cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2016.5.17.97 Por Nicolas Coolman (2016/05/09)
~ iniciado por Jordan (Administrator) (2016/05/20 06:30:12)
~ Site: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Users\Jordan\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\Jordan\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 10586)

---\\ Navegadores Internet (2) - 0s
GCIE: Google Chrome v50.0.2661.102
MSIE: Internet Explorer v11.306.10586.0

---\\ Informações sobre os produtos Windows (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ Softwares de proteçao do sistema (1) - 12s
Windows Defender (Activate)

---\\ Monitoramento dos softwares (1) - 13s
Adobe Acrobat Reader DC - Português

---\\ Softwares de partilha do PeerToPeer (P2P) (1) - 13s
µTorrent v3.4.4.40911

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4003.1 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 172 GB () free of 456 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: JORDAN
~ User Name: Jordan
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (1) - 0s
~ Drive C: has 172 GB free of 456 GB (System)

---\\ Estado do Centro de Segurança do Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Pesquisa particular de ficheiros genéricos (24) - 2s
[MD5.2617877C5761B8A696FD0368861EE6E4] - 14/05/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4515256] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 14/05/2016 - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher®
[MD5.AE6A68A065D4C26AF4BEFAA53623B266] - 14/05/2016 - (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation
[MD5.5C156EC4E44E30331BCC865A3B61D839] - 14/05/2016 - (.Microsoft Corporation - Aplicativo de Logon do Windows.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 14/05/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows®
[MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 14/05/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows®
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 13/02/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.935823F79CBEDB91637B63D37E3A5A36] - 14/05/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Driver de porta i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.0B3B0C1D86050355676640488FA897D3] - 14/05/2016 - (.Microsoft Corporation - Minirdr SMB do Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] =>.Microsoft Corporation
[MD5.19BD8A88AAC580592668B070AC0727D9] - 14/05/2016 - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Driver de porta paralela.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.E3C82823B22463BC38AA4F8ADA852624] - 14/05/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 13/02/2016 - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 13/02/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®

---\\ Serviços NT não Microsoft e não desativados (11) - 4s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe =>.ELAN Microelectronics Corporation®
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: SkypeUpdateEx (SkypeUpdateEx) . (.skype.cog.cc - SkypeUpdateEx.) - C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe {4AABE7C4E55AE3765929658935834CFD} =>PUP.Optional.SkypeUpdateEx
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) . (.Intel Corporation - Intel(R) Common Connectivity Framework STC.) - C:\Program Files\Intel\STCServ\STCServ.exe =>.Intel(R) iCDG WINS WSS CCF®
O23 - Service: TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 11.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer®
O23 - Service: Update service (Update service) . (.Popcorn Time - Updater.) - C:\Program Files (x86)\Popcorn Time\Updater.exe =>.Popcorn Time

---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (15) - 13s

SR - Auto [22/04/2016] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SR - Demand [01/06/2015] [ 290224] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SR - Auto [13/10/2015] [ 144072] Elan Service (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe =>.ELAN Microelectronics Corporation®
SS - Auto [06/08/2015] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [06/08/2015] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [11/05/2013] [ 733696] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
SS - Demand [11/05/2013] [ 822232] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SR - Auto [03/09/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto [03/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [05/05/2016] [ 168376] SkypeUpdateEx (SkypeUpdateEx) . (.skype.cog.cc.) - C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe {4AABE7C4E55AE3765929658935834CFD} =>PUP.Optional.SkypeUpdateEx
SS - Auto [16/03/2015] [ 8095456] Intel(R) Common Connectivity Framework (STCServ) . (.Intel Corporation.) - C:\Program Files\Intel\STCServ\STCServ.exe =>.Intel(R) iCDG WINS WSS CCF®
SR - Auto [02/05/2016] [ 7031056] TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer®
SR - Auto [19/10/2015] [ 339968] Update service (Update service) . (.Popcorn Time.) - C:\Program Files (x86)\Popcorn Time\Updater.exe =>.Popcorn Time

---\\ Tarefas planificadas automaticamente (13) - 4s
[MD5.00000000000000000000000000000000] [APT] [Nome da tarefa] (...) -- Tarefa a ser executada (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.DE7BC28EAE6A62BC35754D1DCA4ECF38] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672] (.Activate.) =>.Adobe Systems, Incorporated®
[MD5.3F47FF41F71916359C4434BAA5D7CE43] [APT] [ASUS Smart Gesture Launcher] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416] (.Activate.) =>.ASUSTeK Computer Inc.®
[MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.6055DE5C4980310E0988DB68B3BCC9E0] [APT] [IntelBootstrapCCDashExe] (.Intel® Corporation.) -- C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112] (.Activate.) =>.Intel® Corporation
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1086] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1090] =>.Google Inc®
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [2954] =>.Adobe Systems, Incorporated®
O39 - APT: ASUS Smart Gesture Launcher - (.AsusTek.) -- C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher [2862] =>.ASUSTeK Computer Inc.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3378] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3602] =>.Google Inc®
O39 - APT: IntelBootstrapCCDashExe - (.Intel® Corporation.) -- C:\WINDOWS\System32\Tasks\IntelBootstrapCCDashExe [2638] =>.Intel® Corporation

