Remoção de vírus

VoiderX · 07/03/2013

Mr.Wolf disse:
Somente o do OTL.

Meu AV tá acusando como perigoso o link :poker:

Tem como passar outro?

anderson_act · 09/03/2013

Galera talvez aqui não seja a área ideal mas estou tendo um problema

Ao tentar usar o client de correio WLM Windows Live Mail ele apresentava um erro, ao pesquisar diversos possíveis problemas eu detectei que o era um serviço do windows desativado que teria que ativa-lo.
Mas ao fazer isso, ele funciona mas logo em seguida o serviço para de funcionar

Pensei que fosse o antivirus Mcafee, mas mesmo sem ele apresenta o problema
Tentei usar o combofix mas não funciona no Win8
Tentei restaurar o sistema e não dá, apresenta o mesmo erro

Sempre o serviço para de funcionar, tenho q ativa-lo manualmente para abrir o email.

Alguma ajuda
------------

Mr.Wolf · 12/03/2013

X.DragonSlayer.X disse:
Meu AV tá acusando como perigoso o link
Tem como passar outro?

Isso é falso positivo do seu antivirus. Não adianta passar outro link pois a detecção errônea é com o a ferramenta em si, e não com o link. O OTL, assim como ComboFix e outras, são ferramentas baseadas em scripts. Muitos antivirus podem identificá-las como ameaças, porém, não passa de falso positivo deles.

Se você ainda assim estiver inseguro quanto a utilização do OTL, poste um log do HijackThis mesmo.

bassoli · 13/03/2013

Mr. Wolf resolvi o problema com a ajuda de outro anjo do forum LD.
Mas vejo que o problema não foi só comigo.

Mesmo assim obrigado!

VoiderX · 15/03/2013

Fiz o procedimento, está indo em 2 posts porque excede o limite:
OTL

OTL logfile created on: 15/03/2013 17:11:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gabriel\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

8,00 Gb Total Physical Memory | 6,12 Gb Available Physical Memory | 76,50% Memory free
15,99 Gb Paging File | 13,78 Gb Available in Paging File | 86,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 34,80 Gb Free Space | 31,16% Space Free | Partition Type: NTFS
Drive D: | 136,72 Gb Total Space | 131,61 Gb Free Space | 96,27% Space Free | Partition Type: NTFS
Drive E: | 96,17 Gb Total Space | 86,36 Gb Free Space | 89,81% Space Free | Partition Type: NTFS

Computer Name: GABRIEL-PC | User Name: Gabriel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/15 17:10:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriel\Desktop\OTL.exe
PRC - [2013/03/09 13:13:14 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/15 19:40:20 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/12/18 11:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/06 11:04:24 | 000,656,576 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
PRC - [2012/05/22 08:38:34 | 001,766,400 | ---- | M] (Corsair Components Inc) -- C:\Program Files (x86)\Corsair\M60 Mouse\M60Hid.exe
PRC - [2012/04/16 18:32:26 | 000,251,392 | ---- | M] (Corsair Components Inc) -- C:\Program Files (x86)\Corsair\M60 Mouse\CorsTra.exe
PRC - [2010/01/22 11:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/12/28 10:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/07/07 12:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009/03/30 11:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
PRC - [2009/02/23 00:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/09 13:13:14 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/14 11:41:24 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Corsair\M60 Mouse\hidGetKey.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2009/07/30 13:54:04 | 000,170,496 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/03/30 11:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
MOD - [2009/02/06 17:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL

========== Services (SafeList) ==========

SRV:64bit: - [2012/12/19 16:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/12/19 14:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/11/09 05:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/11/09 05:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/10/07 02:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/10/07 02:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/10/07 02:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2012/10/07 02:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/10/07 02:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/10/07 02:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/09 13:13:14 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/15 19:40:20 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/01/08 11:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/01 13:26:47 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2013/01/01 13:26:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/12/18 11:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/22 03:42:06 | 000,378,952 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/10/06 06:28:16 | 001,007,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV - [2011/12/09 13:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/04/13 19:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/12/28 10:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 00:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/09 06:28:09 | 000,030,112 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2012/12/19 17:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 16:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/09 05:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/11/09 05:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/11/09 05:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/11/09 05:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/11/09 05:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/11/09 05:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/11/06 08:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/11/02 00:46:50 | 000,328,976 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2012/11/02 00:46:50 | 000,097,208 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2012/10/19 08:51:50 | 000,074,120 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2012/05/28 09:28:18 | 000,197,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/27 09:58:30 | 000,025,600 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WIMBLEMS.sys -- (WIMBLEMS)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/11/21 00:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 00:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 00:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 00:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 00:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/04/13 19:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2010/03/17 07:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010/03/02 08:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/01/22 11:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 11:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/29 05:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/07 07:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/10/07 07:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/09/29 22:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/07/31 00:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009/07/16 00:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 21:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/04/09 08:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Arquivos de Programas\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2010/05/26 21:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1646403931-1113650008-3152583464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1646403931-1113650008-3152583464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-1646403931-1113650008-3152583464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D F1 C8 CC 36 15 CE 01 [binary data]
IE - HKU\S-1-5-21-1646403931-1113650008-3152583464-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1646403931-1113650008-3152583464-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1646403931-1113650008-3152583464-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Pesquisa Segura"
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://br.search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/03 12:04:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 13:13:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/03/14 19:29:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 13:13:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/01/01 14:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriel\AppData\Roaming\mozilla\Extensions
[2013/02/14 12:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriel\AppData\Roaming\mozilla\Firefox\Profiles\x0seoaz3.default\extensions
[2013/02/14 12:48:54 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Gabriel\AppData\Roaming\mozilla\firefox\profiles\x0seoaz3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/09 13:13:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/01/03 12:04:06 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013/03/09 13:13:14 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/01 14:47:41 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/02 13:24:07 | 000,002,029 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2013/02/27 20:20:09 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [Corsair M60 Mouse] C:\Program Files (x86)\Corsair\M60 Mouse\M60Hid.exe (Corsair Components Inc)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.125.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD644B6-A01C-4A80-AF8F-DD0D52CFAB82}: DhcpNameServer = 194.168.125.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Arquivos de Programas\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/15 17:10:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gabriel\Desktop\OTL.exe
[2013/03/09 13:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/02 16:37:03 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013/03/02 16:37:03 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013/03/02 16:37:03 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013/03/02 16:37:03 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013/03/02 16:37:03 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013/03/02 16:37:03 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013/03/02 16:37:02 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013/03/02 16:37:02 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/03/02 16:37:02 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013/03/02 16:37:02 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013/03/02 16:37:01 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013/03/02 16:37:01 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/03/02 16:37:01 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013/03/02 16:37:01 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013/03/02 16:37:01 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013/03/02 16:37:01 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013/03/02 16:37:00 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013/03/02 16:37:00 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013/03/02 16:37:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013/03/02 16:37:00 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013/03/02 16:37:00 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013/03/02 16:37:00 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013/03/02 16:36:59 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013/03/02 16:36:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013/03/02 16:36:59 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013/03/02 16:36:59 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013/03/02 16:36:58 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013/03/02 16:36:58 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013/03/02 16:36:58 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013/03/02 16:36:58 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013/03/02 16:36:57 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013/03/02 16:36:57 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013/03/02 16:36:57 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013/03/02 16:36:57 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013/03/02 16:36:56 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013/03/02 16:36:56 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013/03/02 16:36:56 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013/03/02 16:36:56 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013/03/02 16:36:55 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013/03/02 16:36:55 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013/03/02 16:36:55 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013/03/02 16:36:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013/03/02 16:36:54 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013/03/02 16:36:54 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013/03/02 16:36:54 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013/03/02 16:36:54 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013/03/02 16:36:54 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013/03/02 16:36:54 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013/03/02 16:36:54 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013/03/02 16:36:54 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013/03/02 16:36:53 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013/03/02 16:36:53 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013/03/02 16:36:53 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013/03/02 16:36:53 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013/03/02 16:36:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013/03/02 16:36:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013/03/02 16:36:52 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013/03/02 16:36:52 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013/03/02 16:36:51 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013/03/02 16:36:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013/03/02 16:36:51 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013/03/02 16:36:51 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013/03/02 16:36:51 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013/03/02 16:36:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013/03/02 16:36:51 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013/03/02 16:36:51 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013/03/02 16:36:50 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013/03/02 16:36:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013/03/02 16:36:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013/03/02 16:36:50 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013/03/02 16:36:50 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013/03/02 16:36:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013/03/02 16:36:49 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013/03/02 16:36:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013/03/02 16:36:49 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013/03/02 16:36:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013/03/02 16:36:48 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013/03/02 16:36:48 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013/03/02 16:36:48 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013/03/02 16:36:48 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013/03/02 16:36:48 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013/03/02 16:36:48 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013/03/02 16:36:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013/03/02 16:36:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013/03/02 16:36:47 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013/03/02 16:36:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013/03/02 16:36:46 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013/03/02 16:36:46 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013/03/02 16:36:46 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013/03/02 16:36:46 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013/03/02 16:36:46 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013/03/02 16:36:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013/03/02 16:36:45 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013/03/02 16:36:45 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013/03/02 16:36:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013/03/02 16:36:45 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013/03/02 16:36:44 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013/03/02 16:36:44 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013/03/02 16:36:44 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013/03/02 16:36:44 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013/03/02 16:36:44 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013/03/02 16:36:44 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013/03/02 16:36:43 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013/03/02 16:36:43 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013/03/02 16:36:43 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013/03/02 16:36:43 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013/03/02 16:36:42 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013/03/02 16:36:42 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013/03/02 16:36:42 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013/03/02 16:36:42 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013/03/02 16:36:41 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013/03/02 16:36:41 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013/03/02 16:36:41 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013/03/02 16:36:41 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013/03/02 16:36:40 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013/03/02 16:36:40 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013/03/02 16:36:40 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013/03/02 16:36:40 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013/03/02 16:36:40 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013/03/02 16:36:40 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013/03/02 16:36:39 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013/03/02 16:36:39 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013/03/02 16:36:39 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013/03/02 16:36:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013/03/02 16:36:39 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013/03/02 16:36:39 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013/03/02 16:36:39 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013/03/02 16:36:39 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013/03/02 16:36:38 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013/03/02 16:36:38 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013/03/02 16:36:38 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013/03/02 16:36:38 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013/03/02 16:36:37 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013/03/02 16:36:37 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013/03/02 16:36:37 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013/03/02 16:36:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013/03/02 16:36:37 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013/03/02 16:36:37 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013/03/02 16:36:36 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013/03/02 16:36:36 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013/03/02 16:36:36 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013/03/02 16:36:36 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013/03/02 16:36:35 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013/03/02 16:36:35 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013/03/02 16:36:35 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013/03/02 16:36:35 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013/03/02 16:36:35 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013/03/02 16:36:35 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013/03/02 16:36:34 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013/03/02 16:36:34 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013/03/02 16:36:34 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013/03/02 16:36:34 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013/03/02 16:36:34 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013/03/02 16:36:34 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013/03/02 16:36:34 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013/03/02 16:36:34 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013/03/02 16:36:33 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013/03/02 16:36:33 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013/03/02 16:36:33 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013/03/02 16:36:33 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013/03/02 16:36:33 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013/03/02 16:36:33 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013/03/02 16:36:32 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013/03/02 16:36:32 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013/03/02 16:36:28 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013/03/02 16:36:28 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013/03/02 16:36:27 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013/03/02 16:36:27 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013/03/02 16:36:27 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013/03/02 16:36:27 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013/03/02 16:36:27 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013/03/02 16:36:27 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013/03/02 16:36:26 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013/03/02 16:36:26 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013/03/02 16:36:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013/03/02 16:36:26 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013/03/02 16:36:25 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013/03/02 16:36:25 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013/03/02 16:36:25 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013/03/02 16:36:25 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013/03/02 16:36:24 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013/03/02 16:36:24 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/15 17:10:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriel\Desktop\OTL.exe
[2013/03/15 17:07:58 | 000,021,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 17:07:58 | 000,021,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 17:04:36 | 001,655,010 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/15 17:04:36 | 000,712,376 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013/03/15 17:04:36 | 000,660,218 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/15 17:04:36 | 000,150,708 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013/03/15 17:04:36 | 000,124,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/15 17:04:26 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2013/03/15 16:59:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/14 17:24:50 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/14 17:24:50 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/01 18:40:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/02/23 20:53:40 | 000,001,345 | ---- | M] () -- C:\Users\Gabriel\Desktop\Media Center.lnk
[2013/02/14 19:01:26 | 000,000,772 | ---- | M] () -- C:\Users\Gabriel\Desktop\89rock64k.mp3.asx
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/01 18:40:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/02/23 20:53:40 | 000,001,345 | ---- | C] () -- C:\Users\Gabriel\Desktop\Media Center.lnk
[2013/02/14 19:02:01 | 000,000,772 | ---- | C] () -- C:\Users\Gabriel\Desktop\89rock64k.mp3.asx
[2013/01/13 04:26:51 | 000,000,095 | ---- | C] () -- C:\Users\Gabriel\AppData\Local\fusioncache.dat
[2013/01/13 04:25:38 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/01/13 04:25:36 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/01/13 04:25:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/01/01 16:28:52 | 001,178,629 | ---- | C] () -- C:\Windows\unins000.exe
[2013/01/01 16:28:52 | 000,045,233 | ---- | C] () -- C:\Windows\unins000.dat
[2013/01/01 16:22:23 | 001,670,034 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/01 13:45:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/01/01 13:33:34 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2013/01/01 13:33:34 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/01/01 13:26:57 | 000,170,496 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013/01/01 13:26:57 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013/01/01 13:26:57 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2013/01/01 13:26:57 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2013/01/01 13:26:57 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2013/01/01 13:23:56 | 000,046,129 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/01/01 13:23:25 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/01/01 13:23:19 | 000,033,159 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/12/02 04:38:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/12/02 04:38:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/02 12:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/12 19:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/12 13:11:26 | 000,000,000 | ---D | M] -- C:\Users\Gabriel\AppData\Roaming\Origin
[2013/01/03 01:27:12 | 000,000,000 | ---D | M] -- C:\Users\Gabriel\AppData\Roaming\Ubisoft

========== Purity Check ==========

< End of report >

VoiderX · 15/03/2013

Extras

OTL Extras logfile created on: 15/03/2013 17:11:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gabriel\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

8,00 Gb Total Physical Memory | 6,12 Gb Available Physical Memory | 76,50% Memory free
15,99 Gb Paging File | 13,78 Gb Available in Paging File | 86,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 34,80 Gb Free Space | 31,16% Space Free | Partition Type: NTFS
Drive D: | 136,72 Gb Total Space | 131,61 Gb Free Space | 96,27% Space Free | Partition Type: NTFS
Drive E: | 96,17 Gb Total Space | 86,36 Gb Free Space | 89,81% Space Free | Partition Type: NTFS

Computer Name: GABRIEL-PC | User Name: Gabriel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1646403931-1113650008-3152583464-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12ECDA14-4CDD-469F-A7CC-EE08AE50349D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{269C462D-7B74-443F-9B96-AC9A27CC26CD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BB4ACF6-EB70-49C8-B56E-F08C8560C633}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2C89503A-AA90-426B-88BB-40D111DE70EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{35F681E2-6F6B-44FD-B174-12FA7826A5D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3641D5A9-9DE6-4805-879C-5F2744E644B3}" = rport=139 | protocol=6 | dir=out | app=system |
"{6757276B-00FF-4340-8EF8-FB7D2DBFB93B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{69F17128-24F8-4A68-82C9-3EA3A335B0DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6AF9950A-5213-460E-9D4E-3B26ADAE33BE}" = lport=138 | protocol=17 | dir=in | app=system |
"{7797EACF-8DCC-463C-9485-AE79DC62C1CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80F9E04C-753E-4337-8F15-7D7DEF47F2B6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{81ED986A-3551-4AEC-A78F-7D5730D95A3A}" = lport=139 | protocol=6 | dir=in | app=system |
"{C149CF39-56A8-48DF-B6DD-F0113439896A}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB2F1AA5-CC74-4BCE-AE2A-6993F5A74698}" = lport=137 | protocol=17 | dir=in | app=system |
"{D4C607B3-5F9D-4F4A-A345-C6280110D0BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{D6272370-6E89-4146-8CA9-E1EFAB371472}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DFA1E959-697E-4550-8B5F-B7E9AA693EDC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E0CBD1D6-A399-4816-8105-D79CB361B22C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E2F14522-7712-4D30-ADE6-ED1202A252C1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E78B2D36-B709-4C13-9C4D-D12153C84E40}" = rport=137 | protocol=17 | dir=out | app=system |
"{F7D791F6-D796-4CEF-B5CF-B1D35ED4F945}" = rport=138 | protocol=17 | dir=out | app=system |
"{F855A631-76EC-4AB1-94F1-F73C2719AF61}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FF0211-62DF-4450-981C-18F5B1BBB840}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{046E498C-06C4-4AC8-8B7B-FF90200CBA2F}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{05FB3893-DF7F-4310-B438-3851A0B02EA6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0C037520-9E22-43C4-B477-9D4C2D672C66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0C7342EA-8815-4FA5-8C83-79542A4978B7}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{0D1213BC-DEE1-4550-8DBE-9E853BDDB88F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{16E41577-1787-4EBA-B975-24501AF42553}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{17EE4B24-0EFF-48C8-907F-35061F5736BE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D7E447E-2968-4D0A-A6A2-783695CAF78C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{246C5B4F-73D6-403C-ACF8-95942C8FF0ED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{297315E1-CC6E-4D1B-BA44-45979637032C}" = protocol=17 | dir=in | app=d:\levelup games\grand chase\main.exe |
"{30C62C70-856B-46C6-A7B8-CCC52C1C579A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{33CD63F6-C8CB-4BE3-80A6-D2AE84494108}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3E6AFEE5-61B9-4502-8A34-917A59F6D817}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{3F144525-3BE6-499F-9303-FB3F967103F4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{4169F3BB-F038-4F6B-B0FD-B7CA56FDEF4E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{431493C4-BB62-4D97-A208-5C9D2A5FF63F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4AA7C56C-0DF9-4919-B15F-B074E1DA300C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{50831F0B-1603-4728-B11B-2073167C1E9F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{52BC7F88-1054-482C-A770-C2D74BAD0687}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{557D0239-DFC4-41D2-9C28-01EC42ABD216}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5C4C7C42-B4DD-4A3C-B73E-EC1056E25439}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5E47FE5A-9DC1-4EED-8036-A5B6E29E4885}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5FC29EE2-D54E-458E-9D64-7FC2290ACA46}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{64207168-8BBC-4C8F-B65E-4D22377C41AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73017A01-A22F-4D56-AF94-18A675E22ECE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7720FC74-6D24-41EF-AF90-078BA910C2B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman sniper challenge\hmsc.exe |
"{7CA7D527-4B79-40D3-A404-1101EA1C968E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{7F079DF5-49E8-4330-8DFB-E3B434871604}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{88C21200-86BB-4E0B-8F26-539FE26C5527}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8D3B1876-6481-4EF3-AED1-048792B6D64B}" = protocol=6 | dir=out | app=system |
"{8DD2CA1E-CA9C-4DB8-B134-55FAA6D4B140}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E2D5316-7157-4F69-9C07-852610ECD071}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{8E527576-0608-42C1-BC97-228722DAE1A1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{903143F9-FA87-49DC-B23C-34FD134427FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{90A52EEA-4E90-46EE-8F0F-B6485A20292C}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{9803AA91-DC71-4AC5-8F72-63EAEAB5ECD7}" = protocol=58 | dir=in | app=system |
"{996079E2-C3F2-407A-8761-A6FC8A54A122}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B5375503-A043-4C10-A757-7E4B798F8DE6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BB7EBA16-F287-4484-BDC4-F71A257CC100}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE9A230F-EDF1-484F-9E47-77D1AA3B5B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{C33FACFA-B7CD-457C-B92F-52D338D333D3}" = protocol=6 | dir=in | app=d:\levelup games\grand chase\main.exe |
"{C9766789-C039-4A78-8C04-6C1D837C13DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{CE4301BF-00D7-48A5-B0DF-DFC13BAFB768}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DABB7AE1-15B9-4373-82E8-6E84B963246E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DE5FC1CC-B230-46A4-B00D-E68E52E2BF2C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{DE902560-A6B3-4EC6-9742-2002CC41E93B}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{DFFE3A74-07E1-4E7A-81DB-721DEC42ED65}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E0BF98B0-73CE-46DC-B713-1D64EBFEBD8A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman sniper challenge\hmsc.exe |
"{ECE34B6C-2135-49F6-933E-AEA522728F38}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{F25BAEE7-3045-426C-975F-55AB4E7FE595}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{FA1C7E4D-2DDC-456E-88AC-76A1219310D9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{FE791A5B-0167-42B2-B0AD-89AC47DDEEEA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE939839-2C7C-4D09-9765-B0A90EFE38D2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager
"{477347C0-64CF-4E41-8D51-4EB47EEE6460}" = Software básico do dispositivo HP Deskjet 3050 J610 series
"{477D05CA-C151-9CF5-22A1-9DF6DF543CD4}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6C8EEF0B-C4BE-35A7-BF08-7C3C667EB62A}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010
"{B165B42D-0291-D45A-ACE2-D0144CB9FD3E}" = AMD Fuel
"{B2B47795-9ABC-37C1-0633-68B1B7104543}" = AMD Drag and Drop Transcoding
"{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{C1ACBDBF-6F86-185A-E158-AB07893968FC}" = AMD Accelerated Video Transcoding
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CPUID ROG CPU-Z_is1" = CPUID ROG CPU-Z 1.58
"HWiNFO64_is1" = HWiNFO64 Version 4.12
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek
"{022BC727-ACB7-4C1D-109C-177515714A32}" = AMD VISION Engine Control Center
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish
"{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English
"{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard
"{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish
"{337CDF25-8F3C-4DEF-8A94-5A9BFC961368}_is1" = Controlador para mouse Corsair M60, V1.0
"{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch
"{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian
"{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian
"{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French
"{818690C7-8DA5-4623-BBA8-A73CFBD44077}" = Sound Blaster X-Fi MB
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2010
"{90140000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2010
"{90140000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010
"{90140000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010
"{90140000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010
"{90140000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2010
"{90140000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010
"{90140000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2010
"{90140000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010
"{90140000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai
"{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A231A6F2-2C80-6203-ED35-2CFB96B25A38}" = Application Profiles
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German
"{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Português
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish
"{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All
"{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common
"{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Ajuda
"{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.3.0a
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gerenciador de dispositivo de plataforma
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Mac Blu-ray Player" = Mac Blu-ray Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.70.0.1100
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Total Protection
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 202170" = Sleeping Dogs™
"Steam App 205930" = Hitman: Sniper Challenge
"Steam App 4570" = Warhammer 40,000: Dawn of War - Game of the Year Edition

