Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hard drive is getting full for no reason

Started by Andre Nanni Mendes , Mar 27 2012 10:34 PM

  • Please log in to reply

#1
Andre Nanni Mendes
Posted 27 March 2012 - 10:34 PM

Andre Nanni Mendes

    New Member

  • Member
  • Pip
  • 1 posts
Hello everyone!!!

I have a Sony Vaio that runs Windows 7 Home Premium, and some weeks ago I noticed that my hard drive is getting full without I doing anything to it, my hard drive capacity is 585GB, when I noticed this problem I had about 20-30GB of free space, now I only have 1,9GB. I didn't download anything that heavy and sometimes I can hear some noises coming from the hard drive. I searched some forums and no one is exactly sure of what that problem is, but they think it some kind of malware.

Can anyone help me???

Thanks!


OTL logfile created on: 3/28/2012 1:42:20 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Andre\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 30.49% Memory free
7.90 Gb Paging File | 4.70 Gb Available in Paging File | 59.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 585.57 Gb Total Space | 1.90 Gb Free Space | 0.32% Space Free | Partition Type: NTFS

Computer Name: ANDRE-VAIO | User Name: Andre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/28 01:12:57 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Andre\Downloads\OTL.exe
PRC - [2012/03/13 05:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Andre\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/03/08 01:10:34 | 001,320,392 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
PRC - [2012/03/04 21:31:44 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/02/27 00:15:32 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/20 21:28:32 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/08/13 18:14:16 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
PRC - [2011/04/16 21:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccsvchst.exe
PRC - [2011/03/05 20:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011/03/05 20:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011/02/25 14:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/23 18:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011/02/15 15:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011/02/14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011/02/01 17:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 17:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/01/29 04:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010/11/27 04:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/11/27 04:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/09/13 22:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 22:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/21 09:21:12 | 000,429,040 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\ppgooglenaclpluginchrome.dll
MOD - [2012/03/21 09:21:11 | 003,772,912 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\pdf.dll
MOD - [2012/03/21 09:19:52 | 000,527,344 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\libglesv2.dll
MOD - [2012/03/21 09:19:51 | 000,114,672 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\libegl.dll
MOD - [2012/03/21 09:19:37 | 000,122,880 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\avutil-51.dll
MOD - [2012/03/21 09:19:35 | 000,220,672 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\avformat-53.dll
MOD - [2012/03/21 09:19:34 | 001,747,456 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\avcodec-53.dll
MOD - [2012/03/21 04:44:18 | 008,593,056 | ---- | M] () -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\gcswf32.dll
MOD - [2012/02/16 21:35:14 | 000,888,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll
MOD - [2012/02/16 21:35:05 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
MOD - [2012/02/16 21:35:04 | 002,516,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll
MOD - [2012/02/16 21:33:07 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
MOD - [2012/02/16 21:31:43 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c6b914d595e5b00ae540004a71c6c3a2\IAStorUtil.ni.dll
MOD - [2012/02/16 21:31:28 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012/02/16 21:31:24 | 000,633,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll
MOD - [2012/02/16 21:24:35 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/02/16 21:24:25 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012/02/16 21:24:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 21:24:18 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.ni.dll
MOD - [2012/02/16 21:24:17 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e8dfbd1334d30a08ce1f2df29ca9aff\System.Transactions.ni.dll
MOD - [2012/02/16 21:24:16 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll
MOD - [2012/02/16 21:24:07 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/02/16 21:23:53 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/16 21:23:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/16 21:23:44 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/02/16 21:23:34 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/16 21:23:31 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\dc4a4350f8c0c0919b5fb78f0c44291b\System.Security.ni.dll
MOD - [2012/02/16 21:23:28 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/16 21:23:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/16 21:23:21 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/11/03 07:21:32 | 000,296,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
MOD - [2011/11/01 10:49:29 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/10/12 11:58:37 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\32d21563937263ee3ae9eecfa59fdc3d\System.AddIn.Contract.ni.dll
MOD - [2011/10/12 11:54:03 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ebfad289d9759034cd3a887802fadb5b\IAStorCommon.ni.dll
MOD - [2011/10/12 11:39:23 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