---\\ Processos lançados (32) - 5s
[MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696] [PID.1872] =>.Intel(R) Corporation
[MD5.8916EACF1256E1C5A3AF81FD39C747E7] - (.ELAN Microelectronics Corp. - Elan Service.) -- C:\Program Files\Elantech\ETDService.exe [144072] [PID.1892] =>.ELAN Microelectronics Corporation®
[MD5.36114214BF8D7C464D1E92E4EB6B2DD3] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1948] =>.Adobe Systems, Incorporated®
[MD5.609FB304EB20AE704AFC385B11976682] - (.TeamViewer GmbH - TeamViewer 11.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7031056] [PID.1964] =>.TeamViewer®
[MD5.BD93D1A0E0A7A96BEA4585F17C9B3307] - (.Popcorn Time - Updater.) -- C:\Program Files (x86)\Popcorn Time\Updater.exe [339968] [PID.2044] =>.Popcorn Time
[MD5.B18D590BC5220FDB4A747BC16D78ABC7] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [290224] [PID.1244] =>.Intel Corporation - pGFX®
[MD5.89CB852B62A6CC8BAC80CBDE4450220D] - (.skype.cog.cc - SkypeUpdateEx.) -- C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [168376] [PID.1384] {4AABE7C4E55AE3765929658935834CFD} =>PUP.Optional.SkypeUpdateEx
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.3904] =>.Intel Corporation - Intel® Management Engine Firmware®
[MD5.6A35B295812CE7064CFBCD9F254169CF] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.3840] =>.Intel Corporation - Software and Firmware Products®
[MD5.A6DAAD3EA93DBDBD07FA821BCED133F6] - (.Microsoft Corporation. - Microsoft SeaPort Search Enhancement Broker.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE [240408] [PID.2880] =>.Microsoft Corporation®
[MD5.97B7D81A8461126BB9CC4085712675E5] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [3242696] [PID.916] =>.ELAN Microelectronics Corporation®
[MD5.D37064498DE2B69EB94E2DA83C62E4A4] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [2580168] [PID.3884] =>.ELAN Microelectronics Corporation®
[MD5.E6A8276448A9CA75E6A067402AEEDDDB] - (.AsusTek - ASUS Smart Gesture Loader.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [366064] [PID.4644] =>.ASUSTeK Computer Inc.®
[MD5.72CE3099A76F2F88E5FA876DD3F2A572] - (.ASUSTeK Computer Inc. - Asus Smart Gesture Detector.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe [258032] [PID.6680] =>.ASUSTeK Computer Inc.®
[MD5.62E44EED7F2B9BD8D2C12598F557503B] - (.AsusTek - ASUS Smart Gesture Helper.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe [179696] [PID.4824] =>.ASUSTeK Computer Inc.®
[MD5.E4AA3D28753EF9DB333FE40079993B09] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [411056] [PID.7144] =>.Intel Corporation - pGFX®
[MD5.CF40080765D6F66FA93318C0DB6C7D1F] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [453552] [PID.6964] =>.Intel Corporation - pGFX®
[MD5.65E8545F1297CD83534C354A7BED1848] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696] [PID.7044] =>.Realtek Semiconductor Corp®
[MD5.DD67344EEC2DD9D3F246179B835ADEBE] - (.ASUS - PCLinkService.) -- C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe [2162448] [PID.4964] =>.ASUSTeK Computer Inc.®
[MD5.FEF40702709B0DE634250148B1482167] - (.Intel® Corporation - Intel® Common Connectivity Framework Manag.) -- C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe [68096] [PID.6196] =>.Intel® Corporation
[MD5.51D61F5DE897B6EA6D858B38DC4F4641] - (...) -- C:\Program Files (x86)\ASUS\PC Link\tools\pclink_connect.exe [5467527] [PID.888]
[MD5.C4BE24DF324EE7892EFA1FA1871B9BC0] - (...) -- C:\Program Files (x86)\ASUS\PC Link\tools\adb.exe [1009664] [PID.7404]
[MD5.BB8E7C63BAC1C3856C80CA57DA40888D] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe [44032] [PID.7692]
[MD5.537893623ED09D168B11A7B684E30640] - (...) -- C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe [100352] [PID.5028]
[MD5.C8694BE54D58B82B10F1983DFC55AF85] - (.AsusTek - ASUS Smart Gesture Center.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [311792] [PID.8732] =>.ASUSTeK Computer Inc.®
[MD5.9D04D980FACA4E887BF2DFED24418A54] - (.ASUSTeK Computer Inc. - ASUS Remote Link.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe [547312] [PID.7156] =>.ASUSTeK Computer Inc.®
[MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.3564] =>.Google Inc®
[MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5036] =>.Google Inc®
[MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5500] =>.Google Inc®
[MD5.8150D92888E57CFBC48119DD32ABE7AA] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe [1696096] [PID.8032] =>.BitTorrent Inc®
[MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.4924] =>.Google Inc®
[MD5.41A6377FF2E6AAD7A4882A4FD2574987] - (.Nicolas Coolman - ZHPDiag.) -- C:\ZHPDiag3.exe [2207232] [PID.5700] =>.Nicolas Coolman

---\\ Google Chrome, Arranque,Pesquisa,Extensões (12) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [lfbgimoladefibpklnfmkpknadbklade] Webcam Toy
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Internet Explorer, Arranque, Pesquisa, Phishing (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.123rede.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=w0v40c4z_st500lt012-9ws142&tm=1439854742
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestão do Proxy (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Objects do navegador (1) - 0s
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation®

---\\ Aplicações iniciadas por registo & pastas (21) - 1s
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe =>.ELAN Microelectronics Corporation®
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation - pGFX®
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation - pGFX®
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation - pGFX®
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [IntelConnectCenter] . (.Intel® Corporation - Intel® Connect Center Dashboard Launcher.) -- C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe =>.Intel® Corporation
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [PCLink] . (.ASUSTek Computer Inc. - .) -- C:\Program Files (x86)\ASUS\PC Link\PCLink.exe =>.ASUSTeK Computer Inc.®
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE =>.Power Software Ltd®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2364563893-4083904468-1817729074-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2364563893-4083904468-1817729074-1001\..\Run: [PCLink] . (.ASUSTek Computer Inc. - .) -- C:\Program Files (x86)\ASUS\PC Link\PCLink.exe =>.ASUSTeK Computer Inc.®
O4 - HKUS\S-1-5-21-2364563893-4083904468-1817729074-1001\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64
O4 - HKUS\S-1-5-21-2364563893-4083904468-1817729074-1001\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1
O4 - HKUS\S-1-5-21-2364563893-4083904468-1817729074-1001\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64
O4 - HKUS\S-1-5-21-2364563893-4083904468-1817729074-1001\..\RunOnce: [Uninstall C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019] . (...) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019

---\\ Atalhos globais Startup (68) - 26s
O4 - GS\Desktop [Administrador]: Any Video Converter Professional.lnk . (.Anvsoft - Any Video Converter Professional.) C:\Program Files (x86)\Anvsoft\Any Video Converter Professional\AVCPro.exe =>.Anvsoft Inc.®
O4 - GS\Desktop [Administrador]: Chris Brown - Atalho.lnk . (...) C:\Users\Jordan\Music\Chris Brown
O4 - GS\Desktop [Administrador]: ConvertXToDVD 6.lnk . (.VSO Software SARL - ConvertXToDVD 6.) C:\Program Files (x86)\VSO\ConvertX\6\ConvertXtoDvd.exe =>.VSO Software SARL®
O4 - GS\Desktop [Administrador]: MPC-BE x64.lnk . (.MPC-BE Team - MPC-BE x64.) C:\Program Files\MPC-BE x64\mpc-be64.exe {4EE8A019849084140D2630636B799F00}
O4 - GS\Desktop [Administrador]: Popcorn Time Community.lnk . (...) C:\Users\Jordan\AppData\Local\Popcorn Time Community\nw.exe
O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Jordan\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrador]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Administrador]: ConvertXToDVD 6.lnk . (.VSO Software SARL - ConvertXToDVD 6.) C:\Program Files (x86)\VSO\ConvertX\6\ConvertXtoDvd.exe =>.VSO Software SARL®
O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrador]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files (x86)\ImgBurn\ImgBurn.exe
O4 - GS\Quicklaunch [Administrador]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files (x86)\Google\Picasa3\Picasa3.exe =>.Google Inc®
O4 - GS\sendTo [Administrador]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [Administrador]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Administrador]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Jordan\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.®
O4 - GS\TaskBar [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrador]: Hearthstone.lnk . (.Blizzard Entertainment - Hearthstone Beta Launcher.) C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Administrador]: Heroes of the Storm.lnk . (.Blizzard Entertainment - Heroes of the Storm.) C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Administrador]: lol.lnk . (...) C:\Riot Games\League of Legends\lol.launcher.exe =>.Riot Games, Inc.®
O4 - GS\TaskBar [Administrador]: World of Tanks.lnk . (.Wargaming.net - World of Tanks Launcher.) C:\Games\World_of_Tanks\WoTLauncher.exe =>.Wargaming.net LLP®
O4 - GS\Desktop [Convidado]: Any Video Converter Professional.lnk . (.Anvsoft - Any Video Converter Professional.) C:\Program Files (x86)\Anvsoft\Any Video Converter Professional\AVCPro.exe =>.Anvsoft Inc.®
O4 - GS\Desktop [Convidado]: Chris Brown - Atalho.lnk . (...) C:\Users\Jordan\Music\Chris Brown
O4 - GS\Desktop [Convidado]: ConvertXToDVD 6.lnk . (.VSO Software SARL - ConvertXToDVD 6.) C:\Program Files (x86)\VSO\ConvertX\6\ConvertXtoDvd.exe =>.VSO Software SARL®
O4 - GS\Desktop [Convidado]: MPC-BE x64.lnk . (.MPC-BE Team - MPC-BE x64.) C:\Program Files\MPC-BE x64\mpc-be64.exe {4EE8A019849084140D2630636B799F00}
O4 - GS\Desktop [Convidado]: Popcorn Time Community.lnk . (...) C:\Users\Jordan\AppData\Local\Popcorn Time Community\nw.exe
O4 - GS\Desktop [Convidado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Jordan\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Convidado]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Convidado]: ConvertXToDVD 6.lnk . (.VSO Software SARL - ConvertXToDVD 6.) C:\Program Files (x86)\VSO\ConvertX\6\ConvertXtoDvd.exe =>.VSO Software SARL®
O4 - GS\Quicklaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Convidado]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files (x86)\ImgBurn\ImgBurn.exe
O4 - GS\Quicklaunch [Convidado]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files (x86)\Google\Picasa3\Picasa3.exe =>.Google Inc®
O4 - GS\sendTo [Convidado]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [Convidado]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Convidado]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Jordan\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.®
O4 - GS\TaskBar [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Convidado]: Hearthstone.lnk . (.Blizzard Entertainment - Hearthstone Beta Launcher.) C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Convidado]: Heroes of the Storm.lnk . (.Blizzard Entertainment - Heroes of the Storm.) C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Convidado]: lol.lnk . (...) C:\Riot Games\League of Legends\lol.launcher.exe =>.Riot Games, Inc.®
O4 - GS\TaskBar [Convidado]: World of Tanks.lnk . (.Wargaming.net - World of Tanks Launcher.) C:\Games\World_of_Tanks\WoTLauncher.exe =>.Wargaming.net LLP®
O4 - GS\Desktop [Jordan]: Any Video Converter Professional.lnk . (.Anvsoft - Any Video Converter Professional.) C:\Program Files (x86)\Anvsoft\Any Video Converter Professional\AVCPro.exe =>.Anvsoft Inc.®
O4 - GS\Desktop [Jordan]: Chris Brown - Atalho.lnk . (...) C:\Users\Jordan\Music\Chris Brown
O4 - GS\Desktop [Jordan]: ConvertXToDVD 6.lnk . (.VSO Software SARL - ConvertXToDVD 6.) C:\Program Files (x86)\VSO\ConvertX\6\ConvertXtoDvd.exe =>.VSO Software SARL®
O4 - GS\Desktop [Jordan]: MPC-BE x64.lnk . (.MPC-BE Team - MPC-BE x64.) C:\Program Files\MPC-BE x64\mpc-be64.exe {4EE8A019849084140D2630636B799F00}
O4 - GS\Desktop [Jordan]: Popcorn Time Community.lnk . (...) C:\Users\Jordan\AppData\Local\Popcorn Time Community\nw.exe
O4 - GS\Desktop [Jordan]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Jordan\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Jordan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Jordan\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Jordan]: ConvertXToDVD 6.lnk . (.VSO Software SARL - ConvertXToDVD 6.) C:\Program Files (x86)\VSO\ConvertX\6\ConvertXtoDvd.exe =>.VSO Software SARL®
O4 - GS\Quicklaunch [Jordan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Jordan]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files (x86)\ImgBurn\ImgBurn.exe
O4 - GS\Quicklaunch [Jordan]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files (x86)\Google\Picasa3\Picasa3.exe =>.Google Inc®
O4 - GS\sendTo [Jordan]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [Jordan]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Jordan]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Jordan\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.®
O4 - GS\TaskBar [Jordan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Jordan]: Hearthstone.lnk . (.Blizzard Entertainment - Hearthstone Beta Launcher.) C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Jordan]: Heroes of the Storm.lnk . (.Blizzard Entertainment - Heroes of the Storm.) C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Jordan]: lol.lnk . (...) C:\Riot Games\League of Legends\lol.launcher.exe =>.Riot Games, Inc.®
O4 - GS\TaskBar [Jordan]: World of Tanks.lnk . (.Wargaming.net - World of Tanks Launcher.) C:\Games\World_of_Tanks\WoTLauncher.exe =>.Wargaming.net LLP®
O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: ASUS Smart Gesture.lnk . (.ASUSTeK Computer Inc. - ASUS Smart Gesture Configure.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPConfigure64.exe =>.ASUSTeK Computer Inc.®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: PC Link.lnk . (.ASUSTek Computer Inc. - .) C:\Program Files (x86)\ASUS\PC Link\PCLink.exe =>.ASUSTeK Computer Inc.®
O4 - GS\CommonDesktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files (x86)\Google\Picasa3\Picasa3.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: PowerISO.lnk . (.Power Software Ltd - PowerISO.) C:\Program Files (x86)\PowerISO\PowerISO.exe =>.Power Software Ltd®
O4 - GS\CommonDesktop [Public]: Share Link.lnk . (.ASUS - ShareLink.) C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe =>.ASUSTeK Computer Inc.®
O4 - GS\CommonDesktop [Public]: SUPERHOT.lnk . (.SUPERHOT Sp z o.o. - SUPERHOT Launcher.) C:\GOG Games\SUPERHOT\SUPERHOT.exe =>.SUPERHOT Sp z o.o.
O4 - GS\Programs [Public]: AsusSmartGestureDetector.lnk . (.ASUSTeK Computer Inc. - Asus Smart Gesture Detector.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe =>.ASUSTeK Computer Inc.®
O4 - GS\Programs [Public]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Jordan\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.®
O4 - GS\Programs [Public]: Gerenciador de áudio HD Realtek.lnk . (.Realtek Semiconductor - .) C:\Program Files (x86)\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor

---\\ Alteração Dominio/Clientes DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 74.63.249.118 192.210.150.170
O17 - HKLM\System\CCS\Services\Tcpip\..\{ee7c709a-8003-4207-90ea-5467aa1aeeb6}: DhcpNameServer = 74.63.249.118 192.210.150.170

---\\ Protocolo adicional (24) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software instalados (41) - 19s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc.
O42 - Logiciel: Adobe Acrobat Reader DC - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824184103} =>.Adobe Systems Incorporated
O42 - Logiciel: Any Video Converter Professional 5.9.1 - (.Any-Video-Converter.com.) [HKLM][64Bits] -- Any Video Converter Professional_is1 =>.Anvsoft Inc.®
O42 - Logiciel: ASUS PC Link - (.ASUSTEK.) [HKLM][64Bits] -- {52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1 =>.ASUSTeK Computer Inc.®
O42 - Logiciel: ASUS Share Link - (.ASUSTEK.) [HKLM][64Bits] -- {c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1 =>.ASUSTeK Computer Inc.®
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-498A-82A4-E4F040529F3D} =>.ASUS
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net =>.Blizzard Entertainment, Inc.®
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {3611CA6C-5FCA-4900-A329-6A118123CCFC} =>.Microsoft Corporation
O42 - Logiciel: Curse - (.Curse.) [HKLM][64Bits] -- {A20BFF62-AE3C-42BD-9C52-841CAB96BC49} =>.Curse
O42 - Logiciel: DriverEasy 4.9.5 - (.Easeware.) [HKLM][64Bits] -- DriverEasy_is1 =>.Easeware Technology Limited®
O42 - Logiciel: ELAN Touchpad 11.15.0.18_X64 - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech =>.ELAN Microelectronics Corporation®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hearthstone - (.Blizzard Entertainment.) [HKLM][64Bits] -- Hearthstone =>.Blizzard Entertainment, Inc.®
O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] -- Heroes of the Storm =>.Blizzard Entertainment, Inc.®
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM][64Bits] -- ImgBurn
O42 - Logiciel: Intel Driver Update Utility - (.Intel.) [HKLM][64Bits] -- {ca4bc3a8-b99c-4416-90d8-351a8ceab458} =>.Intel(R) Driver Update Utility®
O42 - Logiciel: Intel(R) Driver Update Utility 2.2 - (.Intel.) [HKLM][64Bits] -- {3EE9923D-3045-46AB-9CAA-E375993AEB4A} =>.Intel
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel® CCF Manager - (.Intel Corporation.) [HKLM][64Bits] -- {0f3d8dd5-54af-4404-a01c-4967e485a065} =>.Intel(R) iCDG WINS WSS CCF®
O42 - Logiciel: Intel® CCF Manager - (.Intel Corporation.) [HKLM][64Bits] -- {DFD2C0B0-664C-4383-B348-2F531462EBAD} =>.Intel Corporation
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6} =>.Intel Corporation
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- {BCCDE721-9F4D-4396-9592-92DD865D965E} =>.Riot Games
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- League of Legends 3.0.1 =>.Riot Games
O42 - Logiciel: MPC-BE x64 1.4.6.1034 - (.MPC-BE Team.) [HKLM][64Bits] -- {FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1
O42 - Logiciel: Pacote de Driver do Windows - ASUS Tek. Corporation (ATP) Mouse (09/25/201 - (.ASUS Tek. Corporation.) [HKLM][64Bits] -- 6C3F8C7AFD19C7A76AF857BA7CD35E4CFAA9F3F0 =>.ASUSTeK Computer Inc.®
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3 =>.Google Inc®
O42 - Logiciel: Popcorn Time Community 0.3.8-6 - (.Popcorn Time Community.) [HKLM][64Bits] -- Popcorn Time Community 0.3.8-6 =>.Popcorn Time Community
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Skype™ 7.17 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: STCServ - (.Intel Corporation.) [HKLM][64Bits] -- {A954D353-9DAF-4916-8E71-F1E959EBCD1E} =>.Intel Corporation
O42 - Logiciel: SUPERHOT - (.GOG.com.) [HKLM][64Bits] -- 1456141688_is1 =>.GOG Limited®
O42 - Logiciel: TeamViewer 11 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer =>.TeamViewer®
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VSO ConvertXToDVD 6 - (.VSO Software.) [HKLM][64Bits] -- {8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1 =>.VSO Software
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} =>.Microsoft Corporation
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: World of Tanks - (.Wargaming.net.) [HKCU][64Bits] -- {1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1 =>.Wargaming.net

---\\ HKCU & HKLM Software Keys (98) - 19s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ASUS
HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Crashhd
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\EVP
HKLM\SOFTWARE\Wow6432Node\GOG.com
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\im-dosearch =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\ImgBurn
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\NetTcpHandler =>PUP.Optional.NetService
HKLM\SOFTWARE\Wow6432Node\NtIObits
HKLM\SOFTWARE\Wow6432Node\NtSvcHandler =>PUP.Optional.NetService
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\Riot Games
HKLM\SOFTWARE\Wow6432Node\Sakura =>PUP.Optional.GameGogle
HKLM\SOFTWARE\Wow6432Node\seekmx =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SkypeUpdateEx =>PUP.Optional.SkypeUpdateEx
HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\Wow6432Node\SoftVTU
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TVInstallTemp
HKLM\SOFTWARE\Wow6432Node\Visan
HKLM\SOFTWARE\Wow6432Node\VSO
HKLM\SOFTWARE\Wow6432Node\WinNetSvc
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\WMPNetworkAcSvc
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Anvsoft
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ASUS
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Blizzard Entertainment
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Caphyon
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Curse
HKCU\SOFTWARE\Digital River
HKCU\SOFTWARE\Elantech
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\GOG.com
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\ImgBurn
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\LSoft Technologies
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Popcorn Time
HKCU\SOFTWARE\PopcornTime
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\Razer
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SoftVTU
HKCU\SOFTWARE\SUPERHOT_Team
HKCU\SOFTWARE\SyncEngines
HKCU\SOFTWARE\SYNCJM
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Tortuga =>PUP.Optional.Tortuga
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\VSO
HKCU\SOFTWARE\Wargaming.net
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Unity

---\\ Conteúdo das pastas Programs (202) - 32s
O43 - CFD: 06/08/2015 - [0] SHD -- C:\Program Files\Arquivos Comuns
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files\DIFX =>.ASUSTeK Computer Inc.®
O43 - CFD: 27/08/2015 - [] D -- C:\Program Files\Easeware =>.Easeware Technology Limited®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Elantech =>.ELAN Microelectronics Corporation®
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files\Intel =>.Intel(R) iCDG WINS WSS CCF®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 04/05/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 04/01/2016 - [] AD -- C:\Program Files\MPC-BE x64 {4EE8A019849084140D2630636B799F00}
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 13/02/2016 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 14/05/2016 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 27/02/2016 - [] D -- C:\Program Files (x86)\Anvsoft =>.Anvsoft Inc.®
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\ASUS =>.ASUSTeK Computer Inc.®
O43 - CFD: 10/05/2016 - [] AD -- C:\Program Files (x86)\Battle.net =>.Blizzard Entertainment, Inc.®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 17/08/2015 - [] D -- C:\Program Files (x86)\Exploremedia =>PUP.Optional.Generic
O43 - CFD: 27/02/2016 - [0] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 09/12/2015 - [] AD -- C:\Program Files (x86)\Hearthstone =>.Blizzard Entertainment, Inc.®
O43 - CFD: 09/12/2015 - [] AD -- C:\Program Files (x86)\Heroes of the Storm =>.Blizzard Entertainment, Inc.®
O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 01/10/2015 - [] AD -- C:\Program Files (x86)\ImgBurn
O43 - CFD: 27/08/2015 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - Software and Firmware Products®
O43 - CFD: 16/09/2015 - [] AD -- C:\Program Files (x86)\Intel Driver Update Utility =>.Intel(R) Driver Update Utility®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 08/10/2015 - [] D -- C:\Program Files (x86)\Microsoft =>.Microsoft Corporation®
O43 - CFD: 04/05/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 04/05/2016 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 04/05/2016 - [] AD -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/05/2016 - [] AD -- C:\Program Files (x86)\MSBuild
O43 - CFD: 26/02/2016 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\Popcorn Time
O43 - CFD: 28/01/2016 - [] AD -- C:\Program Files (x86)\PowerISO =>.Power Software Ltd®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/12/2015 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl®
O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\SkypeUpdateEx {4AABE7C4E55AE3765929658935834CFD} =>PUP.Optional.SkypeUpdateEx
O43 - CFD: 14/05/2016 - [] AD -- C:\Program Files (x86)\TeamViewer =>.TeamViewer®
O43 - CFD: 27/02/2016 - [] D -- C:\Program Files (x86)\VSO =>.VSO-SOFTWARE®
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 13/02/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 20/08/2015 - [] AD -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 13/02/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
O43 - CFD: 14/05/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Connect Center
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-BE x64
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT [GOG.com]
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 13/02/2016 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\ASUS Smart Gesture
O43 - CFD: 27/02/2016 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Battle.net
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 06/08/2015 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 14/05/2016 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 06/08/2015 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 08/10/2015 - [] D -- C:\ProgramData\HP
O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Intel
O43 - CFD: 18/08/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 06/08/2015 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 14/05/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 13/02/2016 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 06/08/2015 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 14/05/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 07/08/2015 - [] D -- C:\ProgramData\Riot Games
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 13/02/2016 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 13/02/2016 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 08/10/2015 - [] D -- C:\ProgramData\Visan
O43 - CFD: 29/02/2016 - [] D -- C:\ProgramData\VSO
O43 - CFD: 29/02/2016 - [] D -- C:\ProgramData\vsosdk
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Windows Security
O43 - CFD: 30/10/2015 - [] AD -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 11/05/2016 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 14/05/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 27/08/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 19/12/2015 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 31/10/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Adobe
O43 - CFD: 27/02/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\Anvsoft
O43 - CFD: 02/11/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Battle.net
O43 - CFD: 14/09/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Curse
O43 - CFD: 05/02/2016 - [] AD -- C:\Users\Jordan\AppData\Roaming\Curse Client
O43 - CFD: 09/09/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\DNSHelper
O43 - CFD: 27/08/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Easeware
O43 - CFD: 16/10/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\HpUpdate
O43 - CFD: 01/10/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\ImgBurn
O43 - CFD: 01/10/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\LolClient
O43 - CFD: 07/08/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Macromedia
O43 - CFD: 14/05/2016 - [] SD -- C:\Users\Jordan\AppData\Roaming\Microsoft
O43 - CFD: 04/01/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\MPC-BE
O43 - CFD: 17/08/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\NetService =>PUP.Optional.NetService
O43 - CFD: 18/08/2015 - [0] D -- C:\Users\Jordan\AppData\Roaming\ntsvc
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\PowerISO
O43 - CFD: 07/08/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Riot Games
O43 - CFD: 03/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\RunDir =>PUP.Optional.NetService
O43 - CFD: 14/05/2016 - [0] D -- C:\Users\Jordan\AppData\Roaming\sc
O43 - CFD: 17/08/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\shortCutStore
O43 - CFD: 26/01/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\Skype
O43 - CFD: 16/09/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\TeamViewer
O43 - CFD: 01/09/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Unity
O43 - CFD: 20/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\uTorrent
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\vlc
O43 - CFD: 29/02/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\Vso
O43 - CFD: 29/09/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Wargaming.net
O43 - CFD: 20/01/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\WinNetSvc
O43 - CFD: 20/08/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\WinRAR
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\WMPNetworkAcSvc
O43 - CFD: 20/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\ZHP
O43 - CFD: 14/05/2016 - [0] D -- C:\Users\Jordan\AppData\Local\ActiveSync
O43 - CFD: 31/10/2015 - [] D -- C:\Users\Jordan\AppData\Local\Adobe
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Jordan\AppData\Local\Apps
O43 - CFD: 26/01/2016 - [] D -- C:\Users\Jordan\AppData\Local\Battle.net
O43 - CFD: 22/11/2015 - [] D -- C:\Users\Jordan\AppData\Local\Blizzard
O43 - CFD: 02/11/2015 - [] D -- C:\Users\Jordan\AppData\Local\Blizzard Entertainment
O43 - CFD: 02/03/2016 - [] D -- C:\Users\Jordan\AppData\Local\CEF
O43 - CFD: 08/08/2015 - [] D -- C:\Users\Jordan\AppData\Local\Comms
O43 - CFD: 01/10/2015 - [] D -- C:\Users\Jordan\AppData\Local\Crsoft =>PUP.Optional.NetService
O43 - CFD: 14/05/2016 - [0] SHD -- C:\Users\Jordan\AppData\Local\Dados de Aplicativos
O43 - CFD: 02/12/2015 - [] D -- C:\Users\Jordan\AppData\Local\Google
O43 - CFD: 08/10/2015 - [] D -- C:\Users\Jordan\AppData\Local\Hewlett-Packard
O43 - CFD: 14/05/2016 - [0] SHD -- C:\Users\Jordan\AppData\Local\Histórico
O43 - CFD: 08/10/2015 - [] D -- C:\Users\Jordan\AppData\Local\HP
O43 - CFD: 16/09/2015 - [] D -- C:\Users\Jordan\AppData\Local\Intel
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Local\Microsoft
O43 - CFD: 01/02/2016 - [0] D -- C:\Users\Jordan\AppData\Local\Microsoft Help
O43 - CFD: 12/08/2015 - [] D -- C:\Users\Jordan\AppData\Local\MicrosoftEdge
O43 - CFD: 07/08/2015 - [0] D -- C:\Users\Jordan\AppData\Local\NetworkTiles
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Local\Packages
O43 - CFD: 26/01/2016 - [] D -- C:\Users\Jordan\AppData\Local\PC Link
O43 - CFD: 02/12/2015 - [] AD -- C:\Users\Jordan\AppData\Local\Popcorn Time Community
O43 - CFD: 14/04/2016 - [] D -- C:\Users\Jordan\AppData\Local\Popcorn-Time-Community
O43 - CFD: 19/11/2015 - [] D -- C:\Users\Jordan\AppData\Local\PopcornTimeDesktop
O43 - CFD: 18/08/2015 - [] D -- C:\Users\Jordan\AppData\Local\Programs
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Jordan\AppData\Local\Publishers
O43 - CFD: 29/04/2016 - [] D -- C:\Users\Jordan\AppData\Local\Share Link
O43 - CFD: 19/12/2015 - [0] D -- C:\Users\Jordan\AppData\Local\Skype
O43 - CFD: 03/03/2016 - [] D -- C:\Users\Jordan\AppData\Local\SUPERHOT_Sp_z_o.o
O43 - CFD: 17/08/2015 - [] D -- C:\Users\Jordan\AppData\Local\TeamViewer
O43 - CFD: 20/05/2016 - [] D -- C:\Users\Jordan\AppData\Local\Temp
O43 - CFD: 14/05/2016 - [0] SHD -- C:\Users\Jordan\AppData\Local\Temporary Internet Files
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Jordan\AppData\Local\TileDataLayer
O43 - CFD: 01/09/2015 - [] D -- C:\Users\Jordan\AppData\Local\Unity
O43 - CFD: 19/11/2015 - [] D -- C:\Users\Jordan\AppData\Local\VirtualStore
O43 - CFD: 18/08/2015 - [0] D -- C:\Users\Jordan\AppData\Local\Programs\Common
O43 - CFD: 14/05/2016 - [] RD -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 14/05/2016 - [] RD -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/05/2016 - [] RD -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/05/2016 - [] RD -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 14/05/2016 - [] D -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks

---\\ ShellIconOverlayIdentifiers (SIOI) (10) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®

---\\ Lista dos drivers do sistema (53) - 17s
O58 - SDL:2015/10/30 04:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2015/10/07 10:47:52 A . (.ASUS Corporation - Asus TP Filter Driver (x64).) -- C:\WINDOWS\System32\drivers\AsusTP.sys [84472] =>.ASUSTeK Computer Inc.®
O58 - SDL:2015/10/07 10:48:08 A . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\WINDOWS\System32\drivers\AsusVBus.sys [39704] =>.ASUSTeK Computer Inc.®
O58 - SDL:2015/10/30 04:17:18 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw8x.sys [4207104] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 04:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2015/10/13 16:16:01 A . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\WINDOWS\System32\drivers\ETD.sys [525512] =>.ELAN Microelectronics Corporation®
O58 - SDL:2015/10/30 04:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2015/10/30 04:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2012/08/16 12:33:42 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [645952] =>.Intel Corporation®
O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2015/06/01 21:00:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [5384176] =>.Intel Corporation - pGFX®
O58 - SDL:2015/10/30 04:17:23 A . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS.) -- C:\WINDOWS\System32\drivers\k57nd60a.sys [446464] =>.Broadcom Corporation
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/08/28 23:05:45 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [113880] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2015/06/24 22:57:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4504320] =>.Realtek Semiconductor Corp®
O58 - SDL:2013/04/15 06:50:30 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [127384] =>.Power Software Ltd®
O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [108800] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\WINDOWS\System32\drivers\ssudserd.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2015/10/30 04:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2013/09/03 20:53:44 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2015/10/30 04:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®

---\\ Últimos ficheiros alterados ou criados (Utilizador) (8) - 39s
O61 - LFC: 2016/05/12 21:52:22 A . (..) -- C:\Users\Jordan\AppData\rundir\skup.exe [147336] {4AABE7C4E55AE3765929658935834CFD}
O61 - LFC: 2016/05/18 14:57:06 A . (..) -- C:\Users\Jordan\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Data.bin [2126988]
O61 - LFC: 2016/05/14 17:48:25 A . (..) -- C:\Users\Jordan\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [9640]
O61 - LFC: 2016/05/20 06:11:11 A . (..) -- C:\Users\Jordan\AppData\Local\Packages\Microsoft.Windows.FeatureOnDemand.InsiderHub_cw5n1h2txyewy\AC\Microsoft\CLR_v4.0\NativeImages\PilotsHub.N1e9ceace#\eede564965ec57fd6193b42d195d221b\PilotsHub.NativeHelper.ni.dll [44544]
O61 - LFC: 2016/05/20 06:07:26 A . (..) -- C:\Users\Jordan\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2016/05/20 06:04:49 A . (..) -- C:\Users\Jordan\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2016/05/14 17:50:08 A . (..) -- C:\Users\Jordan\AppData\Local\Microsoft\Windows\1046\StructuredQuerySchema.bin [417554]
O61 - LFC: 2016/05/14 04:11:06 A . (..) -- C:\Users\Jordan\AppData\Local\Microsoft\GameDVR\KnownGameList.bin [212740]

---\\ Associações Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de inicialização Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Pesquisa de infeção nos navegadores da Internet (2) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Listagem dos serviços iniciados pelo Svchost (41) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [1338368] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll [958464] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll [997376] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Serviço de Configuração de Rede.) -- C:\WINDOWS\System32\NetSetupSvc.dll [207360] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Geolocalização.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280960] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Atualizar Sessão do Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [360960] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL do Serviço de Gerenciamento do Windows.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation

---\\ Lista das exceções do FireWall (FirewallRules) (26) - 5s
O87 - FAEL: "UDP Query User{FD502747-1145-498C-ACB0-F30FCE88BFB9}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.6_42094.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.6_42094.exe (.not file.)
O87 - FAEL: "TCP Query User{1F442718-BEAC-4CFC-A759-B070FC4F23A1}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.6_42094.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.6_42094.exe (.not file.)
O87 - FAEL: "UDP Query User{E935ADEA-2737-4D1C-AEEE-7C844F5087F4}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41865.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41865.exe (.not file.)
O87 - FAEL: "TCP Query User{9567873E-5B17-43F0-8E97-67DAF905AFFC}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41865.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41865.exe (.not file.)
O87 - FAEL: "UDP Query User{4303CEDD-614E-460C-B717-9F504F280579}C:\program files (x86)\freetime\formatfactory\formatfactory.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\freetime\formatfactory\formatfactory.exe (.not file.)
O87 - FAEL: "TCP Query User{8AB3760A-88F3-42E0-8017-E6C1AEC3110C}C:\program files (x86)\freetime\formatfactory\formatfactory.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\freetime\formatfactory\formatfactory.exe (.not file.)
O87 - FAEL: "UDP Query User{84AAD52A-24A3-42C0-B255-7C300C70A74A}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41712.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41712.exe (.not file.)
O87 - FAEL: "TCP Query User{1E957111-9CF1-4EE9-A050-C49EF3511058}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41712.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41712.exe (.not file.)
O87 - FAEL: "UDP Query User{A8E25834-A1A9-4FC1-A614-61055537FCE6}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41372.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41372.exe (.not file.)
O87 - FAEL: "TCP Query User{F26CF8C2-4DED-440C-A372-19A122406769}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41372.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41372.exe (.not file.)
O87 - FAEL: "UDP Query User{37F6C3A6-71B4-40C3-8C1A-11B4B95514A9}C:\users\jordan\appdata\local\popcorn time community\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\local\popcorn time community\nw.exe
O87 - FAEL: "TCP Query User{BE805DB3-682A-48D8-B108-9991A4F7185C}C:\users\jordan\appdata\local\popcorn time community\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\local\popcorn time community\nw.exe
O87 - FAEL: "UDP Query User{9F17C04D-5F4A-4496-AFF8-0D156A7E0F4B}C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe (.not file.)
O87 - FAEL: "TCP Query User{5E514C3C-1264-4F78-996A-B94C18757471}C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe (.not file.)
O87 - FAEL: "UDP Query User{6947372F-312B-49FF-BF6A-EFD1A3A13CBE}C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe (.not file.)
O87 - FAEL: "TCP Query User{6EA7B981-D2BF-4566-9AC8-E41C7709196F}C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe (.not file.)
O87 - FAEL: "UDP Query User{1509BEA8-99B3-4F7F-8226-A31D2365D5CC}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe (.not file.)
O87 - FAEL: "TCP Query User{DF373179-E879-416B-8C0D-769FCEBE569E}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe (.not file.)
O87 - FAEL: "UDP Query User{4B80E197-4B63-44D8-A8F6-4E2F78267385}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41202.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41202.exe (.not file.)
O87 - FAEL: "TCP Query User{EACA27D0-1AFC-4093-A918-F8CDC85B86C2}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41202.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41202.exe (.not file.)
O87 - FAEL: "UDP Query User{B73F1518-D7D7-45B1-A477-501BF0D3E80F}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41073.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41073.exe (.not file.)
O87 - FAEL: "TCP Query User{6A89AA3E-CDF9-475B-9A28-8619CA67F4B6}C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41073.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\roaming\utorrent\updates\3.4.5_41073.exe (.not file.)
O87 - FAEL: "UDP Query User{83864B3D-83E3-488E-BEF1-5F8AD9E92626}C:\users\jordan\appdata\local\popcorn time\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\local\popcorn time\nw.exe (.not file.)
O87 - FAEL: "TCP Query User{6559759F-83CE-4666-98D0-69F593C540E6}C:\users\jordan\appdata\local\popcorn time\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\local\popcorn time\nw.exe (.not file.)
O87 - FAEL: "UDP Query User{DC0D15FF-4E4E-4BEA-904C-0C1BB9F8B79C}C:\users\jordan\appdata\local\popcorn time\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\jordan\appdata\local\popcorn time\nw.exe (.not file.)
O87 - FAEL: "TCP Query User{4DDC626A-3F00-44EB-9DA1-37F5CFD6DAA1}C:\users\jordan\appdata\local\popcorn time\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\jordan\appdata\local\popcorn time\nw.exe (.not file.)

---\\ Claves Tracing (2) - 0s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SkypeUpdateEx_RASAPI32 =>PUP.Optional.SkypeUpdateEx
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SkypeUpdateEx_RASMANCS =>PUP.Optional.SkypeUpdateEx

---\\ Scâner Aditional (18) - 0s
C:\Program Files (x86)\SkypeUpdateEx =>PUP.Optional.SkypeUpdateEx
HKLM\SYSTEM\CurrentControlSet\Services\SkypeUpdateEx =>PUP.Optional.SkypeUpdateEx
C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe =>PUP.Optional.SkypeUpdateEx
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\im-dosearch =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\NetTcpHandler =>PUP.Optional.NetService
HKLM\SOFTWARE\Wow6432Node\NtSvcHandler =>PUP.Optional.NetService
HKLM\SOFTWARE\Wow6432Node\Sakura =>PUP.Optional.GameGogle
HKLM\SOFTWARE\Wow6432Node\seekmx =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\SkypeUpdateEx =>PUP.Optional.SkypeUpdateEx
HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\Tortuga =>PUP.Optional.Tortuga
C:\Program Files (x86)\Exploremedia =>PUP.Optional.Generic
C:\Users\Jordan\AppData\Roaming\NetService =>PUP.Optional.NetService
C:\Users\Jordan\AppData\Roaming\RunDir =>PUP.Optional.NetService
C:\Users\Jordan\AppData\Local\Crsoft =>PUP.Optional.NetService
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SkypeUpdateEx_RASAPI32 =>PUP.Optional.SkypeUpdateEx
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SkypeUpdateEx_RASMANCS =>PUP.Optional.SkypeUpdateEx

---\\ Resumo dos elementos encontrados na sua estação de trabalho (7) - 0s
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SkypeUpdateEx
http://www.nicolascoolman.fr/?p=297 =>PUP.Optional.SupTab
http://www.nicolascoolman.info/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.NetService
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.GameGogle
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SettingsManager
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Tortuga

~ End of the scan, 51621 items in 00h07mn19s (835)(0)

Publicité


Signaler le contenu de ce document

Publicité