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13/03/2013 17:54:25 | Computer Name = Gabriel-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: McSvHost.exe, versão: 3.1.171.0, carimbo
de hora: 0x50712b61 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725,
carimbo de hora: 0x4ec4aa8e Código de exceção: 0xc0000005 Deslocamento com falha:
0x0000000000052fc6 Identificação do processo com falha: 0x960 Hora de início do aplicativo
com falha: 0x01ce20350baf8b2e Caminho do aplicativo com falha: C:\Program Files\Common
Files\McAfee\Platform\McSvcHost\McSvHost.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação
do Relatório: 91f6434c-8c28-11e2-8f99-20cf305ca3bf

Error - 13/03/2013 17:57:36 | Computer Name = Gabriel-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: McSvHost.exe, versão: 3.1.171.0, carimbo
de hora: 0x50712b61 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725,
carimbo de hora: 0x4ec4aa8e Código de exceção: 0xc0000005 Deslocamento com falha:
0x0000000000052fc6 Identificação do processo com falha: 0x1780 Hora de início do
aplicativo com falha: 0x01ce20357cf09895 Caminho do aplicativo com falha: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FCaminho do módulo de
falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: 0336db81-8c29-11e2-8f99-20cf305ca3bf

Error - 14/03/2013 16:16:38 | Computer Name = Gabriel-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/03/2013 16:16:51 | Computer Name = Gabriel-PC | Source = VSS | ID = 8194
Description =

Error - 14/03/2013 18:31:10 | Computer Name = Gabriel-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: McSvHost.exe, versão: 3.1.171.0, carimbo
de hora: 0x50712b61 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725,
carimbo de hora: 0x4ec4aa8e Código de exceção: 0xc0000005 Deslocamento com falha:
0x0000000000052fc6 Identificação do processo com falha: 0xdd0 Hora de início do aplicativo
com falha: 0x01ce210356560fb6 Caminho do aplicativo com falha: C:\Program Files\Common
Files\McAfee\Platform\McSvcHost\McSvHost.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação
do Relatório: de488247-8cf6-11e2-82c7-20cf305ca3bf

Error - 15/03/2013 16:01:36 | Computer Name = Gabriel-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/03/2013 16:01:50 | Computer Name = Gabriel-PC | Source = VSS | ID = 8194
Description =

Error - 15/03/2013 16:03:50 | Computer Name = Gabriel-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: McSvHost.exe, versão: 3.1.171.0, carimbo
de hora: 0x50712b61 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725,
carimbo de hora: 0x4ec4aa8e Código de exceção: 0xc0000005 Deslocamento com falha:
0x0000000000052fc6 Identificação do processo com falha: 0x940 Hora de início do aplicativo
com falha: 0x01ce21b7a6304559 Caminho do aplicativo com falha: C:\Program Files\Common
Files\McAfee\Platform\McSvcHost\McSvHost.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação
do Relatório: 74054567-8dab-11e2-b1db-20cf305ca3bf

Error - 15/03/2013 16:06:56 | Computer Name = Gabriel-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: McSvHost.exe, versão: 3.1.171.0, carimbo
de hora: 0x50712b61 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725,
carimbo de hora: 0x4ec4aa8e Código de exceção: 0xc0000005 Deslocamento com falha:
0x0000000000052fc6 Identificação do processo com falha: 0xe48 Hora de início do aplicativo
com falha: 0x01ce21b84b558a6d Caminho do aplicativo com falha: C:\Program Files\Common
Files\McAfee\Platform\McSvcHost\McSvHost.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação
do Relatório: e2e31874-8dab-11e2-b1db-20cf305ca3bf

Error - 15/03/2013 16:10:04 | Computer Name = Gabriel-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: McSvHost.exe, versão: 3.1.171.0, carimbo
de hora: 0x50712b61 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725,
carimbo de hora: 0x4ec4aa8e Código de exceção: 0xc0000005 Deslocamento com falha:
0x0000000000052fc6 Identificação do processo com falha: 0xd14 Hora de início do aplicativo
com falha: 0x01ce21b8ccfe1a80 Caminho do aplicativo com falha: C:\Program Files\Common
Files\McAfee\Platform\McSvcHost\McSvHost.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll
Identificação
do Relatório: 52eeec23-8dac-11e2-b1db-20cf305ca3bf

[ Media Center Events ]
Error - 18/01/2013 13:12:09 | Computer Name = Gabriel-PC | Source = MCUpdate | ID = 0
Description = 15:12:09 - Erro ao estabelecer conexão com a Internet. 15:12:09 -
Não foi possível contatar o servidor..

Error - 18/01/2013 13:12:41 | Computer Name = Gabriel-PC | Source = MCUpdate | ID = 0
Description = 15:12:38 - Erro ao estabelecer conexão com a Internet. 15:12:38 -
Não foi possível contatar o servidor..

[ System Events ]
Error - 15/03/2013 16:07:03 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7031
Description = O serviço McAfee VirusScan Announcer foi finalizado inesperadamente.
Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos:
Reiniciar o serviço.

Error - 15/03/2013 16:07:03 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7031
Description = O serviço McAfee Platform Services foi finalizado inesperadamente.
Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos:
Reiniciar o serviço.

Error - 15/03/2013 16:07:03 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7031
Description = O serviço McAfee Proxy Service foi finalizado inesperadamente. Isto
aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos:
Reiniciar o serviço.

Error - 15/03/2013 16:07:03 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7031
Description = O serviço McAfee Anti-Spam Service foi finalizado inesperadamente.
Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos:
Reiniciar o serviço.

Error - 15/03/2013 16:10:09 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7034
Description = O serviço McAfee Home Network foi encerrado inesperadamente. Isso
aconteceu 3 vez(es).

Error - 15/03/2013 16:10:09 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7034
Description = O serviço McAfee Personal Firewall Service foi encerrado inesperadamente.
Isso aconteceu 3 vez(es).

Error - 15/03/2013 16:10:09 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7034
Description = O serviço McAfee VirusScan Announcer foi encerrado inesperadamente.
Isso aconteceu 3 vez(es).

Error - 15/03/2013 16:10:09 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7034
Description = O serviço McAfee Platform Services foi encerrado inesperadamente.
Isso aconteceu 3 vez(es).

Error - 15/03/2013 16:10:09 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7034
Description = O serviço McAfee Proxy Service foi encerrado inesperadamente. Isso
aconteceu 3 vez(es).

Error - 15/03/2013 16:10:09 | Computer Name = Gabriel-PC | Source = Service Control Manager | ID = 7034
Description = O serviço McAfee Anti-Spam Service foi encerrado inesperadamente.
Isso aconteceu 3 vez(es).

< End of report >

Mr.Wolf · 18/03/2013

X.DragonSlayer.X, não vi nada de errado em seus logs. Estão limpos.

Você disse em um post anterior que seu PC estava estranho, não é isso? Poderia descrever o que ocorre?

VoiderX · 18/03/2013

Mr.Wolf disse:
X.DragonSlayer.X, não vi nada de errado em seus logs. Estão limpos.

Você disse em um post anterior que seu PC estava estranho, não é isso? Poderia descrever o que ocorre?

O unico problema é que tipo, meu AV fica desativando o firewall, fica alguns segundos e volta depois :poker:

As vezes eu preciso abrir o painel e ativar ele, mas na maioria das vezes ele reativa sozinho.
Meu AV é o McAfee.

Mchawk · 18/03/2013

Boa noite, Mister Wolf.

Estou com problemas em um notebook. Há muitas entradas de pontos de rede no gerenciador de dispositivos do sistema e algo setou o so para inicializar somente em modo de segunça (o que eu desfiz no msconfig). Estou desconfiado que há algum programa maligno nesse note. Poderia, por gentileza, analisar o log abaixo? Obrigado.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:00, on 18/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Kanan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2OQHJ06\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.9\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120820211040.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{726D7A54-8190-465E-A8F1-9B3731F9A736}: NameServer = 189.40.224.80 189.40.226.80
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: CyberLink Product - 2012/08/20 21:09:07 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

--
End of file - 15948 bytes

Mr.Wolf · 18/03/2013

X.DragonSlayer.X disse:
O unico problema é que tipo, meu AV fica desativando o firewall, fica alguns segundos e volta depois
As vezes eu preciso abrir o painel e ativar ele, mas na maioria das vezes ele reativa sozinho.
Meu AV é o McAfee.

Você diz o firewall do Windows ou do próprio McAfee? Porque não é recomendável manter os dois ativos. Caso os dois estejam ligados, pode ser que o McAfee esteja desativando um dos dois para não haver conflitos.

De qualquer maneira, siga o spoiler abaixo.

Baixe o TDSSKiller e salve no desktop.
Extraia-o e execute como administrador.
Clique em Change Parameters e marque as duas opções abaixo:

Verify driver digital signatures
Detect TDLFS file system

Dê um OK para voltar à tela principal.
Clique em Start Scan e aguarde a verificação.
Se um arquivo suspeito ou infectado for encontrado, clique em Skip (não remova ainda pois pode ser falso positivo).
Caso o programa peça para reiniciar a máquina, clique em Reboot Now.
Clique no botão Report corpie o texto que aparecer. Um log também será criado no desktop.

Em sua próxima resposta, poste o log da ferramenta.

Mchawk, poste um log do OTL (conforme primeiro post). O HijackThis não mostra muitos setores importantes a serem avaliados.

VoiderX · 18/03/2013

Mr.Wolf disse:
Você diz o firewall do Windows ou do próprio McAfee? Porque não é recomendável manter os dois ativos. Caso os dois estejam ligados, pode ser que o McAfee esteja desativando um dos dois para não haver conflitos.

De qualquer maneira, siga o spoiler abaixo.

Baixe o TDSSKiller e salve no desktop.
Extraia-o e execute como administrador.
Clique em Change Parameters e marque as duas opções abaixo:

Verify driver digital signatures
Detect TDLFS file system

Dê um OK para voltar à tela principal.
Clique em Start Scan e aguarde a verificação.
Se um arquivo suspeito ou infectado for encontrado, clique em Skip (não remova ainda pois pode ser falso positivo).
Caso o programa peça para reiniciar a máquina, clique em Reboot Now.
Clique no botão Report corpie o texto que aparecer. Um log também será criado no desktop.

Em sua próxima resposta, poste o log da ferramenta.

Mchawk, poste um log do OTL (conforme primeiro post). O HijackThis não mostra muitos setores importantes a serem avaliados.

É o do proprio McAfee, o do Win tá desativado.
Posto o resultado quarta -feira, sem tempo hoje e amanhã. :forever:

juliozanatta · 19/03/2013

O avast acusou alguns "estranhos" mas nao foi possivel escluir devido ao erro 42064 algo assim. Estou postando o Hijack pra me darem uma ajuda. Hoje fui usar o meu hotmail e apareceu um aviso que tinha outra pessoa usando o meu email, o hotmail pede umasenha de seguranca que foienviada para outro email, mas nem sei o loginmais de tao velho, sera que perdi meu hotmail?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:29:02, on 19/03/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\ALINEP~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Aline Pilot\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (file missing)
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (file missing)
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8546 bytes

VoiderX · 20/03/2013

X.DragonSlayer.X disse:
É o do proprio McAfee, o do Win tá desativado.
Posto o resultado quarta -feira, sem tempo hoje e amanhã.

Aqui está, deu 3 mas creio ser falsos positivos...