MOD - [2011/10/12 11:38:58 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/21 00:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 18:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/23 15:37:08 | 001,429,608 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/05/24 10:00:00 | 000,652,016 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011/02/28 14:29:18 | 000,852,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2011/02/19 02:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011/02/19 02:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2011/02/14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011/01/29 04:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011/01/20 16:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/01/05 17:41:38 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2011/01/05 17:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/05 17:26:56 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 22:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/27 19:59:36 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012/02/15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/09/23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011/08/13 18:14:16 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe -- (Oasis2Service)
SRV - [2011/04/16 21:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe -- (NIS)
SRV - [2011/03/29 03:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/05 20:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/03/02 01:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 14:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/23 18:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011/02/21 16:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/02/21 16:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/02/01 17:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/02/01 17:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2011/01/20 16:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/11/27 04:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/09/13 22:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/03/18 18:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 15:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/04 20:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/12/24 14:37:13 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/20 12:23:40 | 000,317,776 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/08/19 00:46:06 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2011/08/08 06:30:08 | 001,591,936 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/08/06 12:30:21 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/19 03:39:56 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/04/20 22:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/31 00:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/31 00:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/29 06:00:53 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2011/03/29 03:51:30 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/29 03:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/14 23:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/22 12:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/27 03:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 02:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/01/04 15:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2010/12/01 09:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/21 00:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 00:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 00:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 20:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/04/26 17:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 23:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 17:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel®
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 18:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/02/04 00:08:39 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/04 00:08:38 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/15 20:33:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120222.002\IDSviA64.sys -- (IDSVia64)
DRV - [2011/11/30 23:25:03 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120215.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/11/30 19:27:52 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120222.032\EX64.SYS -- (NAVEX15)
DRV - [2011/11/30 19:27:52 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120222.032\ENG64.SYS -- (NAVENG)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.br/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?r...BR&dcc=BR&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 D1 E7 86 F8 06 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andre\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andre\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2012/03/01 16:01:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_5_2 [2012/03/01 16:01:57 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Andre\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Andre\AppData\Local\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Users\Andre\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Andre\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\
CHR - Extension: Skype Click to Call = C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/01/22 11:46:35 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Andre\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON TX300F Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJL.EXE /FU "C:\Windows\TEMP\E_SF775.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Andre\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Andre\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Andre\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Andre\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1417B5A1-FBD4-4627-8999-ABBD7EC2E4D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5E37AA3-5CAA-4952-BE3B-80273728F54F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/28 00:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/03/28 00:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2012/03/27 16:01:09 | 000,000,000 | ---D | C] -- C:\Users\Andre\Desktop\Legiao Urbana Discografia
