan.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptFF.js => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.gif => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\scriptff.js => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.xul => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore => Moved successfully.
"C:\Program Files\McAfee\MSK\chrome.manifest" => File could not move.
"C:\Program Files\McAfee\MSK\install.rdf" => File could not move.
"C:\Program Files\McAfee\MSK\masecore64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mcabimp.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmcnt.cab" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmcnt.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmupd.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcore64.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcshim.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskengn.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskjsres.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskLI.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskmisp.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskmisp.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskoeplg.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskola64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskoladd.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskplg64.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskppv.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskpxplg.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskres.dll" => File could not move.
"C:\Program Files\McAfee\MSK\MskSet.dll" => File could not move.
"C:\Program Files\McAfee\MSK\MskSet64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\msksrv.inf" => File could not move.
"C:\Program Files\McAfee\MSK\msksrvr.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskuc.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskuc.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskupd.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskwm.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskxagnt.exe" => File could not move.
"C:\Program Files\McAfee\MSK\mskxaif.dll" => File could not move.
"C:\Program Files\McAfee\MSK\oemcfg.xml" => File could not move.
"C:\Program Files\McAfee\MSK\rptspam.dll" => File could not move.
"C:\Program Files\McAfee\MSK\rptspm64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\substLI.inf" => File could not move.
"C:\Program Files\McAfee\MSK\tbirdins.dll" => File could not move.
"C:\Program Files\McAfee\MSK\Config\mas_ui_1" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\sentag.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\sentence.lut" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\tags.lut" => File could not move.
"C:\Program Files\McAfee\MSK\Config\rbl\5\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\rbl\5\rbl.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.rgx" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\config.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\core.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\core.rgx" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\custom.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\dometa.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\filter.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\main.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\overrides.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\phish.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\received.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\scoremapper.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\tlds.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\utils.lua" => File could not move.
"C:\Program Files\McAfee\MSK\components\msktbcl.dll" => File could not move.
"C:\Program Files\McAfee\MSK\chrome\msktbird_3.jar" => File could not move.
"C:\Program Files\McAfee\MSK" => Directory could not move.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Lucca at 2014-05-18 11:42:35 Run:1
Running from C:\Users\Lucca\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
SearchScopes: HKLM - DefaultScope value is missing.
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
ShortcutTarget: _uninst_69375366.lnk -> C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat (No File)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-11-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-14]
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-12-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
2014-05-17 09:39 - 2013-02-02 15:34 - 00000000 ____D () C:\Program Files (x86)\"Hao123.com"
2014-05-17 09:15 - 2012-12-19 13:44 - 00000000 ____D () C:\Program Files\Bonjour
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.477 - McAfee, Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Task: {20447713-2BCF-4067-90A4-C274F43AB0BD} - \DealPly No Task File <==== ATTENTION
Task: {31877BDA-A35D-4EBC-B437-C37C85940BB2} - \RunAsStdUser No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B
AlternateDataStreams: C:\Users\Lucca\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Lucca\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
end
*****************
C:\Windows\System32\mfevtps.exe => Failed to close process.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe => Failed to close process.
C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe => Failed to close process.
C:\Users\Lucca\AppData\Local\Temp\_uninst_69375366.bat not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} => Key deleted successfully.
HKCR\PROTOCOLS\Filter\application/x-mfe-ipt => Key deleted successfully.
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Filter\application/x-mfe-ipt => Key not found.
HKCR\Wow6432Node\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60} => Value deleted successfully.
"C:\Program Files (x86)\Common Files\McAfee\SystemCore" directory move:
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfeavfa.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfefwctl.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3_worker.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\rkscan.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptFF.js" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.gif" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\scriptff.js" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.xul" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\Common Files\McAfee\SystemCore" directory. => Scheduled to move on reboot.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Value deleted successfully.
"C:\Program Files\McAfee\MSK" directory move:
Could not move "C:\Program Files\McAfee\MSK\chrome.manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\install.rdf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\masecore64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mcabimp.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmcnt.cab" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmcnt.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcmupd.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcore64.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskcshim.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskengn.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskjsres.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskLI.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskmisp.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskmisp.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskoeplg.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskola64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskoladd.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskplg64.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskppv.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskpxplg.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskres.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\MskSet.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\MskSet64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\msksrv.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\msksrvr.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskuc.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskuc.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskupd.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskwm.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskxagnt.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\mskxaif.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\oemcfg.xml" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\rptspam.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\rptspm64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\substLI.inf" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\tbirdins.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\mas_ui_1" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\sentag.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\sentence.lut" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\sentag\38569\tags.lut" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\rbl\5\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\rbl\5\rbl.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.rgx" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\cstreams\89276\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\config.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\core.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\core.rgx" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\custom.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\dometa.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\filter.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\main.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\manifest" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\overrides.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\phish.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\received.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\scoremapper.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\tlds.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\Config\core\4499\utils.lua" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\components\msktbcl.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK\chrome\msktbird_3.jar" => Scheduled to move on reboot.
Could not move "C:\Program Files\McAfee\MSK" directory. => Scheduled to move on reboot.
McMPFSvc => Error deleting Service
mcmscsvc => Error deleting Service
McNaiAnn => Error deleting Service
McNASvc => Error deleting Service
McODS => Error deleting Service
McProxy => Error deleting Service
McShield => Unable to stop service
McShield => Error deleting Service
mfefire => Unable to stop service
mfefire => Error deleting Service
mfevtp => Unable to stop service
mfevtp => Error deleting Service
MSK80Service => Error deleting Service
cfwids => Service deleted successfully.
HipShieldK => Service deleted successfully.
mfeapfk => Unable to stop service
mfeapfk => Error deleting Service
mfeavfk => Unable to stop service
mfeavfk => Error deleting Service
mfeavfk01 => Service deleted successfully.
mfefirek => Unable to stop service
mfefirek => Error deleting Service
mfehidk => Unable to stop service
mfehidk => Error deleting Service
mferkdet => Error deleting Service
mfewfpk => Unable to stop service
mfewfpk => Error deleting Service
"C:\Program Files (x86)\"Hao123.com"" => File/Directory not found.
C:\Program Files\Bonjour => Moved successfully.
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} => The item is protected. Make sure the software is uninstalled and its services is removed.
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} => The item is protected. Make sure the software is uninstalled and its services is removed.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20447713-2BCF-4067-90A4-C274F43AB0BD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20447713-2BCF-4067-90A4-C274F43AB0BD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31877BDA-A35D-4EBC-B437-C37C85940BB2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31877BDA-A35D-4EBC-B437-C37C85940BB2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser => Key deleted successfully.
C:\ProgramData => ":NT" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\Todos os Usuários" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Dados de aplicativos" => ":NT" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\Temp => ":6BE50C2B" ADS removed successfully.
"C:\Users\Lucca\Dados de aplicativos" => ":NT" ADS not found.
C:\Users\Lucca\AppData\Roaming => ":NT" ADS removed successfully.
"C:\Users\Todos os Usuários\Application Data" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\Dados de aplicativos" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT" ADS not found.
"C:\Users\Todos os Usuários\Temp" => ":6BE50C2B" ADS not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefire => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-05-18 11:50:03)<=
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfeavfa.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfefwctl.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mytilus3_worker.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\rkscan.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptFF.js => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121120204020.dll => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.gif => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\scriptff.js => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore\components\ScriptFF.xul => Moved successfully.
C:\Program Files (x86)\Common Files\McAfee\SystemCore => Moved successfully.
"C:\Program Files\McAfee\MSK\chrome.manifest" => File could not move.
"C:\Program Files\McAfee\MSK\install.rdf" => File could not move.
"C:\Program Files\McAfee\MSK\masecore64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mcabimp.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmcnt.cab" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmcnt.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcmupd.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcore64.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskcshim.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskengn.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskjsres.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskLI.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskmisp.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskmisp.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskoeplg.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskola64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskoladd.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskplg64.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskppv.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskpxplg.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskres.dll" => File could not move.
"C:\Program Files\McAfee\MSK\MskSet.dll" => File could not move.
"C:\Program Files\McAfee\MSK\MskSet64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\msksrv.inf" => File could not move.
"C:\Program Files\McAfee\MSK\msksrvr.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskuc.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskuc.inf" => File could not move.
"C:\Program Files\McAfee\MSK\mskupd.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskwm.dll" => File could not move.
"C:\Program Files\McAfee\MSK\mskxagnt.exe" => File could not move.
"C:\Program Files\McAfee\MSK\mskxaif.dll" => File could not move.
"C:\Program Files\McAfee\MSK\oemcfg.xml" => File could not move.
"C:\Program Files\McAfee\MSK\rptspam.dll" => File could not move.
"C:\Program Files\McAfee\MSK\rptspm64.dll" => File could not move.
"C:\Program Files\McAfee\MSK\substLI.inf" => File could not move.
"C:\Program Files\McAfee\MSK\tbirdins.dll" => File could not move.
"C:\Program Files\McAfee\MSK\Config\mas_ui_1" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\sentag.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\sentence.lut" => File could not move.
"C:\Program Files\McAfee\MSK\Config\sentag\38569\tags.lut" => File could not move.
"C:\Program Files\McAfee\MSK\Config\rbl\5\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\rbl\5\rbl.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\cstreams.rgx" => File could not move.
"C:\Program Files\McAfee\MSK\Config\cstreams\89276\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\config.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\core.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\core.rgx" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\custom.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\dometa.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\filter.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\main.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\manifest" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\overrides.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\phish.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\received.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\scoremapper.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\tlds.lua" => File could not move.
"C:\Program Files\McAfee\MSK\Config\core\4499\utils.lua" => File could not move.
"C:\Program Files\McAfee\MSK\components\msktbcl.dll" => File could not move.
"C:\Program Files\McAfee\MSK\chrome\msktbird_3.jar" => File could not move.
"C:\Program Files\McAfee\MSK" => Directory could not move.
==== End of Fixlog ====
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Você executou o Nod32 online como te passei? se tiver executado poste o log dele também para análise.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Estou executando ele no momento, ja posto o log.
Mas o problema do computador nao ter mais o modo de suspençao aconteceu em decorrencia do virus ou de sua respectiva de remoçao?.
Mas o problema do computador nao ter mais o modo de suspençao aconteceu em decorrencia do virus ou de sua respectiva de remoçao?.
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Estes malwares alteram várias coisas no registro do Windows, o que pode causar este e outros problemas. Vamos ver se com a retirada dos vírus os problemas vão embora junto com eles.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
log.txt
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=35220ecb8a1e8342900e83a261a02d73
# engine=18312
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-18 05:50:55
# local_time=2014-05-18 02:50:55 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 18174404 176230927 0 0
# compatibility_mode=5122 16777213 100 88 29508801 148289251 0 0
# compatibility_mode=5893 16776574 100 94 29508756 151982505 0 0
# scanned=245615
# found=36
# cleaned=36
# scan_time=8650
sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe"
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat"
sh=78D39055963B638142A26F6A1CA0858557F1553D ft=1 fh=22097666a78966a3 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"
sh=E51D31466DA5738E4D029C788B93EF7D428648A3 ft=1 fh=5cf3f026d273c9eb vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"
sh=D3DF3B07ECA2121949D1C17AC957D0117072E4B6 ft=1 fh=dbddf532259a68ab vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\ccsetup324.exe"
sh=A285B6AB3A4B305D62BD64167DDCF20CBC334A1E ft=1 fh=8ef37e04d274dcbb vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\CheatEngine63.exe"
sh=DE920743BEC3CC62C146EBCB49F535C6A11CEFD3 ft=1 fh=608d746846f76de3 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\game-booster-35-baixaki-32-bits.exe"
sh=754ED33B7F3BBDE6E05AE6FD5767C50F32C59B13 ft=1 fh=6263762a569d5de0 vn="a variant of Win32/InstallCore.AF potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\mz-game-accelerator-1-1-0-en-win-setup.exe"
sh=E97F49CF755006D1C20CE2B4158D4A74361D7440 ft=1 fh=384c5c3746f76de3 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\winrar-420-baixaki-32-bits.exe"
sh=5BCBA1C25D5BEB2AD67A91FD407CF2D36710901A ft=1 fh=00640f97360e4fc8 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\PhotoScapee\PhotoScape_V3.6.3.exe"
sh=AF9C5CB72E9C0BB6D8AB0BCCA1C2FAA55CCDDCE2 ft=0 fh=0000000000000000 vn="Win32/Keygen.HU potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\Vegas\SVP 11 i7.rar"
sh=131570445D6E0DCCC0BCB04F80570F25AFB894FE ft=1 fh=6255ad7170b21b1e vn="a variant of Win32/HackTool.Inject.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\war\Winject.exe"
sh=ACC01DDA32E4EF801BEA7265ACE2C7C3BF0F3BAC ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Inject.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\war\Winject.rar"
sh=A42B53D7A2DAF356969D5961AA7D0533BDF0FDC9 ft=1 fh=0cc57f0d3f7428e3 vn="Win32/HackTool.Crack.M potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Tibia\ElfCrack.exe"
sh=011811A08D4EE49BD60E4E7F1C9DC4BAAD40FAAF ft=1 fh=13029dce81e57bd0 vn="a variant of Win32/InstallCore.AZ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Utilidades\950502_SlimDrivers-DW.exe"
sh=3CFFA088D9BC2BB2E57F5777F561133202A385BA ft=1 fh=a8bc6723eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\advanced-systemcare-619221-baixaki-32-bits.exe"
sh=C06F4564CB4251CAE2D8EF99BC1ED461A799626F ft=1 fh=fac5f2f2f4c4c1be vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\asc-setup.exe"
sh=4F7B0EEDAA8F96CDE4A05909FED0A37B2E83C6CD ft=1 fh=567a13cfe4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\audacity-203-baixaki-32-bits.exe"
sh=CC0F7CAA0683D028B0CDA6E265246546D1F07549 ft=1 fh=4dd94c23ca901d44 vn="MSIL/Solimba.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\avast.exe"
sh=F262D8F708F1E29C62BCF7A6876601B27A8A47CB ft=1 fh=c67285a7eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\daemon-tools-lite-44610328-baixaki-32-bits.exe"
sh=BECBC8A4096CAD30C091DC83533D829EBC23814D ft=1 fh=48c9390da8713cae vn="Win32/DownWare.L potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\DTLite4461-0328.exe"
sh=C4F0E4BD6F6B25918C7C89153A01A5D09B70D6C5 ft=1 fh=7f8e6b47eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\fraps-359-baixaki-32-bits (1).exe"
sh=2AB0EB6FF47DBA3D27A804BF5C646C3933897738 ft=1 fh=ad6a125cd449c7d0 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hamachi²-210374-32-bits.exe"
sh=20BA0E7DA38707664DD7A58F4A87F656E81A291F ft=1 fh=336e32bbeaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hd-tune-pro-500-baixaki-32-bits.exe"
sh=C91529398B2156A5703D2AF637D882EB3F5BBFD4 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe"
sh=C6957E4CC1A0E904A65B930F131B2761D58991A3 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe"
sh=424243697B1909C0CDED0EBF9552F490BFDB75FD ft=1 fh=af768ae3eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\msi-afterburner-231-baixaki-32-bits.exe"
sh=490FE7FC087756CDB58788C126EDD8629601C09A ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\powerstrip-390-build-712-32-bits.exe"
sh=EA2D67EF0D45E8119357771ABD428056946584C6 ft=1 fh=5b0170507ab1d346 vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\speccy-122536-32-bits.exe"
sh=B8895BB21261766F960D2B6D5F22B0DD7A818812 ft=1 fh=fd6c520b6b39aef5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\spsetup122_536.exe"
sh=28C1782B73F01B71E653BCBA3FFBE06C574F7DD7 ft=1 fh=3cea4d0feaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\trackmania-nations-forever--baixaki-32-bits (1).exe"
sh=28C1782B73F01B71E653BCBA3FFBE06C574F7DD7 ft=1 fh=3cea4d0feaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\trackmania-nations-forever--baixaki-32-bits.exe"
sh=516432369E1E4974BBFC0F70E922B1735EF740F6 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe"
sh=FAD8931750B9F778F5C2C870219A8734B31A35E3 ft=1 fh=55b183798df9139a vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\utorrent-323-build-28705-baixaki-32-bits (1).exe"
sh=FAD8931750B9F778F5C2C870219A8734B31A35E3 ft=1 fh=55b183798df9139a vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\utorrent-323-build-28705-baixaki-32-bits.exe"
sh=1716FE9A2A698BE48053918584177213BEE2F0A4 ft=1 fh=136221bcdc008b1d vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_Lucca_Downloads_749-HSS-install-hss-391-conduit.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=35220ecb8a1e8342900e83a261a02d73
# engine=18312
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-18 05:50:55
# local_time=2014-05-18 02:50:55 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 18174404 176230927 0 0
# compatibility_mode=5122 16777213 100 88 29508801 148289251 0 0
# compatibility_mode=5893 16776574 100 94 29508756 151982505 0 0
# scanned=245615
# found=36
# cleaned=36
# scan_time=8650
sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe"
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat"
sh=78D39055963B638142A26F6A1CA0858557F1553D ft=1 fh=22097666a78966a3 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"
sh=E51D31466DA5738E4D029C788B93EF7D428648A3 ft=1 fh=5cf3f026d273c9eb vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"
sh=D3DF3B07ECA2121949D1C17AC957D0117072E4B6 ft=1 fh=dbddf532259a68ab vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\ccsetup324.exe"
sh=A285B6AB3A4B305D62BD64167DDCF20CBC334A1E ft=1 fh=8ef37e04d274dcbb vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\CheatEngine63.exe"
sh=DE920743BEC3CC62C146EBCB49F535C6A11CEFD3 ft=1 fh=608d746846f76de3 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\game-booster-35-baixaki-32-bits.exe"
sh=754ED33B7F3BBDE6E05AE6FD5767C50F32C59B13 ft=1 fh=6263762a569d5de0 vn="a variant of Win32/InstallCore.AF potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\mz-game-accelerator-1-1-0-en-win-setup.exe"
sh=E97F49CF755006D1C20CE2B4158D4A74361D7440 ft=1 fh=384c5c3746f76de3 vn="a variant of Win32/InstallCore.AY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\winrar-420-baixaki-32-bits.exe"
sh=5BCBA1C25D5BEB2AD67A91FD407CF2D36710901A ft=1 fh=00640f97360e4fc8 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Desktop\PhotoScapee\PhotoScape_V3.6.3.exe"
sh=AF9C5CB72E9C0BB6D8AB0BCCA1C2FAA55CCDDCE2 ft=0 fh=0000000000000000 vn="Win32/Keygen.HU potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\Vegas\SVP 11 i7.rar"
sh=131570445D6E0DCCC0BCB04F80570F25AFB894FE ft=1 fh=6255ad7170b21b1e vn="a variant of Win32/HackTool.Inject.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\war\Winject.exe"
sh=ACC01DDA32E4EF801BEA7265ACE2C7C3BF0F3BAC ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Inject.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Piratas\war\Winject.rar"
sh=A42B53D7A2DAF356969D5961AA7D0533BDF0FDC9 ft=1 fh=0cc57f0d3f7428e3 vn="Win32/HackTool.Crack.M potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Tibia\ElfCrack.exe"
sh=011811A08D4EE49BD60E4E7F1C9DC4BAAD40FAAF ft=1 fh=13029dce81e57bd0 vn="a variant of Win32/InstallCore.AZ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Desktop\Utilidades\950502_SlimDrivers-DW.exe"
sh=3CFFA088D9BC2BB2E57F5777F561133202A385BA ft=1 fh=a8bc6723eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\advanced-systemcare-619221-baixaki-32-bits.exe"
sh=C06F4564CB4251CAE2D8EF99BC1ED461A799626F ft=1 fh=fac5f2f2f4c4c1be vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\asc-setup.exe"
sh=4F7B0EEDAA8F96CDE4A05909FED0A37B2E83C6CD ft=1 fh=567a13cfe4110a61 vn="Win32/InstallCore.BL potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\audacity-203-baixaki-32-bits.exe"
sh=CC0F7CAA0683D028B0CDA6E265246546D1F07549 ft=1 fh=4dd94c23ca901d44 vn="MSIL/Solimba.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\avast.exe"
sh=F262D8F708F1E29C62BCF7A6876601B27A8A47CB ft=1 fh=c67285a7eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\daemon-tools-lite-44610328-baixaki-32-bits.exe"
sh=BECBC8A4096CAD30C091DC83533D829EBC23814D ft=1 fh=48c9390da8713cae vn="Win32/DownWare.L potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\DTLite4461-0328.exe"
sh=C4F0E4BD6F6B25918C7C89153A01A5D09B70D6C5 ft=1 fh=7f8e6b47eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\fraps-359-baixaki-32-bits (1).exe"
sh=2AB0EB6FF47DBA3D27A804BF5C646C3933897738 ft=1 fh=ad6a125cd449c7d0 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hamachi²-210374-32-bits.exe"
sh=20BA0E7DA38707664DD7A58F4A87F656E81A291F ft=1 fh=336e32bbeaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hd-tune-pro-500-baixaki-32-bits.exe"
sh=C91529398B2156A5703D2AF637D882EB3F5BBFD4 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hide-my-ip-53017648-32-bits.exe"
sh=C6957E4CC1A0E904A65B930F131B2761D58991A3 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\hotspot-shield-337-32-bits.exe"
sh=424243697B1909C0CDED0EBF9552F490BFDB75FD ft=1 fh=af768ae3eaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\msi-afterburner-231-baixaki-32-bits.exe"
sh=490FE7FC087756CDB58788C126EDD8629601C09A ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\powerstrip-390-build-712-32-bits.exe"
sh=EA2D67EF0D45E8119357771ABD428056946584C6 ft=1 fh=5b0170507ab1d346 vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\speccy-122536-32-bits.exe"
sh=B8895BB21261766F960D2B6D5F22B0DD7A818812 ft=1 fh=fd6c520b6b39aef5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\spsetup122_536.exe"
sh=28C1782B73F01B71E653BCBA3FFBE06C574F7DD7 ft=1 fh=3cea4d0feaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\trackmania-nations-forever--baixaki-32-bits (1).exe"
sh=28C1782B73F01B71E653BCBA3FFBE06C574F7DD7 ft=1 fh=3cea4d0feaaced30 vn="a variant of Win32/InstallCore.BY potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\trackmania-nations-forever--baixaki-32-bits.exe"
sh=516432369E1E4974BBFC0F70E922B1735EF740F6 ft=1 fh=c71c0011f1d48d92 vn="a variant of Win32/InstallCore.ND potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\tunnelbear-22190-32-bits.exe"
sh=FAD8931750B9F778F5C2C870219A8734B31A35E3 ft=1 fh=55b183798df9139a vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\utorrent-323-build-28705-baixaki-32-bits (1).exe"
sh=FAD8931750B9F778F5C2C870219A8734B31A35E3 ft=1 fh=55b183798df9139a vn="a variant of Win32/InstallCore.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Lucca\Downloads\utorrent-323-build-28705-baixaki-32-bits.exe"
sh=1716FE9A2A698BE48053918584177213BEE2F0A4 ft=1 fh=136221bcdc008b1d vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_Lucca_Downloads_749-HSS-install-hss-391-conduit.exe.vir"
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
O problema ainda está aparecendo? Em quais navegadores ele aparece?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Os processos que ele mais aparece sao os seguintes:
svchost.exe
chrome.exe
launcher.exe
svchost.exe
chrome.exe
launcher.exe
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Sim, mas em quais navegadores o problema da URL maliciosa ocorre?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Google Chrome
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
Execute novamente o OTL (como você fez no início de seu tópico) e poste aqui os novos relatórios dele para podermos analisar.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
Esse é a detecção mais comum do mesmo.
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Re: URL:Mal Thread Como remover?
sim, poste os novos logs do OTL para vermos como está a situação.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: URL:Mal Thread Como remover?
OLG LOG
OTL logfile created on: 19/05/2014 20:40:08 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucca\Desktop
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,91 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 69,25% Memory free
7,82 Gb Paging File | 6,11 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): c:\pagefile.sys 4003 20009 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681,93 Gb Total Space | 545,71 Gb Free Space | 80,02% Space Free | Partition Type: NTFS
Computer Name: LUCCA-PC | User Name: Lucca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/15 20:57:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
PRC - [2013/08/30 04:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 04:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/06 16:55:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2013/05/10 16:17:33 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013/01/15 17:47:28 | 000,703,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2013/01/15 17:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/02/16 14:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2012/01/27 15:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2012/01/26 20:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011/09/24 17:43:40 | 000,534,016 | ---- | M] (Dxtory Software) -- C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe
PRC - [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/10 16:17:33 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2013/01/15 17:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
MOD - [2013/01/15 17:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
MOD - [2013/01/15 17:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
MOD - [2013/01/15 17:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
MOD - [2012/11/26 14:32:47 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a3ffdc1316821b5ceb32c9a788334329\System.Xaml.ni.dll
MOD - [2012/11/26 14:32:33 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\613ca3fba5bbcf6e9346170c9c2e4e65\System.WorkflowServices.ni.dll
MOD - [2012/11/26 14:32:18 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\01a1449b79d76e7cf39438cdd55cefbf\System.ServiceModel.Web.ni.dll
MOD - [2012/11/26 14:32:14 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
MOD - [2012/11/26 14:31:30 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2012/11/26 14:31:13 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\92422bb40324d57ccd11c1cd9d50d8cf\System.IdentityModel.ni.dll
MOD - [2012/11/26 14:31:12 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
MOD - [2012/11/26 14:31:10 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\64ef7169e1266b6a98131b82bddd234b\System.ServiceModel.ni.dll
MOD - [2012/11/26 14:31:10 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
MOD - [2012/11/14 19:12:24 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012/11/14 13:42:27 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\813a0913bea1269e48613509609e72b4\PresentationFramework.ni.dll
MOD - [2012/11/14 13:42:18 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8244412387a82c0acd3d63622e22cef5\PresentationCore.ni.dll
MOD - [2012/11/14 13:42:16 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9211f2faac02f0082b201a95731736c4\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 13:42:12 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\44a7d2597981a82da8b9e3e2298602de\System.Core.ni.dll
MOD - [2012/11/14 13:42:09 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\419103071a5a5d17738afbe9dd03d58a\System.Xml.ni.dll
MOD - [2012/11/14 13:42:07 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9dacf8a5033dfbcb435be166d2f42cdf\WindowsBase.ni.dll
MOD - [2012/11/14 13:42:06 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\17bfc7131aca3a393f430121f79307bd\System.Drawing.ni.dll
MOD - [2012/11/14 13:42:05 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\4844dd28e0611d1ebd1e449fe822c2a5\System.Configuration.ni.dll
MOD - [2012/11/14 13:42:04 | 009,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5286fe2d0167eb835a9f11025f1cb756\System.ni.dll
MOD - [2012/11/14 13:42:00 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
MOD - [2012/11/14 13:31:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 13:31:10 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2012/11/14 13:30:57 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2012/11/14 13:30:46 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2012/11/14 13:30:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2012/11/14 13:30:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2012/11/14 13:30:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2012/11/14 13:30:34 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2012/11/14 13:30:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2012/11/14 13:30:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2012/11/14 13:21:42 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2010/11/21 06:37:11 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2010/11/21 06:37:04 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/03/30 03:43:28 | 002,211,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2012/12/26 09:52:34 | 000,182,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/12/26 09:49:32 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/12/26 09:47:40 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2014/05/13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/04/23 19:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/04/15 16:07:54 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/03/30 06:17:18 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe -- (BBSvc)
SRV - [2013/08/30 04:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/06/06 16:55:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2013/03/06 20:37:43 | 005,110,864 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/15 17:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/16 20:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2012/11/14 13:27:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/16 14:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/05/20 10:15:20 | 000,080,032 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [1999/12/31 21:00:00 | 000,322,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [1999/12/31 21:00:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/05/15 04:25:38 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\69375366.sys -- (69375366)
DRV:64bit: - [2014/03/24 17:12:06 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/08/30 04:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 04:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 04:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/30 04:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/08/30 04:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/08/30 04:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 04:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 04:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/06/26 14:19:03 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/02 15:34:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/12/26 09:52:44 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/12/26 09:51:24 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/12/26 09:50:48 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/12/26 09:49:42 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/12/26 09:49:00 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/12/26 09:48:30 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/14 19:12:35 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/11/14 19:12:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/11/14 19:12:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/12 11:22:50 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/16 13:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/05/20 11:15:34 | 000,282,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/05/20 10:15:34 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/05/20 10:15:34 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/05/20 10:15:34 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/05/20 10:15:34 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/05/20 10:15:34 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/05/20 10:15:32 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/05/17 03:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/01 00:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/01/12 21:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 21:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 21:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 06:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [1999/12/31 21:00:00 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [1999/12/31 21:00:00 | 000,541,184 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV - [2013/05/08 09:52:48 | 000,049,536 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2010/11/01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = C:\Windows\SysWOW64\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{22B788EC-E645-44CD-9889-0404060E62D2}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\..\SearchScopes\{22B788EC-E645-44CD-9889-0404060E62D2}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012/12/01 15:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Pesquisa do Google = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2010/12/23 15:08:04 | 000,000,780 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL File not found
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL File not found
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\URLREDIR.DLL ()
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Arquivos de Programas\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Arquivos de Programas\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIE.dll ()
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIE.dll ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll ()
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/16 22:57:01 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/18 12:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/05/18 11:53:15 | 000,000,000 | ---D | C] -- C:\Users\Lucca\Desktop\Vírus
[2014/05/17 14:21:21 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/17 14:19:47 | 002,067,456 | ---- | C] (Farbar) -- C:\Users\Lucca\Desktop\FRST64.exe
[2014/05/17 10:41:34 | 000,000,000 | ---D | C] -- C:\Pre_Scan
[2014/05/17 09:14:07 | 000,000,000 | ---D | C] -- C:\Shortcut_Module
[2014/05/16 15:55:01 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/16 15:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/16 15:54:43 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/16 15:54:43 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/16 15:54:42 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/16 15:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/16 15:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/16 13:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/05/16 13:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/05/16 13:22:08 | 000,000,000 | ---D | C] -- C:\Users\Lucca\AppData\Roaming\ZHP
[2014/05/16 12:57:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/15 23:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014/05/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014/05/15 22:57:00 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/15 22:56:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/15 22:39:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/05/15 22:32:54 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014/05/15 22:32:54 | 000,000,000 | ---D | C] -- C:\Users\Lucca\AppData\Local\Temp
[2014/05/15 22:20:44 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/05/15 20:57:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
[2014/05/14 23:02:22 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\69375366.sys
[2014/05/14 22:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/05/13 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/13 19:21:14 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/05/13 15:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2014/04/30 19:49:45 | 000,000,000 | ---D | C] -- C:\Users\Lucca\Documents\Gunz2
[2014/04/28 22:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/04/28 21:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/04/28 21:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/04/28 21:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/04/24 22:08:37 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/19 20:39:20 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/19 20:38:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/19 20:33:02 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/19 20:32:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/18 11:53:36 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/18 11:53:36 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/18 11:45:00 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2014/05/18 11:45:00 | 000,010,266 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2014/05/18 11:45:00 | 000,003,641 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2014/05/18 11:45:00 | 000,001,814 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2014/05/18 11:45:00 | 000,001,402 | ---- | M] () -- C:\Windows\SysWow64\drivers\gas.cer
[2014/05/18 11:44:51 | 3148,787,712 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/17 14:20:05 | 002,067,456 | ---- | M] (Farbar) -- C:\Users\Lucca\Desktop\FRST64.exe
[2014/05/16 22:40:25 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/15 22:42:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/15 22:22:01 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/05/15 20:57:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
[2014/05/15 04:25:38 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\69375366.sys
[2014/05/14 23:02:44 | 000,000,974 | ---- | M] () -- C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
[2014/05/13 21:30:50 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/05/13 21:30:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/05/13 21:29:19 | 005,088,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/21 20:04:19 | 001,628,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/21 20:04:19 | 000,703,580 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2014/04/21 20:04:19 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/21 20:04:19 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2014/04/21 20:04:19 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/05/15 22:32:55 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/05/14 23:02:44 | 000,000,974 | ---- | C] () -- C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
[2013/08/08 16:09:51 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/08/08 16:09:49 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2013/08/08 16:09:46 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013/06/29 14:58:34 | 000,000,105 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/06/06 19:58:13 | 000,011,776 | ---- | C] () -- C:\Users\Lucca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/06 16:55:12 | 000,291,096 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/06 16:55:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/02/24 17:44:58 | 000,524,288 | ---- | C] () -- C:\Program Files (x86)\HoNLatinClient-3.0.0.5.exe.a5hon
[2013/02/21 19:33:50 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012/11/28 19:25:56 | 000,007,632 | ---- | C] () -- C:\Users\Lucca\AppData\Local\Resmon.ResmonCfg
[2012/11/14 18:45:51 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/11/14 18:45:45 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/06/22 12:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\ESGScanner.sys
========== ZeroAccess Check ==========
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/14 19:12:36 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/14 19:12:36 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/02/15 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\.minecraft
[2014/03/11 15:26:25 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Audacity
[2012/11/26 13:26:16 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Awesomium
[2013/02/10 11:04:04 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/04/21 14:20:01 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\com.shirogames.evoland
[2013/11/26 20:57:48 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\DAEMON Tools Lite
[2013/02/26 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\HD Tune Pro
[2012/12/19 15:55:29 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\IDT
[2013/07/23 00:22:06 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\IObit
[2013/05/10 19:15:20 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\LolClient
[2013/12/16 15:14:07 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\openvr
[2013/05/31 10:57:49 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\PhotoScape
[2013/02/12 13:56:39 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Publish Providers
[2013/10/04 13:07:21 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Riot Games
[2012/12/09 14:42:23 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\RotMG.Production
[2013/02/12 13:56:37 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Sony
[2013/12/26 18:24:04 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Tibia
[2014/04/24 21:46:17 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\TS3Client
[2014/05/17 09:47:36 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Unity
[2013/12/27 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\uTorrent
[2013/12/16 18:46:52 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Wise Disk Cleaner
[2014/05/16 14:48:43 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\ZHP
========== Purity Check ==========
< End of report >
OTL logfile created on: 19/05/2014 20:40:08 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucca\Desktop
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,91 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 69,25% Memory free
7,82 Gb Paging File | 6,11 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): c:\pagefile.sys 4003 20009 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681,93 Gb Total Space | 545,71 Gb Free Space | 80,02% Space Free | Partition Type: NTFS
Computer Name: LUCCA-PC | User Name: Lucca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/15 20:57:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
PRC - [2013/08/30 04:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 04:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/06 16:55:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2013/05/10 16:17:33 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013/01/15 17:47:28 | 000,703,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2013/01/15 17:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/02/16 14:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2012/01/27 15:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2012/01/26 20:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011/09/24 17:43:40 | 000,534,016 | ---- | M] (Dxtory Software) -- C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe
PRC - [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/10 16:17:33 | 004,284,976 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2013/01/15 17:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
MOD - [2013/01/15 17:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
MOD - [2013/01/15 17:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
MOD - [2013/01/15 17:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
MOD - [2012/11/26 14:32:47 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a3ffdc1316821b5ceb32c9a788334329\System.Xaml.ni.dll
MOD - [2012/11/26 14:32:33 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\613ca3fba5bbcf6e9346170c9c2e4e65\System.WorkflowServices.ni.dll
MOD - [2012/11/26 14:32:18 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\01a1449b79d76e7cf39438cdd55cefbf\System.ServiceModel.Web.ni.dll
MOD - [2012/11/26 14:32:14 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
MOD - [2012/11/26 14:31:30 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2012/11/26 14:31:13 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\92422bb40324d57ccd11c1cd9d50d8cf\System.IdentityModel.ni.dll
MOD - [2012/11/26 14:31:12 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
MOD - [2012/11/26 14:31:10 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\64ef7169e1266b6a98131b82bddd234b\System.ServiceModel.ni.dll
MOD - [2012/11/26 14:31:10 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
MOD - [2012/11/14 19:12:24 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012/11/14 13:42:27 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\813a0913bea1269e48613509609e72b4\PresentationFramework.ni.dll
MOD - [2012/11/14 13:42:18 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8244412387a82c0acd3d63622e22cef5\PresentationCore.ni.dll
MOD - [2012/11/14 13:42:16 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9211f2faac02f0082b201a95731736c4\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 13:42:12 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\44a7d2597981a82da8b9e3e2298602de\System.Core.ni.dll
MOD - [2012/11/14 13:42:09 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\419103071a5a5d17738afbe9dd03d58a\System.Xml.ni.dll
MOD - [2012/11/14 13:42:07 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9dacf8a5033dfbcb435be166d2f42cdf\WindowsBase.ni.dll
MOD - [2012/11/14 13:42:06 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\17bfc7131aca3a393f430121f79307bd\System.Drawing.ni.dll
MOD - [2012/11/14 13:42:05 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\4844dd28e0611d1ebd1e449fe822c2a5\System.Configuration.ni.dll
MOD - [2012/11/14 13:42:04 | 009,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5286fe2d0167eb835a9f11025f1cb756\System.ni.dll
MOD - [2012/11/14 13:42:00 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
MOD - [2012/11/14 13:31:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 13:31:10 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2012/11/14 13:30:57 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2012/11/14 13:30:46 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2012/11/14 13:30:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2012/11/14 13:30:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2012/11/14 13:30:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2012/11/14 13:30:34 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2012/11/14 13:30:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2012/11/14 13:30:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2012/11/14 13:21:42 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2010/11/21 06:37:11 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2010/11/21 06:37:04 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\System.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/03/30 03:43:28 | 002,211,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2012/12/26 09:52:34 | 000,182,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/12/26 09:49:32 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/12/26 09:47:40 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2014/05/13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/04/23 19:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/04/15 16:07:54 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/03/30 06:17:18 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe -- (BBSvc)
SRV - [2013/08/30 04:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/06/06 16:55:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2013/03/06 20:37:43 | 005,110,864 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/15 17:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/16 20:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2012/11/14 13:27:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/16 14:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/05/20 10:15:20 | 000,080,032 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [1999/12/31 21:00:00 | 000,322,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [1999/12/31 21:00:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Arquivos de Programas\IDT\WDM\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/05/15 04:25:38 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\69375366.sys -- (69375366)
DRV:64bit: - [2014/03/24 17:12:06 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/08/30 04:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 04:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 04:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/30 04:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/08/30 04:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/08/30 04:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 04:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 04:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/06/26 14:19:03 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/02 15:34:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/12/26 09:52:44 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/12/26 09:51:24 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/12/26 09:50:48 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/12/26 09:49:42 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/12/26 09:49:00 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/12/26 09:48:30 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/14 19:12:35 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/11/14 19:12:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/11/14 19:12:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/12 11:22:50 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/16 13:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/05/20 11:15:34 | 000,282,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/05/20 10:15:34 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/05/20 10:15:34 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/05/20 10:15:34 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/05/20 10:15:34 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/05/20 10:15:34 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/05/20 10:15:32 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/05/17 03:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/01 00:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/01/12 21:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 21:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 21:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 06:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [1999/12/31 21:00:00 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [1999/12/31 21:00:00 | 000,541,184 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV - [2013/05/08 09:52:48 | 000,049,536 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2010/11/01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = C:\Windows\SysWOW64\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{22B788EC-E645-44CD-9889-0404060E62D2}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,BrowserMngr Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKLM\..\SearchScopes\{22B788EC-E645-44CD-9889-0404060E62D2}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012/12/01 15:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Pesquisa do Google = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2010/12/23 15:08:04 | 000,000,780 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL File not found
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL File not found
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\URLREDIR.DLL ()
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Arquivos de Programas\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Arquivos de Programas\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIE.dll ()
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIE.dll ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll ()
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7859FF5B-5A3B-429A-A140-AFDA404C580D}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Arquivos de Programas\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1550442790-2615337950-2059632435-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/16 22:57:01 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/18 12:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/05/18 11:53:15 | 000,000,000 | ---D | C] -- C:\Users\Lucca\Desktop\Vírus
[2014/05/17 14:21:21 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/17 14:19:47 | 002,067,456 | ---- | C] (Farbar) -- C:\Users\Lucca\Desktop\FRST64.exe
[2014/05/17 10:41:34 | 000,000,000 | ---D | C] -- C:\Pre_Scan
[2014/05/17 09:14:07 | 000,000,000 | ---D | C] -- C:\Shortcut_Module
[2014/05/16 15:55:01 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/16 15:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/16 15:54:43 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/16 15:54:43 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/16 15:54:42 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/16 15:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/16 15:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/16 13:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/05/16 13:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/05/16 13:22:08 | 000,000,000 | ---D | C] -- C:\Users\Lucca\AppData\Roaming\ZHP
[2014/05/16 12:57:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/15 23:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014/05/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014/05/15 22:57:00 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/15 22:56:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/15 22:39:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/05/15 22:32:54 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014/05/15 22:32:54 | 000,000,000 | ---D | C] -- C:\Users\Lucca\AppData\Local\Temp
[2014/05/15 22:20:44 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/05/15 20:57:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
[2014/05/14 23:02:22 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\69375366.sys
[2014/05/14 22:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/05/13 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/13 19:21:14 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/05/13 15:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2014/04/30 19:49:45 | 000,000,000 | ---D | C] -- C:\Users\Lucca\Documents\Gunz2
[2014/04/28 22:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/04/28 21:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/04/28 21:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/04/28 21:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/04/24 22:08:37 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/19 20:39:20 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/19 20:38:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/19 20:33:02 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/19 20:32:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/18 11:53:36 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/18 11:53:36 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/18 11:45:00 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2014/05/18 11:45:00 | 000,010,266 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2014/05/18 11:45:00 | 000,003,641 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2014/05/18 11:45:00 | 000,001,814 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2014/05/18 11:45:00 | 000,001,402 | ---- | M] () -- C:\Windows\SysWow64\drivers\gas.cer
[2014/05/18 11:44:51 | 3148,787,712 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/17 14:20:05 | 002,067,456 | ---- | M] (Farbar) -- C:\Users\Lucca\Desktop\FRST64.exe
[2014/05/16 22:40:25 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/15 22:42:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/15 22:22:01 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/05/15 20:57:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucca\Desktop\OTL.exe
[2014/05/15 04:25:38 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\69375366.sys
[2014/05/14 23:02:44 | 000,000,974 | ---- | M] () -- C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
[2014/05/13 21:30:50 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/05/13 21:30:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/05/13 21:29:19 | 005,088,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/21 20:04:19 | 001,628,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/21 20:04:19 | 000,703,580 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2014/04/21 20:04:19 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/21 20:04:19 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2014/04/21 20:04:19 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/05/15 22:32:55 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/05/14 23:02:44 | 000,000,974 | ---- | C] () -- C:\Users\Lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69375366.lnk
[2013/08/08 16:09:51 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/08/08 16:09:49 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2013/08/08 16:09:46 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013/06/29 14:58:34 | 000,000,105 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/06/06 19:58:13 | 000,011,776 | ---- | C] () -- C:\Users\Lucca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/06 16:55:12 | 000,291,096 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/06 16:55:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/02/24 17:44:58 | 000,524,288 | ---- | C] () -- C:\Program Files (x86)\HoNLatinClient-3.0.0.5.exe.a5hon
[2013/02/21 19:33:50 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012/11/28 19:25:56 | 000,007,632 | ---- | C] () -- C:\Users\Lucca\AppData\Local\Resmon.ResmonCfg
[2012/11/14 18:45:51 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/11/14 18:45:45 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/06/22 12:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\ESGScanner.sys
========== ZeroAccess Check ==========
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/14 19:12:36 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/14 19:12:36 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/02/15 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\.minecraft
[2014/03/11 15:26:25 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Audacity
[2012/11/26 13:26:16 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Awesomium
[2013/02/10 11:04:04 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/04/21 14:20:01 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\com.shirogames.evoland
[2013/11/26 20:57:48 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\DAEMON Tools Lite
[2013/02/26 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\HD Tune Pro
[2012/12/19 15:55:29 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\IDT
[2013/07/23 00:22:06 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\IObit
[2013/05/10 19:15:20 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\LolClient
[2013/12/16 15:14:07 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\openvr
[2013/05/31 10:57:49 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\PhotoScape
[2013/02/12 13:56:39 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Publish Providers
[2013/10/04 13:07:21 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Riot Games
[2012/12/09 14:42:23 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\RotMG.Production
[2013/02/12 13:56:37 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Sony
[2013/12/26 18:24:04 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Tibia
[2014/04/24 21:46:17 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\TS3Client
[2014/05/17 09:47:36 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Unity
[2013/12/27 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\uTorrent
[2013/12/16 18:46:52 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\Wise Disk Cleaner
[2014/05/16 14:48:43 | 000,000,000 | ---D | M] -- C:\Users\Lucca\AppData\Roaming\ZHP
========== Purity Check ==========
< End of report >
UCshot- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 15/05/2014
Página 2 de 3 • 1, 2, 3
Tópicos semelhantes
» Remover o istartsurf
» Remover YAC
» Remover vzr-a.akamaihd.net
» Remover o awesomehp
» Infecção após ter recebido e aberto email
» Remover YAC
» Remover vzr-a.akamaihd.net
» Remover o awesomehp
» Infecção após ter recebido e aberto email
Página 2 de 3
Permissões neste sub-fórum
Não podes responder a tópicos