17:06:59.0560 4516 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:07:00.0542 4516 ============================================================
17:07:00.0542 4516 Current date / time: 2013/03/20 17:07:00.0542
17:07:00.0542 4516 SystemInfo:
17:07:00.0542 4516
17:07:00.0542 4516 OS Version: 6.1.7601 ServicePack: 1.0
17:07:00.0542 4516 Product type: Workstation
17:07:00.0542 4516 ComputerName: GABRIEL-PC
17:07:00.0542 4516 UserName: Gabriel
17:07:00.0542 4516 Windows directory: C:\Windows
17:07:00.0542 4516 System windows directory: C:\Windows
17:07:00.0542 4516 Running under WOW64
17:07:00.0542 4516 Processor architecture: Intel x64
17:07:00.0542 4516 Number of processors: 6
17:07:00.0542 4516 Page size: 0x1000
17:07:00.0542 4516 Boot type: Normal boot
17:07:00.0542 4516 ============================================================
17:07:00.0839 4516 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:00.0854 4516 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:00.0870 4516 ============================================================
17:07:00.0870 4516 \Device\Harddisk0\DR0:
17:07:00.0870 4516 MBR partitions:
17:07:00.0870 4516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:07:00.0870 4516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
17:07:00.0870 4516 \Device\Harddisk1\DR1:
17:07:00.0870 4516 MBR partitions:
17:07:00.0870 4516 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x11170000
17:07:00.0870 4516 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x11170800, BlocksNum 0xC054800
17:07:00.0870 4516 ============================================================
17:07:00.0870 4516 C: <-> \Device\Harddisk0\DR0\Partition2
17:07:00.0886 4516 D: <-> \Device\Harddisk1\DR1\Partition1
17:07:00.0917 4516 E: <-> \Device\Harddisk1\DR1\Partition2
17:07:00.0917 4516 ============================================================
17:07:00.0917 4516 Initialize success
17:07:00.0917 4516 ============================================================
17:07:20.0261 4240 ============================================================
17:07:20.0261 4240 Scan started
17:07:20.0261 4240 Mode: Manual; SigCheck; TDLFS;
17:07:20.0261 4240 ============================================================
17:07:20.0323 4240 ================ Scan system memory ========================
17:07:20.0323 4240 System memory - ok
17:07:20.0323 4240 ================ Scan services =============================
17:07:20.0339 4240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:07:20.0511 4240 1394ohci - ok
17:07:20.0511 4240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:07:20.0573 4240 ACPI - ok
17:07:20.0573 4240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:07:20.0651 4240 AcpiPmi - ok
17:07:20.0651 4240 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:20.0713 4240 AdobeARMservice - ok
17:07:20.0729 4240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:07:20.0791 4240 adp94xx - ok
17:07:20.0791 4240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:07:20.0869 4240 adpahci - ok
17:07:20.0869 4240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:07:20.0932 4240 adpu320 - ok
17:07:20.0932 4240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:07:21.0010 4240 AeLookupSvc - ok
17:07:21.0010 4240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:07:21.0088 4240 AFD - ok
17:07:21.0088 4240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:07:21.0150 4240 agp440 - ok
17:07:21.0150 4240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:07:21.0213 4240 ALG - ok
17:07:21.0213 4240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:07:21.0275 4240 aliide - ok
17:07:21.0275 4240 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:07:21.0353 4240 AMD External Events Utility - ok
17:07:21.0353 4240 AMD FUEL Service - ok
17:07:21.0353 4240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:07:21.0415 4240 amdide - ok
17:07:21.0431 4240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:07:21.0478 4240 AmdK8 - ok
17:07:21.0556 4240 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:07:21.0681 4240 amdkmdag - ok
17:07:21.0696 4240 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:07:21.0759 4240 amdkmdap - ok
17:07:21.0759 4240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:07:21.0821 4240 AmdPPM - ok
17:07:21.0821 4240 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:07:21.0930 4240 amdsata - ok
17:07:21.0946 4240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:07:22.0008 4240 amdsbs - ok
17:07:22.0008 4240 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:07:22.0071 4240 amdxata - ok
17:07:22.0071 4240 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:07:22.0133 4240 AODDriver4.2 - ok
17:07:22.0133 4240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:07:22.0211 4240 AppID - ok
17:07:22.0211 4240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:07:22.0289 4240 AppIDSvc - ok
17:07:22.0289 4240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:07:22.0351 4240 Appinfo - ok
17:07:22.0351 4240 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:07:22.0429 4240 AppMgmt - ok
17:07:22.0429 4240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:07:22.0492 4240 arc - ok
17:07:22.0492 4240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:07:22.0570 4240 arcsas - ok
17:07:22.0585 4240 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
17:07:22.0648 4240 AsIO - ok
17:07:22.0648 4240 aspnet_state - ok
17:07:22.0663 4240 [ 954FFBFF05B0B60EB63B52AF561436C4 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
17:07:22.0710 4240 AsSysCtrlService - ok
17:07:22.0726 4240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:22.0788 4240 AsyncMac - ok
17:07:22.0788 4240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:07:22.0851 4240 atapi - ok
17:07:22.0851 4240 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:07:22.0913 4240 AtiHDAudioService - ok
17:07:22.0929 4240 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
17:07:22.0975 4240 AtiHdmiService - ok
17:07:22.0991 4240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:07:23.0069 4240 AudioEndpointBuilder - ok
17:07:23.0069 4240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:07:23.0147 4240 AudioSrv - ok
17:07:23.0147 4240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:07:23.0225 4240 AxInstSV - ok
17:07:23.0225 4240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:07:23.0303 4240 b06bdrv - ok
17:07:23.0303 4240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:07:23.0365 4240 b57nd60a - ok
17:07:23.0365 4240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:07:23.0428 4240 BDESVC - ok
17:07:23.0428 4240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:07:23.0506 4240 Beep - ok
17:07:23.0506 4240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:07:23.0584 4240 BFE - ok
17:07:23.0599 4240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:07:23.0677 4240 BITS - ok
17:07:23.0677 4240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:07:23.0740 4240 blbdrive - ok
17:07:23.0740 4240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:07:23.0802 4240 bowser - ok
17:07:23.0802 4240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:07:23.0865 4240 BrFiltLo - ok
17:07:23.0865 4240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:07:23.0943 4240 BrFiltUp - ok
17:07:23.0943 4240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:07:24.0005 4240 Browser - ok
17:07:24.0021 4240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:07:24.0083 4240 Brserid - ok
17:07:24.0083 4240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:07:24.0145 4240 BrSerWdm - ok
17:07:24.0145 4240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:07:24.0208 4240 BrUsbMdm - ok
17:07:24.0208 4240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:07:24.0270 4240 BrUsbSer - ok
17:07:24.0270 4240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:07:24.0333 4240 BTHMODEM - ok
17:07:24.0333 4240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:07:24.0411 4240 bthserv - ok
17:07:24.0411 4240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:07:24.0489 4240 cdfs - ok
17:07:24.0489 4240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:07:24.0551 4240 cdrom - ok
17:07:24.0551 4240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:07:24.0629 4240 CertPropSvc - ok
17:07:24.0629 4240 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:07:24.0691 4240 cfwids - ok
17:07:24.0691 4240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:07:24.0754 4240 circlass - ok
17:07:24.0754 4240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:07:24.0816 4240 CLFS - ok
17:07:24.0816 4240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:24.0879 4240 clr_optimization_v2.0.50727_32 - ok
17:07:24.0894 4240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:24.0957 4240 clr_optimization_v2.0.50727_64 - ok
17:07:24.0957 4240 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:25.0035 4240 clr_optimization_v4.0.30319_32 - ok
17:07:25.0035 4240 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:25.0097 4240 clr_optimization_v4.0.30319_64 - ok
17:07:25.0097 4240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:07:25.0159 4240 CmBatt - ok
17:07:25.0175 4240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:07:25.0222 4240 cmdide - ok
17:07:25.0237 4240 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:07:25.0300 4240 CNG - ok
17:07:25.0315 4240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:07:25.0362 4240 Compbatt - ok
17:07:25.0378 4240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:07:25.0425 4240 CompositeBus - ok
17:07:25.0425 4240 COMSysApp - ok
17:07:25.0440 4240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:07:25.0503 4240 crcdisk - ok
17:07:25.0503 4240 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
17:07:25.0549 4240 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0549 4240 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:07:25.0549 4240 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
17:07:25.0612 4240 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0612 4240 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:07:25.0612 4240 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:07:25.0674 4240 CryptSvc - ok
17:07:25.0690 4240 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:07:25.0752 4240 CSC - ok
17:07:25.0752 4240 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:07:25.0815 4240 CscService - ok
17:07:25.0830 4240 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
17:07:25.0877 4240 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0877 4240 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
17:07:25.0893 4240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:07:25.0955 4240 DcomLaunch - ok
17:07:25.0971 4240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:07:26.0049 4240 defragsvc - ok
17:07:26.0049 4240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:07:26.0111 4240 DfsC - ok
17:07:26.0127 4240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:07:26.0189 4240 Dhcp - ok
17:07:26.0189 4240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:07:26.0267 4240 discache - ok
17:07:26.0267 4240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:07:26.0329 4240 Disk - ok
17:07:26.0329 4240 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:07:26.0392 4240 dmvsc - ok
17:07:26.0392 4240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:07:26.0454 4240 Dnscache - ok
17:07:26.0470 4240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:07:26.0548 4240 dot3svc - ok
17:07:26.0548 4240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:07:26.0610 4240 DPS - ok
17:07:26.0626 4240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:07:26.0688 4240 drmkaud - ok
17:07:26.0688 4240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:07:26.0751 4240 DXGKrnl - ok
17:07:26.0766 4240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:07:26.0829 4240 EapHost - ok
17:07:26.0860 4240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:07:26.0938 4240 ebdrv - ok
17:07:26.0953 4240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:07:27.0016 4240 EFS - ok
17:07:27.0016 4240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:07:27.0078 4240 ehRecvr - ok
17:07:27.0094 4240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:07:27.0141 4240 ehSched - ok
17:07:27.0156 4240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:07:27.0219 4240 elxstor - ok
17:07:27.0219 4240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:07:27.0281 4240 ErrDev - ok
17:07:27.0297 4240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:07:27.0359 4240 EventSystem - ok
17:07:27.0359 4240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:07:27.0437 4240 exfat - ok
17:07:27.0437 4240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:07:27.0515 4240 fastfat - ok
17:07:27.0531 4240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:07:27.0593 4240 Fax - ok
17:07:27.0593 4240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:07:27.0655 4240 fdc - ok
17:07:27.0671 4240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:07:27.0733 4240 fdPHost - ok
17:07:27.0749 4240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:07:27.0811 4240 FDResPub - ok
17:07:27.0827 4240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:07:27.0889 4240 FileInfo - ok
17:07:27.0889 4240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:07:27.0967 4240 Filetrace - ok
17:07:27.0967 4240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:07:28.0030 4240 flpydisk - ok
17:07:28.0045 4240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:07:28.0108 4240 FltMgr - ok
17:07:28.0123 4240 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:07:28.0201 4240 FontCache - ok
17:07:28.0201 4240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:28.0264 4240 FontCache3.0.0.0 - ok
17:07:28.0264 4240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:07:28.0326 4240 FsDepends - ok
17:07:28.0342 4240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:07:28.0404 4240 Fs_Rec - ok
17:07:28.0404 4240 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
17:07:28.0467 4240 Futuremark SystemInfo Service - ok
17:07:28.0467 4240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:07:28.0529 4240 fvevol - ok
17:07:28.0545 4240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:07:28.0607 4240 gagp30kx - ok
17:07:28.0607 4240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:07:28.0701 4240 gpsvc - ok
17:07:28.0701 4240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:07:28.0763 4240 hcw85cir - ok
17:07:28.0779 4240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:07:28.0841 4240 HdAudAddService - ok
17:07:28.0841 4240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:07:28.0903 4240 HDAudBus - ok
17:07:28.0903 4240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:07:28.0966 4240 HidBatt - ok
17:07:28.0966 4240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:07:29.0028 4240 HidBth - ok
17:07:29.0028 4240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:07:29.0091 4240 HidIr - ok
17:07:29.0091 4240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:07:29.0169 4240 hidserv - ok
17:07:29.0169 4240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:07:29.0215 4240 HidUsb - ok
17:07:29.0231 4240 [ 852681A14AFEE00C0C3179429A08C868 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:07:29.0293 4240 HipShieldK - ok
17:07:29.0293 4240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:07:29.0356 4240 hkmsvc - ok
17:07:29.0371 4240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:07:29.0434 4240 HomeGroupListener - ok
17:07:29.0434 4240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:07:29.0496 4240 HomeGroupProvider - ok
17:07:29.0512 4240 [ 389BC447DF363450A78845D35DBA0047 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:29.0559 4240 HomeNetSvc - ok
17:07:29.0574 4240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:07:29.0637 4240 HpSAMD - ok
17:07:29.0637 4240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:07:29.0715 4240 HTTP - ok
17:07:29.0715 4240 [ 51ACD072EC7863BFDE2B5B6A5383F945 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
17:07:29.0777 4240 HWiNFO32 - ok
17:07:29.0777 4240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:07:29.0839 4240 hwpolicy - ok
17:07:29.0839 4240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:07:29.0902 4240 i8042prt - ok
17:07:29.0902 4240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:07:29.0980 4240 iaStorV - ok
17:07:29.0980 4240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:30.0058 4240 idsvc - ok
17:07:30.0058 4240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:07:30.0120 4240 iirsp - ok
17:07:30.0136 4240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:07:30.0214 4240 IKEEXT - ok
17:07:30.0214 4240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:07:30.0292 4240 intelide - ok
17:07:30.0292 4240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:07:30.0354 4240 intelppm - ok
17:07:30.0354 4240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:07:30.0432 4240 IPBusEnum - ok
17:07:30.0432 4240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:07:30.0510 4240 IpFilterDriver - ok
17:07:30.0510 4240 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:07:30.0573 4240 iphlpsvc - ok
17:07:30.0573 4240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:07:30.0635 4240 IPMIDRV - ok
17:07:30.0635 4240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:07:30.0713 4240 IPNAT - ok
17:07:30.0713 4240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:07:30.0775 4240 IRENUM - ok
17:07:30.0791 4240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:07:30.0838 4240 isapnp - ok
17:07:30.0853 4240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:07:30.0916 4240 iScsiPrt - ok
17:07:30.0916 4240 [ 75DDB94A2A24F9F7037D10A2DDA06D36 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
17:07:30.0978 4240 JRAID - ok
17:07:30.0994 4240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:07:31.0041 4240 kbdclass - ok
17:07:31.0041 4240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:07:31.0103 4240 kbdhid - ok
17:07:31.0103 4240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:07:31.0165 4240 KeyIso - ok
17:07:31.0165 4240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:07:31.0228 4240 KSecDD - ok
17:07:31.0228 4240 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:07:31.0290 4240 KSecPkg - ok
17:07:31.0290 4240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:07:31.0368 4240 ksthunk - ok
17:07:31.0368 4240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:07:31.0446 4240 KtmRm - ok
17:07:31.0446 4240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:07:31.0524 4240 LanmanServer - ok
17:07:31.0524 4240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:07:31.0602 4240 LanmanWorkstation - ok
17:07:31.0602 4240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:07:31.0680 4240 lltdio - ok
17:07:31.0680 4240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:07:31.0758 4240 lltdsvc - ok
17:07:31.0758 4240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:07:31.0821 4240 lmhosts - ok
17:07:31.0836 4240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:07:31.0899 4240 LSI_FC - ok
17:07:31.0899 4240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:07:31.0961 4240 LSI_SAS - ok
17:07:31.0977 4240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:07:32.0039 4240 LSI_SAS2 - ok
17:07:32.0039 4240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:07:32.0117 4240 LSI_SCSI - ok
17:07:32.0117 4240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:07:32.0179 4240 luafv - ok
17:07:32.0179 4240 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:07:32.0242 4240 McAfee SiteAdvisor Service - ok
17:07:32.0257 4240 [ 389BC447DF363450A78845D35DBA0047 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0304 4240 McMPFSvc - ok
17:07:32.0320 4240 [ 389BC447DF363450A78845D35DBA0047 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0382 4240 McNaiAnn - ok
17:07:32.0382 4240 [ 93432FAEA699F7A2B4F4AC5949D0B6AB ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
17:07:32.0445 4240 McODS - ok
17:07:32.0445 4240 [ 389BC447DF363450A78845D35DBA0047 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0507 4240 mcpltsvc - ok
17:07:32.0507 4240 [ 389BC447DF363450A78845D35DBA0047 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0569 4240 McProxy - ok
17:07:32.0585 4240 [ D0885CA52ACD97E0C93A565BDD2270D9 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
17:07:32.0647 4240 McPvDrv - ok
17:07:32.0647 4240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:07:32.0710 4240 Mcx2Svc - ok
17:07:32.0710 4240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:07:32.0772 4240 megasas - ok
17:07:32.0772 4240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:07:32.0835 4240 MegaSR - ok
17:07:32.0850 4240 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:07:32.0913 4240 mfeapfk - ok
17:07:32.0913 4240 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:07:32.0975 4240 mfeavfk - ok
17:07:32.0975 4240 mfeavfk01 - ok
17:07:32.0991 4240 [ 38D1F23EE031B615A8CA51DD1E523579 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
17:07:33.0053 4240 mfecore - ok
17:07:33.0069 4240 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:07:33.0131 4240 mfefire - ok
17:07:33.0131 4240 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:07:33.0193 4240 mfefirek - ok
17:07:33.0209 4240 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:07:33.0287 4240 mfehidk - ok
17:07:33.0287 4240 [ 9C9FC3770BD600B2D761D666234C244D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
17:07:33.0349 4240 mfencbdc - ok
17:07:33.0349 4240 [ 93241CC8509B622B47EEA1B8505CF511 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
17:07:33.0412 4240 mfencrk - ok
17:07:33.0427 4240 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
17:07:33.0490 4240 mfevtp - ok
17:07:33.0490 4240 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:07:33.0552 4240 mfewfpk - ok
17:07:33.0552 4240 Microsoft SharePoint Workspace Audit Service - ok
17:07:33.0568 4240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:07:33.0630 4240 MMCSS - ok
17:07:33.0630 4240 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
17:07:33.0693 4240 MOBKbackup - ok
17:07:33.0693 4240 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
17:07:33.0755 4240 MOBKFilter - ok
17:07:33.0755 4240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:07:33.0833 4240 Modem - ok
17:07:33.0833 4240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:07:33.0880 4240 monitor - ok
17:07:33.0895 4240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:07:33.0942 4240 mouclass - ok
17:07:33.0958 4240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:07:34.0005 4240 mouhid - ok
17:07:34.0020 4240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:07:34.0083 4240 mountmgr - ok
17:07:34.0083 4240 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:07:34.0145 4240 MozillaMaintenance - ok
17:07:34.0145 4240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:07:34.0207 4240 mpio - ok
17:07:34.0207 4240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:07:34.0285 4240 mpsdrv - ok
17:07:34.0285 4240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:07:34.0379 4240 MpsSvc - ok
17:07:34.0379 4240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:07:34.0441 4240 MRxDAV - ok
17:07:34.0441 4240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:07:34.0504 4240 mrxsmb - ok
17:07:34.0519 4240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:07:34.0566 4240 mrxsmb10 - ok
17:07:34.0566 4240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:07:34.0629 4240 mrxsmb20 - ok
17:07:34.0629 4240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:07:34.0691 4240 msahci - ok
17:07:34.0691 4240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:07:34.0769 4240 msdsm - ok
17:07:34.0769 4240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:07:34.0831 4240 MSDTC - ok
17:07:34.0831 4240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:07:34.0894 4240 Msfs - ok
17:07:34.0909 4240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:07:34.0972 4240 mshidkmdf - ok
17:07:34.0972 4240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:07:35.0034 4240 msisadrv - ok
17:07:35.0050 4240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:07:35.0112 4240 MSiSCSI - ok
17:07:35.0112 4240 msiserver - ok
17:07:35.0128 4240 [ 389BC447DF363450A78845D35DBA0047 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:35.0190 4240 MSK80Service - ok
17:07:35.0190 4240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:07:35.0253 4240 MSKSSRV - ok
17:07:35.0253 4240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:07:35.0331 4240 MSPCLOCK - ok
17:07:35.0331 4240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:07:35.0409 4240 MSPQM - ok
17:07:35.0409 4240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:07:35.0487 4240 MsRPC - ok
17:07:35.0487 4240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:07:35.0549 4240 mssmbios - ok
17:07:35.0549 4240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:07:35.0611 4240 MSTEE - ok
17:07:35.0611 4240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:07:35.0674 4240 MTConfig - ok
17:07:35.0689 4240 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:07:35.0736 4240 MTsensor - ok
17:07:35.0736 4240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:07:35.0799 4240 Mup - ok
17:07:35.0814 4240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:07:35.0892 4240 napagent - ok
17:07:35.0892 4240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:07:35.0955 4240 NativeWifiP - ok
17:07:35.0970 4240 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:07:36.0033 4240 NDIS - ok
17:07:36.0048 4240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:07:36.0111 4240 NdisCap - ok
17:07:36.0111 4240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:07:36.0189 4240 NdisTapi - ok
17:07:36.0189 4240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:07:36.0267 4240 Ndisuio - ok
17:07:36.0267 4240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:07:36.0329 4240 NdisWan - ok
17:07:36.0345 4240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:07:36.0407 4240 NDProxy - ok
17:07:36.0407 4240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:07:36.0469 4240 NetBIOS - ok
17:07:36.0485 4240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:07:36.0547 4240 NetBT - ok
17:07:36.0547 4240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:07:36.0610 4240 Netlogon - ok
17:07:36.0610 4240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:07:36.0688 4240 Netman - ok
17:07:36.0688 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:36.0750 4240 NetMsmqActivator - ok
17:07:36.0766 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:36.0813 4240 NetPipeActivator - ok
17:07:36.0828 4240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:07:36.0891 4240 netprofm - ok
17:07:36.0891 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:36.0953 4240 NetTcpActivator - ok
17:07:36.0953 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:37.0015 4240 NetTcpPortSharing - ok
17:07:37.0015 4240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:07:37.0078 4240 nfrd960 - ok
17:07:37.0093 4240 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:07:37.0156 4240 NlaSvc - ok
17:07:37.0156 4240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:07:37.0218 4240 Npfs - ok
17:07:37.0234 4240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:07:37.0296 4240 nsi - ok
17:07:37.0296 4240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:07:37.0374 4240 nsiproxy - ok
17:07:37.0390 4240 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:07:37.0468 4240 Ntfs - ok
17:07:37.0468 4240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:07:37.0530 4240 Null - ok
17:07:37.0546 4240 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:07:37.0608 4240 nusb3hub - ok
17:07:37.0608 4240 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:07:37.0655 4240 nusb3xhc - ok
17:07:37.0671 4240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:07:37.0733 4240 nvraid - ok
17:07:37.0733 4240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:07:37.0795 4240 nvstor - ok
17:07:37.0795 4240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:07:37.0858 4240 nv_agp - ok
17:07:37.0873 4240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:07:37.0936 4240 ohci1394 - ok
17:07:37.0936 4240 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:37.0998 4240 ose - ok
17:07:38.0029 4240 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:07:38.0139 4240 osppsvc - ok
17:07:38.0154 4240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:07:38.0217 4240 p2pimsvc - ok
17:07:38.0217 4240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:07:38.0279 4240 p2psvc - ok
17:07:38.0295 4240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:07:38.0341 4240 Parport - ok
17:07:38.0357 4240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:07:38.0419 4240 partmgr - ok
17:07:38.0419 4240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:07:38.0482 4240 PcaSvc - ok
17:07:38.0482 4240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:07:38.0544 4240 pci - ok
17:07:38.0544 4240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:07:38.0607 4240 pciide - ok
17:07:38.0622 4240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:07:38.0685 4240 pcmcia - ok
17:07:38.0685 4240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:07:38.0747 4240 pcw - ok
17:07:38.0763 4240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:07:38.0825 4240 PEAUTH - ok
17:07:38.0841 4240 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:07:38.0903 4240 PeerDistSvc - ok
17:07:38.0934 4240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:07:38.0981 4240 PerfHost - ok
17:07:39.0012 4240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:07:39.0090 4240 pla - ok
17:07:39.0106 4240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:07:39.0168 4240 PlugPlay - ok
17:07:39.0168 4240 PnkBstrA - ok
17:07:39.0168 4240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:07:39.0231 4240 PNRPAutoReg - ok
17:07:39.0231 4240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:07:39.0293 4240 PNRPsvc - ok
17:07:39.0293 4240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:07:39.0371 4240 PolicyAgent - ok
17:07:39.0371 4240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:07:39.0449 4240 Power - ok
17:07:39.0449 4240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:07:39.0527 4240 PptpMiniport - ok
17:07:39.0527 4240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:07:39.0589 4240 Processor - ok
17:07:39.0589 4240 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:07:39.0667 4240 ProfSvc - ok
17:07:39.0667 4240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:07:39.0714 4240 ProtectedStorage - ok
17:07:39.0730 4240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:07:39.0792 4240 Psched - ok
17:07:39.0808 4240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:07:39.0901 4240 ql2300 - ok
17:07:39.0901 4240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:07:39.0964 4240 ql40xx - ok
17:07:39.0964 4240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:07:40.0042 4240 QWAVE - ok
17:07:40.0042 4240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:07:40.0104 4240 QWAVEdrv - ok
17:07:40.0104 4240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:07:40.0182 4240 RasAcd - ok
17:07:40.0198 4240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:07:40.0260 4240 RasAgileVpn - ok
17:07:40.0276 4240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:07:40.0354 4240 RasAuto - ok
17:07:40.0354 4240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:07:40.0416 4240 Rasl2tp - ok
17:07:40.0432 4240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:07:40.0510 4240 RasMan - ok
17:07:40.0510 4240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:07:40.0572 4240 RasPppoe - ok
17:07:40.0588 4240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:07:40.0650 4240 RasSstp - ok
17:07:40.0650 4240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:07:40.0728 4240 rdbss - ok
17:07:40.0728 4240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:07:40.0791 4240 rdpbus - ok
17:07:40.0791 4240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:07:40.0869 4240 RDPCDD - ok
17:07:40.0869 4240 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:07:40.0947 4240 RDPDR - ok
17:07:40.0947 4240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:07:41.0009 4240 RDPENCDD - ok
17:07:41.0009 4240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:07:41.0087 4240 RDPREFMP - ok
17:07:41.0087 4240 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:07:41.0165 4240 RdpVideoMiniport - ok
17:07:41.0165 4240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:07:41.0227 4240 RDPWD - ok
17:07:41.0243 4240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:07:41.0305 4240 rdyboost - ok
17:07:41.0305 4240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:07:41.0383 4240 RemoteAccess - ok
17:07:41.0383 4240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:07:41.0461 4240 RemoteRegistry - ok
17:07:41.0461 4240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:07:41.0539 4240 RpcEptMapper - ok
17:07:41.0539 4240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:07:41.0602 4240 RpcLocator - ok
17:07:41.0602 4240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:07:41.0680 4240 RpcSs - ok
17:07:41.0680 4240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:07:41.0742 4240 rspndr - ok
17:07:41.0742 4240 [ 2E887E52E45BBA3C47CCD0E75FC5266F ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
17:07:41.0805 4240 RTCore64 - ok
17:07:41.0820 4240 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:07:41.0883 4240 s3cap - ok
17:07:41.0883 4240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:07:41.0929 4240 SamSs - ok
17:07:41.0945 4240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:07:42.0007 4240 sbp2port - ok
17:07:42.0007 4240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:07:42.0085 4240 SCardSvr - ok
17:07:42.0085 4240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:07:42.0163 4240 scfilter - ok
17:07:42.0179 4240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:07:42.0257 4240 Schedule - ok
17:07:42.0257 4240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:07:42.0335 4240 SCPolicySvc - ok
17:07:42.0335 4240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:07:42.0397 4240 SDRSVC - ok
17:07:42.0397 4240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:07:42.0475 4240 secdrv - ok
17:07:42.0475 4240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:07:42.0538 4240 seclogon - ok
17:07:42.0553 4240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:07:42.0631 4240 SENS - ok
17:07:42.0631 4240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:07:42.0694 4240 SensrSvc - ok
17:07:42.0694 4240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:07:42.0756 4240 Serenum - ok
17:07:42.0772 4240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:07:42.0834 4240 Serial - ok
17:07:42.0834 4240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:07:42.0897 4240 sermouse - ok
17:07:42.0897 4240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:07:42.0975 4240 SessionEnv - ok
17:07:42.0975 4240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:07:43.0053 4240 sffdisk - ok
17:07:43.0053 4240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:07:43.0115 4240 sffp_mmc - ok
17:07:43.0131 4240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:07:43.0193 4240 sffp_sd - ok
17:07:43.0193 4240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:07:43.0255 4240 sfloppy - ok
17:07:43.0255 4240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:07:43.0333 4240 SharedAccess - ok
17:07:43.0333 4240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:07:43.0411 4240 ShellHWDetection - ok
17:07:43.0427 4240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:07:43.0474 4240 SiSRaid2 - ok
17:07:43.0489 4240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:07:43.0552 4240 SiSRaid4 - ok
17:07:43.0552 4240 [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:07:43.0614 4240 SkypeUpdate - ok
17:07:43.0614 4240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:07:43.0692 4240 Smb - ok
17:07:43.0708 4240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:07:43.0770 4240 SNMPTRAP - ok
17:07:43.0770 4240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:07:43.0833 4240 spldr - ok
17:07:43.0833 4240 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:07:43.0895 4240 Spooler - ok
17:07:43.0942 4240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:07:44.0035 4240 sppsvc - ok
17:07:44.0035 4240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:07:44.0113 4240 sppuinotify - ok
17:07:44.0113 4240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:07:44.0176 4240 srv - ok
17:07:44.0191 4240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:07:44.0254 4240 srv2 - ok
17:07:44.0254 4240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:07:44.0316 4240 srvnet - ok
17:07:44.0316 4240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:07:44.0394 4240 SSDPSRV - ok
17:07:44.0394 4240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:07:44.0488 4240 SstpSvc - ok
17:07:44.0488 4240 Steam Client Service - ok
17:07:44.0488 4240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:07:44.0550 4240 stexstor - ok
17:07:44.0550 4240 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:07:44.0613 4240 StillCam - ok
17:07:44.0628 4240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:07:44.0691 4240 stisvc - ok
17:07:44.0691 4240 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:07:44.0753 4240 storflt - ok
17:07:44.0769 4240 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:07:44.0831 4240 storvsc - ok
17:07:44.0831 4240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:07:44.0893 4240 swenum - ok
17:07:44.0909 4240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:07:44.0987 4240 swprv - ok
17:07:44.0987 4240 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
17:07:45.0065 4240 Synth3dVsc - ok
17:07:45.0081 4240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:07:45.0159 4240 SysMain - ok
17:07:45.0159 4240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:07:45.0221 4240 TabletInputService - ok
17:07:45.0237 4240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:07:45.0299 4240 TapiSrv - ok
17:07:45.0315 4240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:07:45.0377 4240 TBS - ok
17:07:45.0393 4240 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:07:45.0471 4240 Tcpip - ok
17:07:45.0486 4240 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:07:45.0564 4240 TCPIP6 - ok
17:07:45.0580 4240 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:07:45.0642 4240 tcpipreg - ok
17:07:45.0642 4240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:07:45.0720 4240 TDPIPE - ok
17:07:45.0720 4240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:07:45.0783 4240 TDTCP - ok
17:07:45.0783 4240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:07:45.0845 4240 tdx - ok
17:07:45.0861 4240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:07:45.0907 4240 TermDD - ok
17:07:45.0923 4240 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
17:07:45.0985 4240 terminpt - ok
17:07:46.0001 4240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:07:46.0079 4240 TermService - ok
17:07:46.0095 4240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:07:46.0157 4240 Themes - ok
17:07:46.0157 4240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:07:46.0235 4240 THREADORDER - ok
17:07:46.0235 4240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:07:46.0313 4240 TrkWks - ok
17:07:46.0313 4240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:07:46.0391 4240 TrustedInstaller - ok
17:07:46.0391 4240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:46.0453 4240 tssecsrv - ok
17:07:46.0469 4240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:07:46.0531 4240 TsUsbFlt - ok
17:07:46.0531 4240 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:07:46.0594 4240 TsUsbGD - ok
17:07:46.0594 4240 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
17:07:46.0656 4240 tsusbhub - ok
17:07:46.0656 4240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:07:46.0734 4240 tunnel - ok
17:07:46.0734 4240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:07:46.0797 4240 uagp35 - ok
17:07:46.0812 4240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:07:46.0875 4240 udfs - ok
17:07:46.0890 4240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:07:46.0953 4240 UI0Detect - ok
17:07:46.0953 4240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:07:47.0015 4240 uliagpkx - ok
17:07:47.0015 4240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:07:47.0077 4240 umbus - ok
17:07:47.0077 4240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:07:47.0140 4240 UmPass - ok
17:07:47.0155 4240 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:07:47.0218 4240 UmRdpService - ok
17:07:47.0233 4240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:07:47.0311 4240 upnphost - ok
17:07:47.0311 4240 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:07:47.0374 4240 usbccgp - ok
17:07:47.0389 4240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:07:47.0452 4240 usbcir - ok
17:07:47.0452 4240 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:07:47.0514 4240 usbehci - ok
17:07:47.0514 4240 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:07:47.0592 4240 usbhub - ok
17:07:47.0592 4240 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:07:47.0655 4240 usbohci - ok
17:07:47.0655 4240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:07:47.0717 4240 usbprint - ok
17:07:47.0733 4240 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:07:47.0795 4240 usbscan - ok
17:07:47.0795 4240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:07:47.0873 4240 USBSTOR - ok
17:07:47.0873 4240 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:07:47.0935 4240 usbuhci - ok
17:07:47.0935 4240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:07:48.0045 4240 UxSms - ok
17:07:48.0045 4240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:07:48.0091 4240 VaultSvc - ok
17:07:48.0107 4240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:07:48.0169 4240 vdrvroot - ok
17:07:48.0169 4240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:07:48.0247 4240 vds - ok
17:07:48.0263 4240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:07:48.0325 4240 vga - ok
17:07:48.0325 4240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:07:48.0403 4240 VgaSave - ok
17:07:48.0403 4240 VGPU - ok
17:07:48.0403 4240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:07:48.0466 4240 vhdmp - ok
17:07:48.0481 4240 [ DFDF7F9CAA50EE72A633EA4BBD65A557 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:07:48.0544 4240 VIAHdAudAddService - ok
17:07:48.0559 4240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:07:48.0622 4240 viaide - ok
17:07:48.0622 4240 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:07:48.0684 4240 vmbus - ok
17:07:48.0700 4240 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:07:48.0762 4240 VMBusHID - ok
17:07:48.0762 4240 [ 754C8BF43F0DD4B54865F174A62761E9 ] VMfilt C:\Windows\system32\drivers\VMfilt64.sys
17:07:48.0809 4240 VMfilt - ok
17:07:48.0825 4240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:07:48.0887 4240 volmgr - ok
17:07:48.0887 4240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:07:48.0965 4240 volmgrx - ok
17:07:48.0965 4240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:07:49.0027 4240 volsnap - ok
17:07:49.0043 4240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:07:49.0121 4240 vsmraid - ok
17:07:49.0137 4240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:07:49.0215 4240 VSS - ok
17:07:49.0215 4240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:07:49.0277 4240 vwifibus - ok
17:07:49.0293 4240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:07:49.0371 4240 W32Time - ok
17:07:49.0371 4240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:07:49.0433 4240 WacomPen - ok
17:07:49.0449 4240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:07:49.0511 4240 WANARP - ok
17:07:49.0511 4240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:07:49.0589 4240 Wanarpv6 - ok
17:07:49.0589 4240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:07:49.0667 4240 WatAdminSvc - ok
17:07:49.0683 4240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:07:49.0761 4240 wbengine - ok
17:07:49.0776 4240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:07:49.0839 4240 WbioSrvc - ok
17:07:49.0854 4240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:07:49.0917 4240 wcncsvc - ok
17:07:49.0917 4240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:07:49.0995 4240 WcsPlugInService - ok
17:07:49.0995 4240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:07:50.0057 4240 Wd - ok
17:07:50.0073 4240 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:07:50.0151 4240 Wdf01000 - ok
17:07:50.0151 4240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:07:50.0229 4240 WdiServiceHost - ok
17:07:50.0229 4240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:07:50.0291 4240 WdiSystemHost - ok
17:07:50.0291 4240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:07:50.0369 4240 WebClient - ok
17:07:50.0369 4240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:07:50.0447 4240 Wecsvc - ok
17:07:50.0447 4240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:07:50.0525 4240 wercplsupport - ok
17:07:50.0525 4240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:07:50.0603 4240 WerSvc - ok
17:07:50.0603 4240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:07:50.0665 4240 WfpLwf - ok
17:07:50.0681 4240 [ A8DD94CB385BBA9FE76A5A16842E95EB ] WIMBLEMS C:\Windows\system32\drivers\WIMBLEMS.sys
17:07:50.0728 4240 WIMBLEMS - ok
17:07:50.0728 4240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:07:50.0806 4240 WIMMount - ok
17:07:50.0806 4240 WinDefend - ok
17:07:50.0806 4240 WinHttpAutoProxySvc - ok
17:07:50.0821 4240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:07:50.0899 4240 Winmgmt - ok
17:07:50.0915 4240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:07:51.0024 4240 WinRM - ok
17:07:51.0024 4240 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:07:51.0102 4240 WinUsb - ok
17:07:51.0118 4240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:07:51.0180 4240 Wlansvc - ok
17:07:51.0180 4240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:07:51.0243 4240 WmiAcpi - ok
17:07:51.0243 4240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:07:51.0305 4240 wmiApSrv - ok
17:07:51.0305 4240 WMPNetworkSvc - ok
17:07:51.0321 4240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:07:51.0383 4240 WPCSvc - ok
17:07:51.0383 4240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:07:51.0461 4240 WPDBusEnum - ok
17:07:51.0461 4240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:07:51.0539 4240 ws2ifsl - ok
17:07:51.0539 4240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:07:51.0617 4240 wscsvc - ok
17:07:51.0617 4240 WSearch - ok
17:07:51.0633 4240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:07:51.0726 4240 wuauserv - ok
17:07:51.0726 4240 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:07:51.0804 4240 WudfPf - ok
17:07:51.0804 4240 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:07:51.0867 4240 WUDFRd - ok
17:07:51.0882 4240 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:07:51.0945 4240 wudfsvc - ok
17:07:51.0945 4240 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:07:52.0023 4240 WwanSvc - ok
17:07:52.0038 4240 X6va011 - ok
17:07:52.0038 4240 X6va012 - ok
17:07:52.0054 4240 [ B2818BFAB7817F7E7EE886F58B15B35C ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:07:52.0116 4240 yukonw7 - ok
17:07:52.0116 4240 ================ Scan global ===============================
17:07:52.0132 4240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:07:52.0132 4240 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:07:52.0132 4240 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:07:52.0132 4240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:07:52.0147 4240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:07:52.0147 4240 [Global] - ok
17:07:52.0147 4240 ================ Scan MBR ==================================
17:07:52.0147 4240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:07:52.0210 4240 \Device\Harddisk0\DR0 - ok
17:07:52.0225 4240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:07:52.0272 4240 \Device\Harddisk1\DR1 - ok
17:07:52.0272 4240 ================ Scan VBR ==================================
17:07:52.0272 4240 [ 32D4658C168CA71EE9F558531721645C ] \Device\Harddisk0\DR0\Partition1
17:07:52.0272 4240 \Device\Harddisk0\DR0\Partition1 - ok
17:07:52.0288 4240 [ 3A28D27AEA74D75A63B5DFF4B2EB837E ] \Device\Harddisk0\DR0\Partition2
17:07:52.0288 4240 \Device\Harddisk0\DR0\Partition2 - ok
17:07:52.0288 4240 [ CB98B154EE6278742BBCF96A932A929D ] \Device\Harddisk1\DR1\Partition1
17:07:52.0288 4240 \Device\Harddisk1\DR1\Partition1 - ok
17:07:52.0288 4240 [ D632ECF26FE3221ED13A1FE53773B34F ] \Device\Harddisk1\DR1\Partition2
17:07:52.0288 4240 \Device\Harddisk1\DR1\Partition2 - ok
17:07:52.0288 4240 ============================================================
17:07:52.0288 4240 Scan finished
17:07:52.0288 4240 ============================================================
17:07:52.0303 5664 Detected object count: 3
17:07:52.0303 5664 Actual detected object count: 3
17:08:18.0684 5664 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:18.0684 5664 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:18.0684 5664 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:18.0684 5664 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:18.0684 5664 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:18.0684 5664 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Mr.Wolf · 21/03/2013