[2012/03/27 15:02:37 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{095A3B63-1427-48F6-8A6A-F9BB84834405}
[2012/03/27 15:01:58 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{3D26D29C-3FAB-4727-85B7-6FEFE6CB46BD}
[2012/03/26 20:35:29 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{E5A1BDE1-526D-4C44-8597-2CF7F5379325}
[2012/03/26 20:34:49 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{E986AB60-8A5D-4151-A3D1-86981586CD1C}
[2012/03/25 15:56:47 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{F80B9CAD-6051-4031-A28C-5526FF12BA6A}
[2012/03/24 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\Andre\Desktop\Backing tracks fodas
[2012/03/21 08:05:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/03/21 08:05:07 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{72E5D1C1-353C-4C74-B2D2-24FC5B2A66EA}
[2012/03/21 08:04:28 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{323ADA39-38A0-4C0F-882F-447E7CFBB9D5}
[2012/03/20 10:03:56 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{E33EACFF-F080-488B-AB29-DD6F4924E30C}
[2012/03/20 10:03:17 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{94AAF71D-44F8-4C1C-A56C-68044FC1993B}
[2012/03/19 09:43:31 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{F3582455-E82D-4F0C-84AF-AEA9B6FD628C}
[2012/03/18 14:33:26 | 000,000,000 | ---D | C] -- C:\Users\Andre\Desktop\Van Halen A Different Kind Of Truth (2012) 320kbs
[2012/03/18 10:10:40 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{735A878D-762E-4465-9AF9-9EA926519CAC}
[2012/03/18 10:10:00 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{E0B1FC48-60A2-4061-A8E1-1EEBE5630767}
[2012/03/16 16:39:55 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{C08FF9E8-B8E4-478A-A029-86E558D7CA0F}
[2012/03/16 14:30:07 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{5D78D70E-DFE8-4F73-90AC-D0F4E64F478C}
[2012/03/16 14:23:37 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Roaming\Malwarebytes
[2012/03/16 14:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/16 14:23:30 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/16 14:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/16 14:11:18 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{EC8CACBD-CB31-48EC-8DAC-362AD509325F}
[2012/03/16 09:22:58 | 000,000,000 | ---D | C] -- C:\Users\Andre\Desktop\rr1
[2012/03/15 09:25:53 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/03/15 09:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX410 series
[2012/03/15 09:25:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/03/15 09:25:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFAX
[2012/03/15 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{E334AECC-FBC6-4E56-9E83-987284DEFAA8}
[2012/03/14 14:35:47 | 000,000,000 | ---D | C] -- C:\Users\Andre\Desktop\playbacks
[2012/03/14 08:16:40 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{BB7A3309-E283-4A49-A6AE-33D04DCD97AA}
[2012/03/13 18:39:33 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{AB7D2311-AEB0-499B-8EA4-A2870957E0B5}
[2012/03/13 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{3CA045E4-CDCD-4CAE-B5DD-8FBA7C0F12EA}
[2012/03/12 11:08:46 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{AB589087-99B4-4EC0-973B-6F0BFE597649}
[2012/03/12 11:08:35 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{5F7981B8-7338-4CBF-8A01-06C2B33466CD}
[2012/03/11 14:27:44 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{784CE52C-D76C-4270-AB95-A26ABA58875A}
[2012/03/11 14:27:32 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{332E8267-3B05-4350-89D8-78CBF6FA04A8}
[2012/03/10 20:57:29 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\libimobiledevice
[2012/03/10 19:18:09 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{6229191D-DD37-43AF-B355-94EF18EC9258}
[2012/03/09 17:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger
[2012/03/09 17:40:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F974CC36-BF25-4374-A035-B0A9DA79E735}
[2012/03/09 17:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/09 17:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/09 17:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/09 17:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/03/09 17:04:16 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{654A7C5A-0915-4D54-94F9-998167FA21DB}
[2012/03/09 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{FFE5FE98-23E1-48BB-BAEA-43B4E77BDCDE}
[2012/03/09 08:41:58 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{B85EA40B-47FE-434A-9DC3-66D6AE9BF840}
[2012/03/08 22:41:24 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{4FFA8363-16D9-46F5-BDDC-37D2AFD642C8}
[2012/03/08 12:33:21 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{929F6B6A-0FDC-445C-857E-D2EBEDD3DAF3}
[2012/03/07 23:27:26 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{1F95487C-96FF-46DB-A39E-B1230623D2DB}
[2012/03/07 12:54:31 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{59CEA03A-50B3-479E-9784-BFE3BCB1573B}
[2012/03/07 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{E76A3E30-2839-45AC-A5B1-59AA90950813}
[2012/03/07 00:29:06 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{A8B29A5A-230E-49BF-A2BA-C708A1D8B37F}
[2012/03/06 20:07:59 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{B5A2759D-8D23-48B8-B0DB-D25ED1F3A591}
[2012/03/05 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Andre\Desktop\White Collar
[2012/03/05 11:12:36 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{C576A100-9886-4B77-BDF5-50120C1FDD5B}
[2012/03/05 11:12:26 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{F5D924A6-DBF6-4C86-8BAD-840D503CA3F9}
[2012/03/04 20:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/04 20:51:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/04 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{73758580-E641-4902-99CE-AD470F79460F}
[2012/03/04 13:36:37 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{5CDC440E-AEFD-42A0-B8FF-2F1620FFEB39}
[2012/02/29 11:59:45 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Local\{B680B9B3-D071-48D2-BA40-884C307C73B7}