X.DragonSlayer.X disse:
Aqui está, deu 3 mas creio ser falsos positivos...

17:06:59.0560 4516 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:07:00.0542 4516 ============================================================
17:07:00.0542 4516 Current date / time: 2013/03/20 17:07:00.0542
17:07:00.0542 4516 SystemInfo:
17:07:00.0542 4516
17:07:00.0542 4516 OS Version: 6.1.7601 ServicePack: 1.0
17:07:00.0542 4516 Product type: Workstation
17:07:00.0542 4516 ComputerName: GABRIEL-PC
17:07:00.0542 4516 UserName: Gabriel
17:07:00.0542 4516 Windows directory: C:\Windows
17:07:00.0542 4516 System windows directory: C:\Windows
17:07:00.0542 4516 Running under WOW64
17:07:00.0542 4516 Processor architecture: Intel x64
17:07:00.0542 4516 Number of processors: 6
17:07:00.0542 4516 Page size: 0x1000
17:07:00.0542 4516 Boot type: Normal boot
17:07:00.0542 4516 ============================================================
17:07:00.0839 4516 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:00.0854 4516 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:00.0870 4516 ============================================================
17:07:00.0870 4516 \Device\Harddisk0\DR0:
17:07:00.0870 4516 MBR partitions:
17:07:00.0870 4516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:07:00.0870 4516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
17:07:00.0870 4516 \Device\Harddisk1\DR1:
17:07:00.0870 4516 MBR partitions:
17:07:00.0870 4516 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x11170000
17:07:00.0870 4516 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x11170800, BlocksNum 0xC054800
17:07:00.0870 4516 ============================================================
17:07:00.0870 4516 C: <-> \Device\Harddisk0\DR0\Partition2
17:07:00.0886 4516 D: <-> \Device\Harddisk1\DR1\Partition1
17:07:00.0917 4516 E: <-> \Device\Harddisk1\DR1\Partition2
17:07:00.0917 4516 ============================================================
17:07:00.0917 4516 Initialize success
17:07:00.0917 4516 ============================================================
17:07:20.0261 4240 ============================================================
17:07:20.0261 4240 Scan started
17:07:20.0261 4240 Mode: Manual; SigCheck; TDLFS;
17:07:20.0261 4240 ============================================================
17:07:20.0323 4240 ================ Scan system memory ========================
17:07:20.0323 4240 System memory - ok
17:07:20.0323 4240 ================ Scan services =============================
17:07:20.0339 4240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:07:20.0511 4240 1394ohci - ok
17:07:20.0511 4240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:07:20.0573 4240 ACPI - ok
17:07:20.0573 4240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:07:20.0651 4240 AcpiPmi - ok
17:07:20.0651 4240 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:20.0713 4240 AdobeARMservice - ok
17:07:20.0729 4240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:07:20.0791 4240 adp94xx - ok
17:07:20.0791 4240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:07:20.0869 4240 adpahci - ok
17:07:20.0869 4240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:07:20.0932 4240 adpu320 - ok
17:07:20.0932 4240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:07:21.0010 4240 AeLookupSvc - ok
17:07:21.0010 4240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:07:21.0088 4240 AFD - ok
17:07:21.0088 4240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:07:21.0150 4240 agp440 - ok
17:07:21.0150 4240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:07:21.0213 4240 ALG - ok
17:07:21.0213 4240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:07:21.0275 4240 aliide - ok
17:07:21.0275 4240 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:07:21.0353 4240 AMD External Events Utility - ok
17:07:21.0353 4240 AMD FUEL Service - ok
17:07:21.0353 4240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:07:21.0415 4240 amdide - ok
17:07:21.0431 4240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:07:21.0478 4240 AmdK8 - ok
17:07:21.0556 4240 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:07:21.0681 4240 amdkmdag - ok
17:07:21.0696 4240 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:07:21.0759 4240 amdkmdap - ok
17:07:21.0759 4240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:07:21.0821 4240 AmdPPM - ok
17:07:21.0821 4240 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:07:21.0930 4240 amdsata - ok
17:07:21.0946 4240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:07:22.0008 4240 amdsbs - ok
17:07:22.0008 4240 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:07:22.0071 4240 amdxata - ok
17:07:22.0071 4240 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:07:22.0133 4240 AODDriver4.2 - ok
17:07:22.0133 4240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:07:22.0211 4240 AppID - ok
17:07:22.0211 4240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:07:22.0289 4240 AppIDSvc - ok
17:07:22.0289 4240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:07:22.0351 4240 Appinfo - ok
17:07:22.0351 4240 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:07:22.0429 4240 AppMgmt - ok
17:07:22.0429 4240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:07:22.0492 4240 arc - ok
17:07:22.0492 4240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:07:22.0570 4240 arcsas - ok
17:07:22.0585 4240 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
17:07:22.0648 4240 AsIO - ok
17:07:22.0648 4240 aspnet_state - ok
17:07:22.0663 4240 [ 954FFBFF05B0B60EB63B52AF561436C4 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
17:07:22.0710 4240 AsSysCtrlService - ok
17:07:22.0726 4240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:22.0788 4240 AsyncMac - ok
17:07:22.0788 4240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:07:22.0851 4240 atapi - ok
17:07:22.0851 4240 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:07:22.0913 4240 AtiHDAudioService - ok
17:07:22.0929 4240 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
17:07:22.0975 4240 AtiHdmiService - ok
17:07:22.0991 4240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:07:23.0069 4240 AudioEndpointBuilder - ok
17:07:23.0069 4240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:07:23.0147 4240 AudioSrv - ok
17:07:23.0147 4240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:07:23.0225 4240 AxInstSV - ok
17:07:23.0225 4240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:07:23.0303 4240 b06bdrv - ok
17:07:23.0303 4240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:07:23.0365 4240 b57nd60a - ok
17:07:23.0365 4240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:07:23.0428 4240 BDESVC - ok
17:07:23.0428 4240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:07:23.0506 4240 Beep - ok
17:07:23.0506 4240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:07:23.0584 4240 BFE - ok
17:07:23.0599 4240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:07:23.0677 4240 BITS - ok
17:07:23.0677 4240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:07:23.0740 4240 blbdrive - ok
17:07:23.0740 4240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:07:23.0802 4240 bowser - ok
17:07:23.0802 4240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:07:23.0865 4240 BrFiltLo - ok
17:07:23.0865 4240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:07:23.0943 4240 BrFiltUp - ok
17:07:23.0943 4240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:07:24.0005 4240 Browser - ok
17:07:24.0021 4240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:07:24.0083 4240 Brserid - ok
17:07:24.0083 4240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:07:24.0145 4240 BrSerWdm - ok
17:07:24.0145 4240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:07:24.0208 4240 BrUsbMdm - ok
17:07:24.0208 4240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:07:24.0270 4240 BrUsbSer - ok
17:07:24.0270 4240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:07:24.0333 4240 BTHMODEM - ok
17:07:24.0333 4240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:07:24.0411 4240 bthserv - ok
17:07:24.0411 4240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:07:24.0489 4240 cdfs - ok
17:07:24.0489 4240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:07:24.0551 4240 cdrom - ok
17:07:24.0551 4240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:07:24.0629 4240 CertPropSvc - ok
17:07:24.0629 4240 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:07:24.0691 4240 cfwids - ok
17:07:24.0691 4240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:07:24.0754 4240 circlass - ok
17:07:24.0754 4240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:07:24.0816 4240 CLFS - ok
17:07:24.0816 4240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:24.0879 4240 clr_optimization_v2.0.50727_32 - ok
17:07:24.0894 4240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:24.0957 4240 clr_optimization_v2.0.50727_64 - ok
17:07:24.0957 4240 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:25.0035 4240 clr_optimization_v4.0.30319_32 - ok
17:07:25.0035 4240 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:25.0097 4240 clr_optimization_v4.0.30319_64 - ok
17:07:25.0097 4240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:07:25.0159 4240 CmBatt - ok
17:07:25.0175 4240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:07:25.0222 4240 cmdide - ok
17:07:25.0237 4240 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:07:25.0300 4240 CNG - ok
17:07:25.0315 4240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:07:25.0362 4240 Compbatt - ok
17:07:25.0378 4240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:07:25.0425 4240 CompositeBus - ok
17:07:25.0425 4240 COMSysApp - ok
17:07:25.0440 4240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:07:25.0503 4240 crcdisk - ok
17:07:25.0503 4240 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
17:07:25.0549 4240 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0549 4240 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:07:25.0549 4240 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
17:07:25.0612 4240 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0612 4240 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:07:25.0612 4240 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:07:25.0674 4240 CryptSvc - ok
17:07:25.0690 4240 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:07:25.0752 4240 CSC - ok
17:07:25.0752 4240 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:07:25.0815 4240 CscService - ok
17:07:25.0830 4240 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
17:07:25.0877 4240 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0877 4240 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
17:07:25.0893 4240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:07:25.0955 4240 DcomLaunch - ok
17:07:25.0971 4240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:07:26.0049 4240 defragsvc - ok
17:07:26.0049 4240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:07:26.0111 4240 DfsC - ok
17:07:26.0127 4240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:07:26.0189 4240 Dhcp - ok
17:07:26.0189 4240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:07:26.0267 4240 discache - ok
17:07:26.0267 4240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:07:26.0329 4240 Disk - ok
17:07:26.0329 4240 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:07:26.0392 4240 dmvsc - ok
17:07:26.0392 4240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:07:26.0454 4240 Dnscache - ok
17:07:26.0470 4240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:07:26.0548 4240 dot3svc - ok
17:07:26.0548 4240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:07:26.0610 4240 DPS - ok
17:07:26.0626 4240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:07:26.0688 4240 drmkaud - ok
17:07:26.0688 4240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:07:26.0751 4240 DXGKrnl - ok
17:07:26.0766 4240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:07:26.0829 4240 EapHost - ok
17:07:26.0860 4240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:07:26.0938 4240 ebdrv - ok
17:07:26.0953 4240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:07:27.0016 4240 EFS - ok
17:07:27.0016 4240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:07:27.0078 4240 ehRecvr - ok
17:07:27.0094 4240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:07:27.0141 4240 ehSched - ok
17:07:27.0156 4240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:07:27.0219 4240 elxstor - ok
17:07:27.0219 4240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:07:27.0281 4240 ErrDev - ok
17:07:27.0297 4240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:07:27.0359 4240 EventSystem - ok
17:07:27.0359 4240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:07:27.0437 4240 exfat - ok
17:07:27.0437 4240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:07:27.0515 4240 fastfat - ok
17:07:27.0531 4240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:07:27.0593 4240 Fax - ok
17:07:27.0593 4240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:07:27.0655 4240 fdc - ok
17:07:27.0671 4240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:07:27.0733 4240 fdPHost - ok
17:07:27.0749 4240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:07:27.0811 4240 FDResPub - ok
17:07:27.0827 4240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:07:27.0889 4240 FileInfo - ok
17:07:27.0889 4240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:07:27.0967 4240 Filetrace - ok
17:07:27.0967 4240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:07:28.0030 4240 flpydisk - ok
17:07:28.0045 4240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:07:28.0108 4240 FltMgr - ok
17:07:28.0123 4240 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:07:28.0201 4240 FontCache - ok
17:07:28.0201 4240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:28.0264 4240 FontCache3.0.0.0 - ok
17:07:28.0264 4240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:07:28.0326 4240 FsDepends - ok
17:07:28.0342 4240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:07:28.0404 4240 Fs_Rec - ok
17:07:28.0404 4240 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
17:07:28.0467 4240 Futuremark SystemInfo Service - ok
17:07:28.0467 4240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:07:28.0529 4240 fvevol - ok
17:07:28.0545 4240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:07:28.0607 4240 gagp30kx - ok
17:07:28.0607 4240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:07:28.0701 4240 gpsvc - ok
17:07:28.0701 4240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:07:28.0763 4240 hcw85cir - ok
17:07:28.0779 4240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:07:28.0841 4240 HdAudAddService - ok
17:07:28.0841 4240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:07:28.0903 4240 HDAudBus - ok
17:07:28.0903 4240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:07:28.0966 4240 HidBatt - ok
17:07:28.0966 4240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:07:29.0028 4240 HidBth - ok
17:07:29.0028 4240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:07:29.0091 4240 HidIr - ok
17:07:29.0091 4240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:07:29.0169 4240 hidserv - ok
17:07:29.0169 4240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:07:29.0215 4240 HidUsb - ok
17:07:29.0231 4240 [ 852681A14AFEE00C0C3179429A08C868 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:07:29.0293 4240 HipShieldK - ok
17:07:29.0293 4240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:07:29.0356 4240 hkmsvc - ok
17:07:29.0371 4240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:07:29.0434 4240 HomeGroupListener - ok
17:07:29.0434 4240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:07:29.0496 4240 HomeGroupProvider - ok
17:07:29.0512 4240 [ 389BC447DF363450A78845D35DBA0047 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:29.0559 4240 HomeNetSvc - ok
17:07:29.0574 4240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:07:29.0637 4240 HpSAMD - ok
17:07:29.0637 4240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:07:29.0715 4240 HTTP - ok
17:07:29.0715 4240 [ 51ACD072EC7863BFDE2B5B6A5383F945 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
17:07:29.0777 4240 HWiNFO32 - ok
17:07:29.0777 4240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:07:29.0839 4240 hwpolicy - ok
17:07:29.0839 4240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:07:29.0902 4240 i8042prt - ok
17:07:29.0902 4240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:07:29.0980 4240 iaStorV - ok
17:07:29.0980 4240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:30.0058 4240 idsvc - ok
17:07:30.0058 4240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:07:30.0120 4240 iirsp - ok
17:07:30.0136 4240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:07:30.0214 4240 IKEEXT - ok
17:07:30.0214 4240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:07:30.0292 4240 intelide - ok
17:07:30.0292 4240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:07:30.0354 4240 intelppm - ok
17:07:30.0354 4240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:07:30.0432 4240 IPBusEnum - ok
17:07:30.0432 4240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:07:30.0510 4240 IpFilterDriver - ok
17:07:30.0510 4240 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:07:30.0573 4240 iphlpsvc - ok
17:07:30.0573 4240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:07:30.0635 4240 IPMIDRV - ok
17:07:30.0635 4240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:07:30.0713 4240 IPNAT - ok
17:07:30.0713 4240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:07:30.0775 4240 IRENUM - ok
17:07:30.0791 4240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:07:30.0838 4240 isapnp - ok
17:07:30.0853 4240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:07:30.0916 4240 iScsiPrt - ok
17:07:30.0916 4240 [ 75DDB94A2A24F9F7037D10A2DDA06D36 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
17:07:30.0978 4240 JRAID - ok
17:07:30.0994 4240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:07:31.0041 4240 kbdclass - ok
17:07:31.0041 4240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:07:31.0103 4240 kbdhid - ok
17:07:31.0103 4240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:07:31.0165 4240 KeyIso - ok
17:07:31.0165 4240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:07:31.0228 4240 KSecDD - ok
17:07:31.0228 4240 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:07:31.0290 4240 KSecPkg - ok
17:07:31.0290 4240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:07:31.0368 4240 ksthunk - ok
17:07:31.0368 4240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:07:31.0446 4240 KtmRm - ok
17:07:31.0446 4240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:07:31.0524 4240 LanmanServer - ok
17:07:31.0524 4240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:07:31.0602 4240 LanmanWorkstation - ok
17:07:31.0602 4240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:07:31.0680 4240 lltdio - ok
17:07:31.0680 4240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:07:31.0758 4240 lltdsvc - ok
17:07:31.0758 4240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:07:31.0821 4240 lmhosts - ok
17:07:31.0836 4240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:07:31.0899 4240 LSI_FC - ok
17:07:31.0899 4240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:07:31.0961 4240 LSI_SAS - ok
17:07:31.0977 4240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:07:32.0039 4240 LSI_SAS2 - ok
17:07:32.0039 4240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:07:32.0117 4240 LSI_SCSI - ok
17:07:32.0117 4240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:07:32.0179 4240 luafv - ok
17:07:32.0179 4240 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:07:32.0242 4240 McAfee SiteAdvisor Service - ok
17:07:32.0257 4240 [ 389BC447DF363450A78845D35DBA0047 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0304 4240 McMPFSvc - ok
17:07:32.0320 4240 [ 389BC447DF363450A78845D35DBA0047 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0382 4240 McNaiAnn - ok
17:07:32.0382 4240 [ 93432FAEA699F7A2B4F4AC5949D0B6AB ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
17:07:32.0445 4240 McODS - ok
17:07:32.0445 4240 [ 389BC447DF363450A78845D35DBA0047 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0507 4240 mcpltsvc - ok
17:07:32.0507 4240 [ 389BC447DF363450A78845D35DBA0047 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:32.0569 4240 McProxy - ok
17:07:32.0585 4240 [ D0885CA52ACD97E0C93A565BDD2270D9 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
17:07:32.0647 4240 McPvDrv - ok
17:07:32.0647 4240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:07:32.0710 4240 Mcx2Svc - ok
17:07:32.0710 4240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:07:32.0772 4240 megasas - ok
17:07:32.0772 4240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:07:32.0835 4240 MegaSR - ok
17:07:32.0850 4240 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:07:32.0913 4240 mfeapfk - ok
17:07:32.0913 4240 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:07:32.0975 4240 mfeavfk - ok
17:07:32.0975 4240 mfeavfk01 - ok
17:07:32.0991 4240 [ 38D1F23EE031B615A8CA51DD1E523579 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
17:07:33.0053 4240 mfecore - ok
17:07:33.0069 4240 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:07:33.0131 4240 mfefire - ok
17:07:33.0131 4240 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:07:33.0193 4240 mfefirek - ok
17:07:33.0209 4240 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:07:33.0287 4240 mfehidk - ok
17:07:33.0287 4240 [ 9C9FC3770BD600B2D761D666234C244D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
17:07:33.0349 4240 mfencbdc - ok
17:07:33.0349 4240 [ 93241CC8509B622B47EEA1B8505CF511 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
17:07:33.0412 4240 mfencrk - ok
17:07:33.0427 4240 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
17:07:33.0490 4240 mfevtp - ok
17:07:33.0490 4240 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:07:33.0552 4240 mfewfpk - ok
17:07:33.0552 4240 Microsoft SharePoint Workspace Audit Service - ok
17:07:33.0568 4240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:07:33.0630 4240 MMCSS - ok
17:07:33.0630 4240 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
17:07:33.0693 4240 MOBKbackup - ok
17:07:33.0693 4240 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
17:07:33.0755 4240 MOBKFilter - ok
17:07:33.0755 4240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:07:33.0833 4240 Modem - ok
17:07:33.0833 4240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:07:33.0880 4240 monitor - ok
17:07:33.0895 4240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:07:33.0942 4240 mouclass - ok
17:07:33.0958 4240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:07:34.0005 4240 mouhid - ok
17:07:34.0020 4240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:07:34.0083 4240 mountmgr - ok
17:07:34.0083 4240 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:07:34.0145 4240 MozillaMaintenance - ok
17:07:34.0145 4240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:07:34.0207 4240 mpio - ok
17:07:34.0207 4240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:07:34.0285 4240 mpsdrv - ok
17:07:34.0285 4240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:07:34.0379 4240 MpsSvc - ok
17:07:34.0379 4240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:07:34.0441 4240 MRxDAV - ok
17:07:34.0441 4240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:07:34.0504 4240 mrxsmb - ok
17:07:34.0519 4240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:07:34.0566 4240 mrxsmb10 - ok
17:07:34.0566 4240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:07:34.0629 4240 mrxsmb20 - ok
17:07:34.0629 4240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:07:34.0691 4240 msahci - ok
17:07:34.0691 4240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:07:34.0769 4240 msdsm - ok
17:07:34.0769 4240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:07:34.0831 4240 MSDTC - ok
17:07:34.0831 4240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:07:34.0894 4240 Msfs - ok
17:07:34.0909 4240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:07:34.0972 4240 mshidkmdf - ok
17:07:34.0972 4240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:07:35.0034 4240 msisadrv - ok
17:07:35.0050 4240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:07:35.0112 4240 MSiSCSI - ok
17:07:35.0112 4240 msiserver - ok
17:07:35.0128 4240 [ 389BC447DF363450A78845D35DBA0047 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:07:35.0190 4240 MSK80Service - ok
17:07:35.0190 4240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:07:35.0253 4240 MSKSSRV - ok
17:07:35.0253 4240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:07:35.0331 4240 MSPCLOCK - ok
17:07:35.0331 4240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:07:35.0409 4240 MSPQM - ok
17:07:35.0409 4240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:07:35.0487 4240 MsRPC - ok
17:07:35.0487 4240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:07:35.0549 4240 mssmbios - ok
17:07:35.0549 4240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:07:35.0611 4240 MSTEE - ok
17:07:35.0611 4240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:07:35.0674 4240 MTConfig - ok
17:07:35.0689 4240 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:07:35.0736 4240 MTsensor - ok
17:07:35.0736 4240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:07:35.0799 4240 Mup - ok
17:07:35.0814 4240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:07:35.0892 4240 napagent - ok
17:07:35.0892 4240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:07:35.0955 4240 NativeWifiP - ok
17:07:35.0970 4240 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:07:36.0033 4240 NDIS - ok
17:07:36.0048 4240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:07:36.0111 4240 NdisCap - ok
17:07:36.0111 4240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:07:36.0189 4240 NdisTapi - ok
17:07:36.0189 4240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:07:36.0267 4240 Ndisuio - ok
17:07:36.0267 4240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:07:36.0329 4240 NdisWan - ok
17:07:36.0345 4240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:07:36.0407 4240 NDProxy - ok
17:07:36.0407 4240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:07:36.0469 4240 NetBIOS - ok
17:07:36.0485 4240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:07:36.0547 4240 NetBT - ok
17:07:36.0547 4240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:07:36.0610 4240 Netlogon - ok
17:07:36.0610 4240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:07:36.0688 4240 Netman - ok
17:07:36.0688 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:36.0750 4240 NetMsmqActivator - ok
17:07:36.0766 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:36.0813 4240 NetPipeActivator - ok
17:07:36.0828 4240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:07:36.0891 4240 netprofm - ok
17:07:36.0891 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:36.0953 4240 NetTcpActivator - ok
17:07:36.0953 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:37.0015 4240 NetTcpPortSharing - ok
17:07:37.0015 4240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:07:37.0078 4240 nfrd960 - ok
17:07:37.0093 4240 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:07:37.0156 4240 NlaSvc - ok
17:07:37.0156 4240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:07:37.0218 4240 Npfs - ok
17:07:37.0234 4240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:07:37.0296 4240 nsi - ok
17:07:37.0296 4240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:07:37.0374 4240 nsiproxy - ok
17:07:37.0390 4240 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:07:37.0468 4240 Ntfs - ok
17:07:37.0468 4240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:07:37.0530 4240 Null - ok
17:07:37.0546 4240 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:07:37.0608 4240 nusb3hub - ok
17:07:37.0608 4240 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:07:37.0655 4240 nusb3xhc - ok
17:07:37.0671 4240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:07:37.0733 4240 nvraid - ok
17:07:37.0733 4240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:07:37.0795 4240 nvstor - ok
17:07:37.0795 4240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:07:37.0858 4240 nv_agp - ok
17:07:37.0873 4240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:07:37.0936 4240 ohci1394 - ok
17:07:37.0936 4240 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:37.0998 4240 ose - ok
17:07:38.0029 4240 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:07:38.0139 4240 osppsvc - ok
17:07:38.0154 4240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:07:38.0217 4240 p2pimsvc - ok
17:07:38.0217 4240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:07:38.0279 4240 p2psvc - ok
17:07:38.0295 4240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:07:38.0341 4240 Parport - ok
17:07:38.0357 4240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:07:38.0419 4240 partmgr - ok
17:07:38.0419 4240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:07:38.0482 4240 PcaSvc - ok
17:07:38.0482 4240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:07:38.0544 4240 pci - ok
17:07:38.0544 4240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:07:38.0607 4240 pciide - ok
17:07:38.0622 4240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:07:38.0685 4240 pcmcia - ok
17:07:38.0685 4240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:07:38.0747 4240 pcw - ok
17:07:38.0763 4240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:07:38.0825 4240 PEAUTH - ok
17:07:38.0841 4240 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:07:38.0903 4240 PeerDistSvc - ok
17:07:38.0934 4240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:07:38.0981 4240 PerfHost - ok
17:07:39.0012 4240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:07:39.0090 4240 pla - ok
17:07:39.0106 4240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:07:39.0168 4240 PlugPlay - ok
17:07:39.0168 4240 PnkBstrA - ok
17:07:39.0168 4240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:07:39.0231 4240 PNRPAutoReg - ok
17:07:39.0231 4240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:07:39.0293 4240 PNRPsvc - ok
17:07:39.0293 4240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:07:39.0371 4240 PolicyAgent - ok
17:07:39.0371 4240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:07:39.0449 4240 Power - ok
17:07:39.0449 4240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:07:39.0527 4240 PptpMiniport - ok
17:07:39.0527 4240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:07:39.0589 4240 Processor - ok
17:07:39.0589 4240 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:07:39.0667 4240 ProfSvc - ok
17:07:39.0667 4240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:07:39.0714 4240 ProtectedStorage - ok
17:07:39.0730 4240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:07:39.0792 4240 Psched - ok
17:07:39.0808 4240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:07:39.0901 4240 ql2300 - ok
17:07:39.0901 4240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:07:39.0964 4240 ql40xx - ok
17:07:39.0964 4240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:07:40.0042 4240 QWAVE - ok
17:07:40.0042 4240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:07:40.0104 4240 QWAVEdrv - ok
17:07:40.0104 4240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:07:40.0182 4240 RasAcd - ok
17:07:40.0198 4240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:07:40.0260 4240 RasAgileVpn - ok
17:07:40.0276 4240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:07:40.0354 4240 RasAuto - ok
17:07:40.0354 4240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:07:40.0416 4240 Rasl2tp - ok
17:07:40.0432 4240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:07:40.0510 4240 RasMan - ok
17:07:40.0510 4240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:07:40.0572 4240 RasPppoe - ok
17:07:40.0588 4240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:07:40.0650 4240 RasSstp - ok
17:07:40.0650 4240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:07:40.0728 4240 rdbss - ok
17:07:40.0728 4240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:07:40.0791 4240 rdpbus - ok
17:07:40.0791 4240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:07:40.0869 4240 RDPCDD - ok
17:07:40.0869 4240 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:07:40.0947 4240 RDPDR - ok
17:07:40.0947 4240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:07:41.0009 4240 RDPENCDD - ok
17:07:41.0009 4240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:07:41.0087 4240 RDPREFMP - ok
17:07:41.0087 4240 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:07:41.0165 4240 RdpVideoMiniport - ok
17:07:41.0165 4240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:07:41.0227 4240 RDPWD - ok
17:07:41.0243 4240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:07:41.0305 4240 rdyboost - ok
17:07:41.0305 4240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:07:41.0383 4240 RemoteAccess - ok
17:07:41.0383 4240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:07:41.0461 4240 RemoteRegistry - ok
17:07:41.0461 4240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:07:41.0539 4240 RpcEptMapper - ok
17:07:41.0539 4240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:07:41.0602 4240 RpcLocator - ok
17:07:41.0602 4240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:07:41.0680 4240 RpcSs - ok
17:07:41.0680 4240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:07:41.0742 4240 rspndr - ok
17:07:41.0742 4240 [ 2E887E52E45BBA3C47CCD0E75FC5266F ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
17:07:41.0805 4240 RTCore64 - ok
17:07:41.0820 4240 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:07:41.0883 4240 s3cap - ok
17:07:41.0883 4240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:07:41.0929 4240 SamSs - ok
17:07:41.0945 4240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:07:42.0007 4240 sbp2port - ok
17:07:42.0007 4240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:07:42.0085 4240 SCardSvr - ok
17:07:42.0085 4240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:07:42.0163 4240 scfilter - ok
17:07:42.0179 4240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:07:42.0257 4240 Schedule - ok
17:07:42.0257 4240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:07:42.0335 4240 SCPolicySvc - ok
17:07:42.0335 4240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:07:42.0397 4240 SDRSVC - ok
17:07:42.0397 4240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:07:42.0475 4240 secdrv - ok
17:07:42.0475 4240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:07:42.0538 4240 seclogon - ok
17:07:42.0553 4240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:07:42.0631 4240 SENS - ok
17:07:42.0631 4240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:07:42.0694 4240 SensrSvc - ok
17:07:42.0694 4240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:07:42.0756 4240 Serenum - ok
17:07:42.0772 4240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:07:42.0834 4240 Serial - ok
17:07:42.0834 4240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:07:42.0897 4240 sermouse - ok
17:07:42.0897 4240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:07:42.0975 4240 SessionEnv - ok
17:07:42.0975 4240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:07:43.0053 4240 sffdisk - ok
17:07:43.0053 4240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:07:43.0115 4240 sffp_mmc - ok
17:07:43.0131 4240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:07:43.0193 4240 sffp_sd - ok
17:07:43.0193 4240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:07:43.0255 4240 sfloppy - ok
17:07:43.0255 4240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:07:43.0333 4240 SharedAccess - ok
17:07:43.0333 4240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:07:43.0411 4240 ShellHWDetection - ok
17:07:43.0427 4240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:07:43.0474 4240 SiSRaid2 - ok
17:07:43.0489 4240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:07:43.0552 4240 SiSRaid4 - ok
17:07:43.0552 4240 [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:07:43.0614 4240 SkypeUpdate - ok
17:07:43.0614 4240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:07:43.0692 4240 Smb - ok
17:07:43.0708 4240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:07:43.0770 4240 SNMPTRAP - ok
17:07:43.0770 4240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:07:43.0833 4240 spldr - ok
17:07:43.0833 4240 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:07:43.0895 4240 Spooler - ok
17:07:43.0942 4240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:07:44.0035 4240 sppsvc - ok
17:07:44.0035 4240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:07:44.0113 4240 sppuinotify - ok
17:07:44.0113 4240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:07:44.0176 4240 srv - ok
17:07:44.0191 4240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:07:44.0254 4240 srv2 - ok
17:07:44.0254 4240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:07:44.0316 4240 srvnet - ok
17:07:44.0316 4240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:07:44.0394 4240 SSDPSRV - ok
17:07:44.0394 4240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:07:44.0488 4240 SstpSvc - ok
17:07:44.0488 4240 Steam Client Service - ok
17:07:44.0488 4240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:07:44.0550 4240 stexstor - ok
17:07:44.0550 4240 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:07:44.0613 4240 StillCam - ok
17:07:44.0628 4240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:07:44.0691 4240 stisvc - ok
17:07:44.0691 4240 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:07:44.0753 4240 storflt - ok
17:07:44.0769 4240 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:07:44.0831 4240 storvsc - ok
17:07:44.0831 4240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:07:44.0893 4240 swenum - ok
17:07:44.0909 4240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:07:44.0987 4240 swprv - ok
17:07:44.0987 4240 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
17:07:45.0065 4240 Synth3dVsc - ok
17:07:45.0081 4240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:07:45.0159 4240 SysMain - ok
17:07:45.0159 4240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:07:45.0221 4240 TabletInputService - ok
17:07:45.0237 4240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:07:45.0299 4240 TapiSrv - ok
17:07:45.0315 4240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:07:45.0377 4240 TBS - ok
17:07:45.0393 4240 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:07:45.0471 4240 Tcpip - ok
17:07:45.0486 4240 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:07:45.0564 4240 TCPIP6 - ok
17:07:45.0580 4240 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:07:45.0642 4240 tcpipreg - ok
17:07:45.0642 4240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:07:45.0720 4240 TDPIPE - ok
17:07:45.0720 4240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:07:45.0783 4240 TDTCP - ok
17:07:45.0783 4240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:07:45.0845 4240 tdx - ok
17:07:45.0861 4240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:07:45.0907 4240 TermDD - ok
17:07:45.0923 4240 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
17:07:45.0985 4240 terminpt - ok
17:07:46.0001 4240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:07:46.0079 4240 TermService - ok
17:07:46.0095 4240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:07:46.0157 4240 Themes - ok
17:07:46.0157 4240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:07:46.0235 4240 THREADORDER - ok
17:07:46.0235 4240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:07:46.0313 4240 TrkWks - ok
17:07:46.0313 4240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:07:46.0391 4240 TrustedInstaller - ok
17:07:46.0391 4240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:46.0453 4240 tssecsrv - ok
17:07:46.0469 4240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:07:46.0531 4240 TsUsbFlt - ok
17:07:46.0531 4240 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:07:46.0594 4240 TsUsbGD - ok
17:07:46.0594 4240 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
17:07:46.0656 4240 tsusbhub - ok
17:07:46.0656 4240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:07:46.0734 4240 tunnel - ok
17:07:46.0734 4240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:07:46.0797 4240 uagp35 - ok
17:07:46.0812 4240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:07:46.0875 4240 udfs - ok
17:07:46.0890 4240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:07:46.0953 4240 UI0Detect - ok
17:07:46.0953 4240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:07:47.0015 4240 uliagpkx - ok
17:07:47.0015 4240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:07:47.0077 4240 umbus - ok
17:07:47.0077 4240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:07:47.0140 4240 UmPass - ok
17:07:47.0155 4240 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:07:47.0218 4240 UmRdpService - ok
17:07:47.0233 4240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:07:47.0311 4240 upnphost - ok
17:07:47.0311 4240 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:07:47.0374 4240 usbccgp - ok
17:07:47.0389 4240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:07:47.0452 4240 usbcir - ok
17:07:47.0452 4240 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:07:47.0514 4240 usbehci - ok
17:07:47.0514 4240 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:07:47.0592 4240 usbhub - ok
17:07:47.0592 4240 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:07:47.0655 4240 usbohci - ok
17:07:47.0655 4240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:07:47.0717 4240 usbprint - ok
17:07:47.0733 4240 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:07:47.0795 4240 usbscan - ok
17:07:47.0795 4240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:07:47.0873 4240 USBSTOR - ok
17:07:47.0873 4240 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:07:47.0935 4240 usbuhci - ok
17:07:47.0935 4240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:07:48.0045 4240 UxSms - ok
17:07:48.0045 4240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:07:48.0091 4240 VaultSvc - ok
17:07:48.0107 4240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:07:48.0169 4240 vdrvroot - ok
17:07:48.0169 4240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:07:48.0247 4240 vds - ok
17:07:48.0263 4240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:07:48.0325 4240 vga - ok
17:07:48.0325 4240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:07:48.0403 4240 VgaSave - ok
17:07:48.0403 4240 VGPU - ok
17:07:48.0403 4240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:07:48.0466 4240 vhdmp - ok
17:07:48.0481 4240 [ DFDF7F9CAA50EE72A633EA4BBD65A557 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:07:48.0544 4240 VIAHdAudAddService - ok
17:07:48.0559 4240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:07:48.0622 4240 viaide - ok
17:07:48.0622 4240 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:07:48.0684 4240 vmbus - ok
17:07:48.0700 4240 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:07:48.0762 4240 VMBusHID - ok
17:07:48.0762 4240 [ 754C8BF43F0DD4B54865F174A62761E9 ] VMfilt C:\Windows\system32\drivers\VMfilt64.sys
17:07:48.0809 4240 VMfilt - ok
17:07:48.0825 4240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:07:48.0887 4240 volmgr - ok
17:07:48.0887 4240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:07:48.0965 4240 volmgrx - ok
17:07:48.0965 4240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:07:49.0027 4240 volsnap - ok
17:07:49.0043 4240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:07:49.0121 4240 vsmraid - ok
17:07:49.0137 4240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:07:49.0215 4240 VSS - ok
17:07:49.0215 4240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:07:49.0277 4240 vwifibus - ok
17:07:49.0293 4240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:07:49.0371 4240 W32Time - ok
17:07:49.0371 4240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:07:49.0433 4240 WacomPen - ok
17:07:49.0449 4240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:07:49.0511 4240 WANARP - ok
17:07:49.0511 4240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:07:49.0589 4240 Wanarpv6 - ok
17:07:49.0589 4240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:07:49.0667 4240 WatAdminSvc - ok
17:07:49.0683 4240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:07:49.0761 4240 wbengine - ok
17:07:49.0776 4240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:07:49.0839 4240 WbioSrvc - ok
17:07:49.0854 4240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:07:49.0917 4240 wcncsvc - ok
17:07:49.0917 4240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:07:49.0995 4240 WcsPlugInService - ok
17:07:49.0995 4240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:07:50.0057 4240 Wd - ok
17:07:50.0073 4240 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:07:50.0151 4240 Wdf01000 - ok
17:07:50.0151 4240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:07:50.0229 4240 WdiServiceHost - ok
17:07:50.0229 4240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:07:50.0291 4240 WdiSystemHost - ok
17:07:50.0291 4240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:07:50.0369 4240 WebClient - ok
17:07:50.0369 4240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:07:50.0447 4240 Wecsvc - ok
17:07:50.0447 4240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:07:50.0525 4240 wercplsupport - ok
17:07:50.0525 4240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:07:50.0603 4240 WerSvc - ok
17:07:50.0603 4240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:07:50.0665 4240 WfpLwf - ok
17:07:50.0681 4240 [ A8DD94CB385BBA9FE76A5A16842E95EB ] WIMBLEMS C:\Windows\system32\drivers\WIMBLEMS.sys
17:07:50.0728 4240 WIMBLEMS - ok
17:07:50.0728 4240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:07:50.0806 4240 WIMMount - ok
17:07:50.0806 4240 WinDefend - ok
17:07:50.0806 4240 WinHttpAutoProxySvc - ok
17:07:50.0821 4240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:07:50.0899 4240 Winmgmt - ok
17:07:50.0915 4240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:07:51.0024 4240 WinRM - ok
17:07:51.0024 4240 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:07:51.0102 4240 WinUsb - ok
17:07:51.0118 4240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:07:51.0180 4240 Wlansvc - ok
17:07:51.0180 4240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:07:51.0243 4240 WmiAcpi - ok
17:07:51.0243 4240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:07:51.0305 4240 wmiApSrv - ok
17:07:51.0305 4240 WMPNetworkSvc - ok
17:07:51.0321 4240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:07:51.0383 4240 WPCSvc - ok
17:07:51.0383 4240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:07:51.0461 4240 WPDBusEnum - ok
17:07:51.0461 4240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:07:51.0539 4240 ws2ifsl - ok
17:07:51.0539 4240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:07:51.0617 4240 wscsvc - ok
17:07:51.0617 4240 WSearch - ok
17:07:51.0633 4240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:07:51.0726 4240 wuauserv - ok
17:07:51.0726 4240 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:07:51.0804 4240 WudfPf - ok
17:07:51.0804 4240 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:07:51.0867 4240 WUDFRd - ok
17:07:51.0882 4240 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:07:51.0945 4240 wudfsvc - ok
17:07:51.0945 4240 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:07:52.0023 4240 WwanSvc - ok
17:07:52.0038 4240 X6va011 - ok
17:07:52.0038 4240 X6va012 - ok
17:07:52.0054 4240 [ B2818BFAB7817F7E7EE886F58B15B35C ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:07:52.0116 4240 yukonw7 - ok
17:07:52.0116 4240 ================ Scan global ===============================
17:07:52.0132 4240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:07:52.0132 4240 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:07:52.0132 4240 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:07:52.0132 4240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:07:52.0147 4240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:07:52.0147 4240 [Global] - ok
17:07:52.0147 4240 ================ Scan MBR ==================================
17:07:52.0147 4240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:07:52.0210 4240 \Device\Harddisk0\DR0 - ok
17:07:52.0225 4240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:07:52.0272 4240 \Device\Harddisk1\DR1 - ok
17:07:52.0272 4240 ================ Scan VBR ==================================
17:07:52.0272 4240 [ 32D4658C168CA71EE9F558531721645C ] \Device\Harddisk0\DR0\Partition1
17:07:52.0272 4240 \Device\Harddisk0\DR0\Partition1 - ok
17:07:52.0288 4240 [ 3A28D27AEA74D75A63B5DFF4B2EB837E ] \Device\Harddisk0\DR0\Partition2
17:07:52.0288 4240 \Device\Harddisk0\DR0\Partition2 - ok
17:07:52.0288 4240 [ CB98B154EE6278742BBCF96A932A929D ] \Device\Harddisk1\DR1\Partition1
17:07:52.0288 4240 \Device\Harddisk1\DR1\Partition1 - ok
17:07:52.0288 4240 [ D632ECF26FE3221ED13A1FE53773B34F ] \Device\Harddisk1\DR1\Partition2
17:07:52.0288 4240 \Device\Harddisk1\DR1\Partition2 - ok
17:07:52.0288 4240 ============================================================
17:07:52.0288 4240 Scan finished
17:07:52.0288 4240 ============================================================
17:07:52.0303 5664 Detected object count: 3
17:07:52.0303 5664 Actual detected object count: 3
17:08:18.0684 5664 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:18.0684 5664 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:18.0684 5664 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:18.0684 5664 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:18.0684 5664 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:18.0684 5664 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip

São falsos positivos mesmo.

Bem, não há atividades de rootkit bloqueando o firewall em segundo plano. Quando há malwares bloqueando este tipo de componente, geralmente são rootkits como ZeroAcess e o TDSS. Mas o TDSSKiller (que identifica ambas as ameaças) não detectou nada, acredito que isso não esteja sendo ocasionado por malwares.

É estranho o McAfee estar desativando seu próprio módulo de proteção. Você tem certeza de que é o antivirus que está desativando o firewall? Ou quando isso ocorre, algum erro ou aviso é gerado?

VoiderX · 21/03/2013

Mr.Wolf disse:
São falsos positivos mesmo.

Bem, não há atividades de rootkit bloqueando o firewall em segundo plano. Quando há malwares bloqueando este tipo de componente, geralmente são rootkits como ZeroAcess e o TDSS. Mas o TDSSKiller (que identifica ambas as ameaças) não detectou nada, acredito que isso não esteja sendo ocasionado por malwares.

É estranho o McAfee estar desativando seu próprio módulo de proteção. Você tem certeza de que é o antivirus que está desativando o firewall? Ou quando isso ocorre, algum erro ou aviso é gerado?

Unica coisa é o McAfee abrindo a telinha no canto e dizendo que o PC está em risco, a maioria das vezes ocorre isso e some bem rápido e na hora que vou ver o Firewall já reativou sozinho. :poker:

As vezes eu preciso re ativar por mim mesmo.

Mr.Wolf · 22/03/2013

X.DragonSlayer.X disse:
Unica coisa é o McAfee abrindo a telinha no canto e dizendo que o PC está em risco, a maioria das vezes ocorre isso e some bem rápido e na hora que vou ver o Firewall já reativou sozinho.
As vezes eu preciso re ativar por mim mesmo.

Desative o firewall do McAfee e ative o do Windows, temporariamente apenas. Observe se o problema vai continuar ainda assim. Se persistir, daí realmente o problema pode estar relacionado a malwares. Do contrário, certamente é alguma coisa no McAfee mesmo.

Já tentou reinstalar o programa? Caso seja algo no McAfee, sugiro que procure o suporte do programa. É bem eficiente e eles saberão como ajudar melhor.

Agora, se preferir, podemos realizar exames mais minuciosos para limar a possibilidade de atividade maliciosa.

juliozanatta · 22/03/2013

Mr Wolf vc viu o meu log que postei? Tem alguma coisa no meu pc? Valeu.

VoiderX · 22/03/2013

Mr.Wolf disse:
Desative o firewall do McAfee e ative o do Windows, temporariamente apenas. Observe se o problema vai continuar ainda assim. Se persistir, daí realmente o problema pode estar relacionado a malwares. Do contrário, certamente é alguma coisa no McAfee mesmo.

Já tentou reinstalar o programa? Caso seja algo no McAfee, sugiro que procure o suporte do programa. É bem eficiente e eles saberão como ajudar melhor.

Agora, se preferir, podemos realizar exames mais minuciosos para limar a possibilidade de atividade maliciosa.

Vou reinstalar ele e ver se continua o problema :challenge:

lukox · 26/03/2013

Código:

OTL logfile created on: 26/03/2013 13:54:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\lucas\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
 
4,00 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 60,63% Memory free
8,00 Gb Paging File | 6,16 Gb Available in Paging File | 77,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 263,67 Gb Total Space | 195,92 Gb Free Space | 74,30% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 96,82 Gb Free Space | 99,14% Space Free | Partition Type: NTFS
Drive E: | 104,33 Gb Total Space | 104,24 Gb Free Space | 99,91% Space Free | Partition Type: NTFS
Drive I: | 642,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: LUCAS-PC | User Name: lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/03/26 13:53:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\lucas\Downloads\OTL.exe
PRC - [2013/03/10 21:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/01/15 13:36:50 | 001,398,680 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2012/12/14 06:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/03/28 18:11:38 | 003,325,952 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 14:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/01/01 19:54:04 | 003,735,552 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
PRC - [2006/11/03 10:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC7302\Monitor.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/03/10 21:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
MOD - [2013/03/10 21:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/10 21:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/10 21:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/10 21:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/10 21:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2008/06/19 16:35:36 | 000,333,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
MOD - [2008/03/05 08:34:32 | 000,795,520 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
MOD - [2008/03/04 13:52:00 | 000,790,392 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
MOD - [2008/02/26 10:04:40 | 000,717,176 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
MOD - [2007/12/24 00:05:00 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 06:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/01/16 13:48:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 08:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010/01/11 17:05:20 | 001,290,752 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 17:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2007/11/08 09:29:22 | 000,527,872 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302)
DRV:[b]64bit:[/b] - [2005/03/29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237760
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237760
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237760
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237760
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 C5 D5 79 C3 03 CE 01  [binary data]
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=761
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTerms}&affID=119351&babsrc=SP_ss&mntrId=3843e698000000000000000000000000
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.22find.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237761
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "22find"
FF - prefs.js..browser.search.order.1: "22find"
FF - prefs.js..browser.search.selectedEngine: "22find"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.22find.com/?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237754"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\lucas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
 
[2013/02/16 13:12:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lucas\AppData\Roaming\mozilla\Extensions
[2013/03/06 13:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lucas\AppData\Roaming\mozilla\Firefox\Profiles\azlhptrh.default\extensions
[2013/03/02 12:22:41 | 000,000,741 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\22find.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: 22find (Enabled)
CHR - default_search_provider: search_url = http://search.22find.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237761&type=default&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.22find.com/?utm_source=b&utm_medium=cor&from=cor&uid=395049983_1052483_3843E698&ts=1362237754
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Users\lucas\AppData\Roaming\raidcall\plugins\nprcplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: FB unseen = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.4_0\
CHR - Extension: 22find = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda\2.0.1_0\
CHR - Extension: Gmail = C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001..\RunOnce: [Del164202175] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2961206091-3493969195-2042948836-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54D6F715-52C6-4F55-B2CD-7CA97DD848B4}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69D159BA-1928-4B92-94D9-79D32526F4B1}: NameServer = 200.204.0.10 200.204.0.138
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/22 13:17:28 | 000,000,175 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{d1f33936-5dd9-11e2-8896-14dae96f9290}\Shell - "" = AutoRun
O33 - MountPoints2\{d1f33936-5dd9-11e2-8896-14dae96f9290}\Shell\AutoRun\command - "" = I:\setup.exe -- [2010/03/12 04:05:28 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{d1f33936-5dd9-11e2-8896-14dae96f9290}\Shell\configure\command - "" = I:\setup.exe -- [2010/03/12 04:05:28 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{d1f33936-5dd9-11e2-8896-14dae96f9290}\Shell\install\command - "" = I:\setup.exe -- [2010/03/12 04:05:28 | 001,100,664 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/03/25 21:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElfBot NG
[2013/03/25 21:21:41 | 000,000,000 | ---D | C] -- C:\Users\lucas\Desktop\Nova pasta
[2013/03/22 03:05:04 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/22 03:05:03 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/22 03:05:03 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/22 03:05:03 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/22 03:05:03 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/22 03:05:03 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/22 03:05:03 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/22 03:05:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/22 03:05:03 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/22 03:05:03 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/22 03:05:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/22 03:05:03 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/22 03:05:03 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/22 03:05:03 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/22 03:05:03 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/22 03:05:03 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/22 03:05:03 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/22 03:05:03 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/22 03:05:03 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/22 03:05:03 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/22 03:05:03 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/22 03:05:03 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/22 03:05:03 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/22 03:05:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/22 03:05:03 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/22 03:05:03 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/22 03:05:03 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/22 03:05:03 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/22 03:05:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/22 03:05:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/22 03:05:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/22 03:05:03 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/22 03:05:03 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/22 03:05:03 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/22 03:05:03 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/22 03:05:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/22 03:05:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/22 03:05:03 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/22 03:05:03 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/22 03:05:03 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/22 03:05:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/22 03:05:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/22 03:05:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/22 03:05:03 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/22 03:05:03 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/22 03:05:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/22 03:05:03 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/22 03:05:03 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/22 03:05:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/22 03:05:03 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/22 03:05:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/22 03:05:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/22 03:05:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/22 03:05:03 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/22 03:05:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/22 03:05:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/22 03:05:03 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/22 03:05:03 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/22 03:05:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/22 03:05:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/22 03:05:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/22 03:05:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/22 03:05:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/22 03:05:03 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/22 03:05:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/22 03:05:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/22 03:05:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/22 03:05:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/22 03:04:18 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/03/22 03:04:18 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/03/22 03:04:18 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/03/22 03:04:18 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/22 03:04:18 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/03/22 03:04:18 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/03/22 03:04:18 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/03/22 03:04:18 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/03/22 03:04:18 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/03/22 03:04:18 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/03/22 03:04:18 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/03/22 03:04:18 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/03/22 03:04:18 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/03/22 03:04:18 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/03/22 03:04:18 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/03/22 03:04:18 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/22 03:04:18 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/03/22 03:04:18 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/03/22 03:04:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/03/22 03:04:18 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/03/22 03:04:18 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/03/22 03:04:18 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/03/22 03:04:18 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/03/22 03:04:18 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 03:04:18 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 03:04:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/22 03:04:18 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/21 21:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/21 18:45:39 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/03/21 18:45:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/03/21 18:45:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/03/21 18:45:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/03/21 18:45:36 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/03/21 18:45:36 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/03/21 18:45:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/03/21 18:45:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/03/21 18:45:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/03/21 18:45:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/03/21 18:45:34 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/03/21 18:43:57 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/03/21 12:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/21 03:01:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/03/21 03:00:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/03/21 00:58:30 | 000,681,472 | ---- | C] (www.tpforums.org) -- C:\Users\lucas\Documents\Tibia Time Machine.exe
[2013/03/20 22:38:49 | 000,683,008 | ---- | C] (www.tpforums.org) -- C:\Users\lucas\Tibia Time Machine.exe
[2013/03/20 18:14:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/14 19:59:09 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Local\Microsoft Games
[2013/03/13 03:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 03:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/13 03:01:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/12 14:53:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/03/12 14:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/03/12 14:51:24 | 000,472,064 | ---- | C] (Microsoft) -- C:\Windows\AutoKMS.exe
[2013/03/09 21:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tsserver
[2013/03/09 21:29:27 | 000,000,000 | ---D | C] -- C:\Users\lucas\Documents\Meus arquivos recebidos
[2013/03/09 18:29:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tibia 9.92
[2013/03/08 01:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/07 20:42:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/03/07 20:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/07 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/03/07 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/07 20:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/03/07 20:40:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/03/07 20:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/07 20:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/03/07 20:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/07 20:38:34 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/03/06 14:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/03/06 13:47:55 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Local\Macromedia
[2013/03/06 13:47:01 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/06 13:47:01 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/06 13:46:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/03/02 20:35:03 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\PSafe
[2013/03/02 12:28:48 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\Media Player Classic
[2013/03/02 12:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
[2013/03/02 12:27:55 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
[2013/03/02 12:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Essentials Codec Pack
[2013/03/02 12:27:17 | 000,288,688 | R--- | C] (360.cn) -- C:\Windows\SysNative\drivers\360FltOEM.sys
[2013/03/02 12:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\337
[2013/03/02 12:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PSafe
[2013/03/02 12:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desk 365
[2013/03/02 12:22:43 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\Desk 365
[2013/03/02 11:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EssentialPIM
[2013/03/02 11:42:08 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\EssentialPIM
[2013/03/02 11:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EssentialPIM
[2013/02/28 19:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013/02/28 19:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013/02/28 16:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BynaCam
[2013/02/28 16:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BynaCam
[2013/02/28 08:27:10 | 000,000,000 | ---D | C] -- C:\Users\lucas\corel
[2013/02/28 08:26:51 | 000,000,000 | ---D | C] -- C:\Users\lucas\Documents\Minhas paletas
[2013/02/28 08:24:42 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\Corel
[2013/02/28 08:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013/02/28 07:51:35 | 000,000,000 | ---D | C] -- C:\Users\lucas\Documents\Corel
[2013/02/28 07:51:26 | 000,000,000 | ---D | C] -- C:\Users\lucas\Documents\Visual Studio 2008
[2013/02/28 07:51:24 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Local\Microsoft Help
[2013/02/28 07:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2013/02/28 07:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2013/02/28 07:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/02/28 07:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2013/02/28 07:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2013/02/28 07:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2013/02/28 07:48:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel
[2013/02/28 07:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6
[2013/02/28 07:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2013/02/28 07:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6
[2013/02/26 22:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/02/26 20:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Tunnel
[2013/02/26 20:11:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Proxy Tunnel
[2013/02/25 21:15:34 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Local\Programs
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/03/26 13:56:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/26 13:56:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/26 13:55:45 | 000,000,012 | ---- | M] () -- C:\pipe11.dat
[2013/03/26 13:55:10 | 001,517,030 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/26 13:55:10 | 000,663,606 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013/03/26 13:55:10 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/26 13:55:10 | 000,127,896 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013/03/26 13:55:10 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/26 13:49:06 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/26 13:48:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/26 13:48:34 | 3220,615,168 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/26 13:30:01 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/25 23:30:59 | 000,040,446 | ---- | M] () -- C:\Users\lucas\Documents\DSCF0004.JPG
[2013/03/25 21:24:03 | 000,000,940 | ---- | M] () -- C:\Users\lucas\Desktop\ElfBot NG.lnk
[2013/03/24 18:30:44 | 004,269,857 | ---- | M] () -- C:\Users\lucas\Documents\Storm_Darghos_24_03_2013_Aracura_xSupremacy.ttm
[2013/03/22 03:30:23 | 000,496,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/22 03:05:04 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/22 03:05:03 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/22 03:05:03 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/22 03:05:03 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/22 03:05:03 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/22 03:05:03 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/22 03:05:03 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/22 03:05:03 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/22 03:05:03 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/22 03:05:03 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/22 03:05:03 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/22 03:05:03 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/22 03:05:03 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/22 03:05:03 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/22 03:05:03 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/22 03:05:03 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/22 03:05:03 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/22 03:05:03 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/22 03:05:03 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/22 03:05:03 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/22 03:05:03 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/22 03:05:03 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/22 03:05:03 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/22 03:05:03 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/22 03:05:03 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/22 03:05:03 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/22 03:05:03 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/22 03:05:03 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/22 03:05:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/22 03:05:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/22 03:05:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/22 03:05:03 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/22 03:05:03 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/22 03:05:03 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/22 03:05:03 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/22 03:05:03 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/22 03:05:03 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/22 03:05:03 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/22 03:05:03 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/22 03:05:03 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/22 03:05:03 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/22 03:05:03 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/22 03:05:03 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/22 03:05:03 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/22 03:05:03 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/22 03:05:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/22 03:05:03 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/22 03:05:03 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/22 03:05:03 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/22 03:05:03 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/22 03:05:03 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/22 03:05:03 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/22 03:05:03 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/22 03:05:03 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/22 03:05:03 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/22 03:05:03 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/22 03:05:03 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/22 03:05:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/22 03:05:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/22 03:05:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/22 03:05:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/22 03:05:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/22 03:05:03 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/22 03:05:03 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/22 03:05:03 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/22 03:05:03 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/22 03:05:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/22 03:05:03 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/22 03:05:03 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/22 03:05:03 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/22 03:04:18 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/03/22 03:04:18 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/03/22 03:04:18 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/03/22 03:04:18 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/22 03:04:18 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/03/22 03:04:18 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/03/22 03:04:18 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/03/22 03:04:18 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/03/22 03:04:18 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/03/22 03:04:18 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/03/22 03:04:18 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/03/22 03:04:18 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/03/22 03:04:18 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/03/22 03:04:18 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/03/22 03:04:18 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/03/22 03:04:18 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/22 03:04:18 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/03/22 03:04:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/03/22 03:04:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/03/22 03:04:18 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/03/22 03:04:18 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/03/22 03:04:18 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/03/22 03:04:18 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/03/22 03:04:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 03:04:18 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 03:04:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 03:04:18 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/22 03:04:18 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/21 21:28:14 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/21 03:07:35 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2013/03/21 03:07:35 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2013/03/12 14:51:24 | 000,472,064 | ---- | M] (Microsoft) -- C:\Windows\AutoKMS.exe
[2013/03/06 14:19:48 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/06 14:19:48 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/02 19:27:20 | 000,001,998 | -H-- | M] () -- C:\Users\lucas\Documents\Default.rdp
[2013/03/02 12:28:34 | 000,001,192 | ---- | M] () -- C:\Users\lucas\Desktop\Media Player Classic.lnk
[2013/03/02 12:23:10 | 000,773,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013/03/02 12:23:10 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013/03/02 12:02:48 | 000,683,008 | ---- | M] (www.tpforums.org) -- C:\Users\lucas\Tibia Time Machine.exe
[2013/03/02 11:42:11 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\EssentialPIM.lnk
[2013/03/01 14:48:20 | 000,001,702 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2013/03/01 14:48:20 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/03/25 23:30:50 | 000,040,446 | ---- | C] () -- C:\Users\lucas\Documents\DSCF0004.JPG
[2013/03/25 21:24:03 | 000,000,940 | ---- | C] () -- C:\Users\lucas\Desktop\ElfBot NG.lnk
[2013/03/25 21:10:19 | 001,859,072 | ---- | C] () -- C:\Users\lucas\Desktop\ElfCrack.exe
[2013/03/24 18:31:43 | 004,269,857 | ---- | C] () -- C:\Users\lucas\Documents\Storm_Darghos_24_03_2013_Aracura_xSupremacy.ttm
[2013/03/22 03:05:03 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/22 03:05:03 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/21 21:28:14 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/21 21:25:46 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/21 21:25:45 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/02 12:28:34 | 000,001,192 | ---- | C] () -- C:\Users\lucas\Desktop\Media Player Classic.lnk
[2013/03/02 11:42:11 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\EssentialPIM.lnk
[2013/02/28 19:23:38 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013/02/27 21:13:38 | 000,001,998 | -H-- | C] () -- C:\Users\lucas\Documents\Default.rdp
[2013/01/10 20:18:08 | 000,000,321 | ---- | C] () -- C:\Windows\SysWow64\Remover.ini
[2013/01/10 20:18:07 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
[2013/01/10 18:40:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013/02/21 15:53:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-2961206091-3493969195-2042948836-1001\$R74152L\@
[2013/02/21 15:53:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-2961206091-3493969195-2042948836-1001\$R74152L\L
[2013/02/21 15:53:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-2961206091-3493969195-2042948836-1001\$R74152L\N
[2013/02/21 15:53:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-2961206091-3493969195-2042948836-1001\$R74152L\U
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/03/26 13:54:17 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\BitTorrent
[2013/01/16 13:53:39 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\DAEMON Tools Lite
[2013/03/02 12:23:44 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\Desk 365
[2013/03/02 11:42:48 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\EssentialPIM
[2013/02/22 16:52:23 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\PhotoScape
[2013/03/02 20:35:03 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\PSafe
[2013/02/20 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\raidcall
[2013/02/05 14:27:34 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\TeamViewer
[2013/03/22 17:31:21 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\Tibia
[2013/03/09 20:32:00 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\TS3Client
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:6BE50C2B

< End of report >

Falc0n · 03/04/2013

Deixei o pc ligado e saí. Quando voltei vejo uma tela de Auto Scan do Anti-Vírus com um alerta de remoção.

Alguém sabe do que se trata e de onde peguei isso? Nunca apareceu nada por aqui e não entro em sites que não conheço. Achei bem estranho isso acontecer, não faço ideia de como peguei isso.

Jeu Moraes · 03/04/2013

Boa noite galera
Mr.Wolf, da uma olhada no meu aii

- OTL.Txt

OTL logfile created on: 03/04/2013 18:09:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JESUS\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,71 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 60,40% Memory free
7,42 Gb Paging File | 5,91 Gb Available in Paging File | 79,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 58,07 Gb Free Space | 58,12% Space Free | Partition Type: NTFS
Drive D: | 198,09 Gb Total Space | 96,12 Gb Free Space | 48,52% Space Free | Partition Type: NTFS

Computer Name: JESUS-PC | User Name: JESUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/03 18:02:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JESUS\Desktop\OTL.exe
PRC - [2013/04/03 17:09:45 | 000,801,112 | ---- | M] (BitTorrent Inc.) -- C:\Users\JESUS\Downloads\uTorrent.exe
PRC - [2013/04/02 20:44:10 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/03/13 13:31:24 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/06 20:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 20:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

========== Modules (No Company Name) ==========

MOD - [2013/04/02 20:44:09 | 003,143,576 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/03/13 13:31:24 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf

========== Services (SafeList) ==========

SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/02 20:44:09 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/24 19:55:11 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 20:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/01/08 17:23:50 | 000,277,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/01/08 11:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/08/07 14:01:47 | 000,087,712 | ---- | M] (Beijing Xing Technology Co., Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Software Plate\svcgdp.exe -- (svcgdp)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/08/18 11:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/06 20:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/06 20:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/06 20:33:21 | 000,178,624 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/06 20:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/06 20:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/06 20:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/06 20:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/06 20:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/12/12 16:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 11:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 11:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 11:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 11:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/03 20:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 00:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 00:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 00:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 71 B2 93 1E F8 E2 CD 01 [binary data]
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVB_pt-BRBR516
IE - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: desprotetordelinks%40claudio-silva.com:1.2.14.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\JESUS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/14 11:44:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/02 20:44:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/13 17:56:39 | 000,000,000 | ---D | M]

[2012/12/25 21:05:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JESUS\AppData\Roaming\Mozilla\Extensions
[2013/04/03 16:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JESUS\AppData\Roaming\Mozilla\Firefox\Profiles\uckxcp2i.default\extensions
[2013/02/23 16:05:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\JESUS\AppData\Roaming\Mozilla\Firefox\Profiles\uckxcp2i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/04/02 13:22:22 | 000,145,593 | ---- | M] () (No name found) -- C:\Users\JESUS\AppData\Roaming\Mozilla\Firefox\Profiles\uckxcp2i.default\extensions\desprotetordelinks@claudio-silva.com.xpi
[2013/02/20 09:06:21 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\JESUS\AppData\Roaming\Mozilla\Firefox\Profiles\uckxcp2i.default\extensions\youtube2mp3@mondayx.de.xpi
[2012/12/25 21:05:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/03/14 11:44:27 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/04/02 20:44:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/08 16:19:46 | 000,001,240 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2013/01/08 16:19:46 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2013/02/20 11:22:40 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2013/01/08 16:19:46 | 000,001,381 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2013/01/08 16:19:46 | 000,001,165 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.89\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\JESUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\JESUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Users\JESUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tema ViSta-se = C:\Users\JESUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcedicadmjnlpkcccoacdkljflgeejfj\1.0_0\
CHR - Extension: avast! WebRep = C:\Users\JESUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Gmail = C:\Users\JESUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/12 12:15:42 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Soft365) - {65AA9F11-96AA-4EFE-B615-49B0B1DB74F9} - C:\Windows\SysWOW64\ie.dll (Soft365.com)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2597291014-539974042-1164328793-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F732CC98-F968-4A6A-BF71-DD86C7CACAD2}: NameServer = 10.152.198.1,8.8.4.4
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{73c51199-57ff-11e2-b083-14dae99e1866}\Shell - "" = AutoRun
O33 - MountPoints2\{73c51199-57ff-11e2-b083-14dae99e1866}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{73c51199-57ff-11e2-b083-14dae99e1866}\Shell\Option1\Command - "" = E:\autorun.exe
O33 - MountPoints2\{73c511a8-57ff-11e2-b083-14dae99e1866}\Shell - "" = AutoRun
O33 - MountPoints2\{73c511a8-57ff-11e2-b083-14dae99e1866}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{73c511a8-57ff-11e2-b083-14dae99e1866}\Shell\Option1\Command - "" = E:\autorun.exe
O33 - MountPoints2\{73c511bb-57ff-11e2-b083-14dae99e1866}\Shell - "" = AutoRun
O33 - MountPoints2\{73c511bb-57ff-11e2-b083-14dae99e1866}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\autorun.bat
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/03 18:06:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\JESUS\Desktop\HijackThis.exe
[2013/04/03 18:02:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JESUS\Desktop\OTL.exe
[2013/03/27 19:22:06 | 000,144,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2013/03/27 19:22:06 | 000,020,992 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/03/27 19:22:03 | 000,104,448 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2013/03/27 19:22:03 | 000,017,920 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/03/19 19:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013/03/18 21:04:22 | 000,000,000 | ---D | C] -- C:\Users\JESUS\Desktop\Nova pasta
[2013/03/18 20:41:21 | 000,000,000 | ---D | C] -- C:\Users\JESUS\Documents\GTA San Andreas User Files
[2013/03/12 19:01:44 | 000,000,000 | ---D | C] -- C:\Users\JESUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/03/10 12:45:34 | 000,000,000 | ---D | C] -- C:\Users\JESUS\Documents\My Cheat Tables
[2013/03/10 12:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013/03/10 12:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2013/03/09 12:19:25 | 000,000,000 | ---D | C] -- C:\Users\JESUS\AppData\Roaming\Media Player Classic
[2013/03/09 12:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/03/09 12:18:04 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2013/03/09 11:49:25 | 000,000,000 | ---D | C] -- C:\Users\JESUS\AppData\Local\Programs

========== Files - Modified Within 30 Days ==========

[2013/04/03 18:06:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\JESUS\Desktop\HijackThis.exe
[2013/04/03 18:02:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JESUS\Desktop\OTL.exe
[2013/04/03 17:52:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/03 17:36:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/03 17:18:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2597291014-539974042-1164328793-1000UA.job
[2013/04/03 16:45:06 | 000,027,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 16:45:06 | 000,027,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 16:38:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/03 16:37:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/03 16:37:45 | 2987,565,056 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/02 20:18:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2597291014-539974042-1164328793-1000Core.job
[2013/04/02 10:31:55 | 000,534,878 | ---- | M] () -- C:\Users\JESUS\Desktop\showw.jpg
[2013/03/29 20:40:44 | 001,517,030 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/29 20:40:44 | 000,663,606 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013/03/29 20:40:44 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/29 20:40:44 | 000,127,896 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013/03/29 20:40:44 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/28 16:58:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/27 19:23:45 | 000,017,870 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2013/03/27 19:20:51 | 000,198,429 | ---- | M] () -- C:\Users\JESUS\Desktop\velho.jpg
[2013/03/24 19:55:11 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/24 19:55:11 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/17 22:37:53 | 011,557,996 | ---- | M] () -- C:\Users\JESUS\Desktop\ePower_Acer_6.00.3010_W7x86W7x64_A.zip
[2013/03/17 22:35:56 | 007,564,484 | ---- | M] () -- C:\Users\JESUS\Desktop\LaunchManager_Dritek_5.1.15_W7x86W7x64_A.zip
[2013/03/14 11:44:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/03/13 18:27:27 | 000,007,621 | ---- | M] () -- C:\Users\JESUS\AppData\Local\Resmon.ResmonCfg
[2013/03/12 18:36:14 | 000,001,133 | ---- | M] () -- C:\Users\JESUS\Desktop\Cheat Engine 6.2 (64-bit).lnk
[2013/03/06 20:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/03/06 20:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/03/06 20:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/03/06 20:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/03/06 20:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/03/06 20:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/03/06 20:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/03/06 20:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/03/06 20:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/06 20:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/03/05 13:25:03 | 000,003,072 | -H-- | M] () -- C:\Users\JESUS\Desktop\photothumb.db

========== Files Created - No Company Name ==========

[2013/04/02 10:31:55 | 000,534,878 | ---- | C] () -- C:\Users\JESUS\Desktop\showw.jpg
[2013/03/27 19:20:51 | 000,198,429 | ---- | C] () -- C:\Users\JESUS\Desktop\velho.jpg
[2013/03/17 22:43:59 | 011,557,996 | ---- | C] () -- C:\Users\JESUS\Desktop\ePower_Acer_6.00.3010_W7x86W7x64_A.zip
[2013/03/17 22:43:59 | 007,564,484 | ---- | C] () -- C:\Users\JESUS\Desktop\LaunchManager_Dritek_5.1.15_W7x86W7x64_A.zip
[2013/03/12 18:36:14 | 000,001,133 | ---- | C] () -- C:\Users\JESUS\Desktop\Cheat Engine 6.2 (64-bit).lnk
[2013/03/09 12:18:04 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/09 12:18:04 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/03/09 12:18:04 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/03/09 12:18:02 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/02/20 16:48:17 | 000,009,813 | ---- | C] () -- C:\Users\JESUS\AppData\Local\recently-used.xbel
[2012/12/26 13:47:01 | 000,007,621 | ---- | C] () -- C:\Users\JESUS\AppData\Local\Resmon.ResmonCfg
[2012/12/25 20:32:23 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/12/25 20:17:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/12/12 16:41:24 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/22 16:40:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/22 16:40:00 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2011/05/24 08:03:24 | 000,276,232 | ---- | C] () -- C:\Users\JESUS\AppData\Local\ConduitInstaller.exe
[2011/03/27 16:43:08 | 000,096,768 | ---- | C] () -- C:\Users\JESUS\AppData\Local\Bloson.exe
[2011/03/21 08:36:30 | 000,026,456 | ---- | C] () -- C:\Users\JESUS\AppData\Local\bloson.bmp
[2010/11/13 07:14:46 | 000,062,648 | ---- | C] () -- C:\Users\JESUS\AppData\Local\toolbar3.bmp
[2010/11/12 07:09:56 | 000,195,108 | ---- | C] () -- C:\Users\JESUS\AppData\Local\lateral3.bmp
[2010/11/12 06:44:14 | 000,193,744 | ---- | C] () -- C:\Users\JESUS\AppData\Local\lateral1.bmp
[2010/11/12 06:10:58 | 000,193,744 | ---- | C] () -- C:\Users\JESUS\AppData\Local\lateral2.bmp

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/19 12:25:22 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\.minecraft
[2013/02/27 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\DMCache
[2012/12/26 12:44:16 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\Foxit Software
[2013/02/26 14:51:06 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\Mp3tag
[2013/02/17 15:50:25 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\NetBeans
[2013/02/25 10:36:31 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\Orbit
[2013/01/02 19:12:01 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\PhotoFiltre Studio X
[2013/03/15 14:50:08 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\PhotoScape
[2013/02/25 10:30:08 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\ProgSense
[2013/02/23 11:35:42 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\SuperHideIP
[2013/04/03 18:11:35 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\uTorrent
[2013/01/01 14:16:07 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\VOS
[2012/12/28 15:00:06 | 000,000,000 | ---D | M] -- C:\Users\JESUS\AppData\Roaming\Youtube Downloader HD

========== Purity Check ==========

< End of report >

Jeu Moraes · 03/04/2013

Extras

OTL Extras logfile created on: 03/04/2013 18:09:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JESUS\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,71 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 60,40% Memory free
7,42 Gb Paging File | 5,91 Gb Available in Paging File | 79,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 58,07 Gb Free Space | 58,12% Space Free | Partition Type: NTFS
Drive D: | 198,09 Gb Total Space | 96,12 Gb Free Space | 48,52% Space Free | Partition Type: NTFS

Computer Name: JESUS-PC | User Name: JESUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2597291014-539974042-1164328793-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DA8CD38-A5B2-440E-97DC-3CE3F7067BFD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A582B42-1D2A-4F02-BC4C-E231FF9DF215}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B05A635-8508-4121-B679-5A84B40A773E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2EE8D729-8944-44FB-AFFA-41BCDC7878D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{497B58D1-E40C-41BA-8421-E9F6A8092E58}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60309627-E967-4BCF-95D3-8D599D7B6F67}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9F19BCDD-D8A4-4460-9C90-6DA42A6C6D7E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{A73B80D8-3D64-4D08-B3F6-10FB117B921A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CB419B00-3837-4E6C-B271-A5B3207F6C76}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA065DC8-EB0A-412E-9BE3-09F5C994895F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B2B2DA-81DE-423F-9E78-D4BB6AC8F17E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1BDB3089-9AF7-4715-A1ED-FA47730866E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F42F558-24F1-41E0-B1FE-77CA11F0BA21}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{24E6B836-C385-486A-8156-433FBABE2153}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3041320F-53D0-4EAA-B4C2-B3C8B2BA7039}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4B0AF2BF-EFC6-40ED-842D-5BF07270BD88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FFCE862-6705-486F-93E8-6431A1FCB9F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{526D3B6E-2156-46EF-BF91-40680432EA91}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6298A51E-97DA-423D-B8C5-619FE6D2647A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7B23B454-C9BA-40AE-A3BB-ABA7C2B4A2E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E1211E4-44CF-484C-80EA-085CCB475666}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80DF8EB8-737F-4620-A077-E4F99F8441D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8B17F0A5-30C9-4BC5-974A-312F04BC46F9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{96788644-3E00-4DE6-AA4F-256C59B56AA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA3BC388-8766-4952-AC39-759731D32C27}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AAA2310C-B409-4BC8-821D-BD2D67DF4F53}" = dir=in | app=c:\users\jesus\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{AF279E68-06DC-41DB-B1C8-B54ACD319BDF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B78453F4-0872-4F6B-8558-4779DBDA8E49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C9F40D2D-07BC-483E-B512-237B333BF5FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1C73F5A-DA3F-4223-93D9-272A6E9B6725}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F717264C-918B-4440-9387-8EA17C014AAB}" = protocol=6 | dir=out | app=system |
"{F7CD34D9-BEF0-4443-8EE1-C32163D4EFE8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FBE1D310-0042-49C4-8383-CD4B6D515CDD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"TCP Query User{11F2515A-36E0-4C09-9CED-6C13BD38F47C}C:\users\jesus\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\jesus\downloads\utorrent.exe |
"TCP Query User{157D2D6C-52B5-43A7-A2B9-90BB9571F8A5}C:\Program Files\Java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{26DBBE45-30C0-4A2A-A8CE-AFC8668031AE}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{3E7807F6-FE25-42F5-A222-B3FDDC89E8C7}C:\users\jesus\appdata\local\temp\rar$exa0.388\sms finder ii.exe" = protocol=6 | dir=in | app=c:\users\jesus\appdata\local\temp\rar$exa0.388\sms finder ii.exe |
"TCP Query User{453B9BA4-CB29-44B5-B8F2-01098AF81EBC}D:\games\instalados\family guy\family guy back to the multiverse\fguy.exe" = protocol=6 | dir=in | app=d:\games\instalados\family guy\family guy back to the multiverse\fguy.exe |
"TCP Query User{6199FBD3-AEAC-45B8-BC43-DC5FD5851D76}C:\users\jesus\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\jesus\downloads\utorrent.exe |
"TCP Query User{82D0923D-E9FE-4F3C-B028-2CB01D4B5171}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{94B380EA-90A9-4D0E-9B24-7173FFFE67CE}C:\users\jesus\appdata\local\temp\keygen.exe" = protocol=6 | dir=in | app=c:\users\jesus\appdata\local\temp\keygen.exe |
"TCP Query User{DA215325-12F4-44C0-AB25-C4EB146CAC90}D:\games\instalados\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\games\instalados\fifa 13\game\fifa13.exe |
"TCP Query User{E488E80F-9A55-4F6A-B5FE-F1C54FDE42CE}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{EC1B5713-3C4E-413D-AD2A-66E43744C0EE}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{FD869E61-505F-41B5-BE65-2992055C5AB9}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{065B8602-B2E8-48FE-BB23-B0EDD56AC477}C:\users\jesus\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\jesus\downloads\utorrent.exe |
"UDP Query User{0E440A20-0E39-483A-82DC-4307E3159D22}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{3BBD5A3B-7EAF-4767-96C8-10E93364913D}C:\users\jesus\appdata\local\temp\rar$exa0.388\sms finder ii.exe" = protocol=17 | dir=in | app=c:\users\jesus\appdata\local\temp\rar$exa0.388\sms finder ii.exe |
"UDP Query User{681F89ED-CF9C-4DFB-98B9-838B48CEA1D1}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{77179C1F-B74E-4145-AD6B-416A223C51B8}C:\users\jesus\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\jesus\downloads\utorrent.exe |
"UDP Query User{8B8FE2F7-E62E-4041-8AD9-492043EA0B18}C:\Program Files\Java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{95D5D73C-E8B3-4B5E-A367-BAAFE5681707}D:\games\instalados\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\games\instalados\fifa 13\game\fifa13.exe |
"UDP Query User{AA01320E-0889-4267-8255-22711D2AE8C0}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{CE5B8729-5C19-4319-9A20-E2AA458D9E49}D:\games\instalados\family guy\family guy back to the multiverse\fguy.exe" = protocol=17 | dir=in | app=d:\games\instalados\family guy\family guy back to the multiverse\fguy.exe |
"UDP Query User{DFA8EBC8-BE06-49F8-8D80-B70CFED610EE}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{FC499C27-D2D7-4EDD-B8AA-0F81077F2700}C:\users\jesus\appdata\local\temp\keygen.exe" = protocol=17 | dir=in | app=c:\users\jesus\appdata\local\temp\keygen.exe |
"UDP Query User{FEB0C2F6-8C70-46ED-8BCF-97596D12280F}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"nbi-nb-base-7.2.1.0.201210100934" = NetBeans IDE 7.2.1
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{32A3A4F4-B792-11D6-A78A-00B0D0170130}" = Java SE Development Kit 7 Update 13
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2010
"{90140000-0015-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2010
"{90140000-0016-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010
"{90140000-0018-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010
"{90140000-0019-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010
"{90140000-001A-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2010
"{90140000-001B-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
"{90140000-001F-0416-0000-0000000FF1CE}_Office14.PROPLUS_{A7200E61-DC93-42E0-BB74-EE59021016EA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0416-1000-0000000FF1CE}_Office14.PROPLUS_{FE39121C-B405-4AAA-806C-A99042BE9219}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2010
"{90140000-002C-0416-0000-0000000FF1CE}_Office14.PROPLUS_{13291F79-D997-49AD-9F31-5FAEE1F0FCF5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010
"{90140000-0044-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2010
"{90140000-006E-0416-0000-0000000FF1CE}_Office14.PROPLUS_{2134F8C8-2AD8-44EE-B86B-1B577FBD8D0E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010
"{90140000-00A1-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2010
"{90140000-00BA-0416-0000-0000000FF1CE}_Office14.PROPLUS_{8E0FD78B-F726-43C8-8D53-44A7E495F3D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{D709005F-D8DC-42A8-8435-5AE880ECAF82}" = ASUS PC Diagnostics
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.70
"Android SDK Tools" = Android SDK Tools
"avast" = avast! Free Antivirus
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.3.0
"Minecraft 1.4.5" = Minecraft 1.4.5
"Mozilla Firefox 20.0 (x86 pt-BR)" = Mozilla Firefox 20.0 (x86 pt-BR)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.54
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PhotoScape" = PhotoScape
"Subway Surfers 1.0" = Subway Surfers 1.0
"uTorrent" = µTorrent
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2597291014-539974042-1164328793-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31/03/2013 10:42:42 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 31/03/2013 13:41:20 | Computer Name = JESUS-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: iexplore.exe, versão: 9.0.8112.16457,
carimbo de hora: 0x50a2f9e3 Nome do módulo de falhas: unknown, versão: 0.0.0.0,
carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha:
0x24448b34 Identificação do processo com falha: 0x1e34 Hora de início do aplicativo
com falha: 0x01ce2e36d2fe260b Caminho do aplicativo com falha: C:\Program Files
(x86)\Internet Explorer\iexplore.exe FCaminho do módulo de falhas: unknown Identificação
do Relatório: 32159fb8-9a2a-11e2-8e18-14dae99e1866

Error - 01/04/2013 08:44:32 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 01/04/2013 13:35:23 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 01/04/2013 17:45:07 | Computer Name = JESUS-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: firefox.exe, versão: 19.0.2.4814, carimbo
de hora: 0x5138a1d3 Nome do módulo de falhas: xul.dll, versão: 19.0.2.4814, carimbo
de hora: 0x5138a0ed Código de exceção: 0xc0000005 Deslocamento com falha: 0x00172818
Identificação
do processo com falha: 0xc68 Hora de início do aplicativo com falha: 0x01ce2eff4e505aba
Caminho
do aplicativo com falha: C:\Program Files (x86)\Mozilla Firefox\firefox.exe FCaminho
do módulo de falhas: C:\Program Files (x86)\Mozilla Firefox\xul.dll Identificação
do Relatório: 6ac08457-9b15-11e2-bc57-14dae99e1866

Error - 02/04/2013 07:37:09 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/04/2013 12:23:18 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/04/2013 19:12:47 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/04/2013 10:10:29 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/04/2013 15:39:37 | Computer Name = JESUS-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 30/03/2013 13:46:26 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 31/03/2013 07:31:25 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 31/03/2013 10:41:02 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 01/04/2013 08:42:59 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 01/04/2013 13:33:47 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 02/04/2013 07:35:33 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 02/04/2013 12:21:48 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 02/04/2013 19:11:17 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 03/04/2013 10:08:58 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

Error - 03/04/2013 15:38:01 | Computer Name = JESUS-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: cdrom

< End of report >

Jeu Moraes · 03/04/2013

E por fim o HijackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:28, on 03/04/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\JESUS\Downloads\uTorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\JESUS\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Soft365! - {65AA9F11-96AA-4EFE-B615-49B0B1DB74F9} - C:\Windows\SysWow64\ie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F732CC98-F968-4A6A-BF71-DD86C7CACAD2}: NameServer = 10.152.198.1,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8120 bytes

Desculpa postar assim mais ñ estava mesclando os posts

ChrisNowa · 03/04/2013

Senhores, não sei se é o local certo, mas sobre os Antivirus Free da atualidade, qual é o mais recomendado?? Estou usando o Avira, mas andei pesquisando e li q ele consome mais recursos do pc em segundo plano, recomendações estavam pro Avast 8, q vcs me recomendam??

Abrass.. no aguardo.

Mr.Wolf · 10/04/2013

Pessoal,

Peço que postem os logs novamente, quem ainda estiver precisando da análise.

Remoção de vírus

Dimas o primeiro vida loka

מזל אהבת בריאות ריפוי

Malware Removal

Well-Known Member

Dimas o primeiro vida loka

Dimas o primeiro vida loka

Malware Removal

Dimas o primeiro vida loka

Who do I trust?

Malware Removal

Dimas o primeiro vida loka

know-it-all Member

Dimas o primeiro vida loka

Malware Removal

Dimas o primeiro vida loka

Malware Removal

know-it-all Member

Dimas o primeiro vida loka

Well-Known Member

Banido

Well-Known Member

Well-Known Member

Well-Known Member

know-it-all Member

Malware Removal

Users who are viewing this thread