========== Files - Modified Within 30 Days ==========

[2012/03/28 01:30:06 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/28 01:30:06 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/28 01:05:13 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/28 00:57:53 | 000,001,206 | ---- | M] () -- C:\Users\Andre\Desktop\Auslogics Disk Defrag.lnk
[2012/03/28 00:57:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-865531860-1130994092-1180547440-1005UA.job
[2012/03/27 15:57:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-865531860-1130994092-1180547440-1005Core.job
[2012/03/27 15:04:01 | 000,783,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/27 15:04:01 | 000,663,472 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/27 15:04:01 | 000,122,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/27 15:01:31 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/27 14:57:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/27 14:57:07 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/27 03:49:18 | 000,777,634 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/24 20:17:52 | 091,701,520 | ---- | M] () -- C:\Users\Andre\Desktop\wedict_pro-v1.5.ipa
[2012/03/24 18:16:30 | 003,130,908 | ---- | M] () -- C:\Users\Andre\Desktop\Power Ballad in Dm - Mauricio Filho.mp3
[2012/03/23 15:40:57 | 000,002,359 | ---- | M] () -- C:\Users\Andre\Desktop\Google Chrome.lnk
[2012/03/22 16:37:31 | 000,225,966 | ---- | M] () -- C:\test.xml
[2012/03/22 16:12:57 | 000,010,524 | ---- | M] () -- C:\Users\Andre\Desktop\Happy_Birthday!.png
[2012/03/16 14:23:31 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/15 09:25:33 | 001,483,184 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\Cat.DB
[2012/03/15 08:57:01 | 000,436,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/10 20:59:44 | 001,290,527 | ---- | M] () -- C:\s4b4.3
[2012/03/10 20:59:44 | 000,697,279 | ---- | M] () -- C:\s4b4.4
[2012/03/09 17:29:33 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/04 20:51:39 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/04 15:03:29 | 000,989,697 | ---- | M] () -- C:\Users\Andre\Desktop\photo k1.JPG

========== Files Created - No Company Name ==========

[2012/03/28 00:57:53 | 000,001,206 | ---- | C] () -- C:\Users\Andre\Desktop\Auslogics Disk Defrag.lnk
[2012/03/24 20:17:04 | 091,701,520 | ---- | C] () -- C:\Users\Andre\Desktop\wedict_pro-v1.5.ipa
[2012/03/24 13:10:01 | 003,130,908 | ---- | C] () -- C:\Users\Andre\Desktop\Power Ballad in Dm - Mauricio Filho.mp3
[2012/03/22 16:13:02 | 000,010,524 | ---- | C] () -- C:\Users\Andre\Desktop\Happy_Birthday!.png
[2012/03/16 14:23:31 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/15 09:24:55 | 000,015,104 | ---- | C] () -- C:\Windows\SysWow64\CNC174ED.TBL
[2012/03/15 09:24:55 | 000,015,104 | ---- | C] () -- C:\Windows\SysNative\CNC174ED.TBL
[2012/03/10 20:59:44 | 001,290,527 | ---- | C] () -- C:\s4b4.3
[2012/03/10 20:59:44 | 000,697,279 | ---- | C] () -- C:\s4b4.4
[2012/03/09 17:29:33 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/04 15:02:45 | 000,989,697 | ---- | C] () -- C:\Users\Andre\Desktop\photo k1.JPG
[2011/08/16 10:08:52 | 000,161,188 | ---- | C] () -- C:\Windows\Expstudio Audio Editor FREE Uninstaller.exe
[2011/07/19 03:38:04 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/19 03:38:04 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/19 03:33:14 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/07/19 03:15:30 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/06/30 16:41:01 | 000,000,226 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/29 22:46:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/02/10 20:03:27 | 000,777,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/03/28 00:57:56 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\AusLogics
[2011/12/24 15:43:59 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\DAEMON Tools Lite
[2012/02/24 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\DVDVideoSoft
[2012/02/07 18:50:56 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/01/08 22:18:30 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\LolClient
[2011/09/11 16:34:30 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\Publish Providers
[2012/02/11 22:01:46 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\Sony
[2011/07/03 22:13:52 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\Tific
[2012/03/28 01:42:25 | 000,000,000 | ---D | M] -- C:\Users\Andre\AppData\Roaming\uTorrent
[2011/10/16 03:18:22 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by Andre Nanni Mendes, 27 March 2012 - 10:46 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP