~ ZHPDiag v2016.1.5.5 Por Nicolas Coolman (2016/01/05) ~ iniciado por cicero (Administrator) (2016/01/05 18:06:17) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Status da versão: Rede de arquivo ~ Modo: Scanner ~ Relatório: C:\Users\cicero\Desktop\ZHPDiag.txt ~ Relatório: C:\Users\cicero\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ Inicialização do sistema: Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Navegadores Internet (3) - 0s GCIE: Google Chrome v47.0.2526.106 MFIE: Mozilla Firefox 42.0 (x86 pt-BR) v42.0 MSIE: Internet Explorer v11.0.9600.18097 ---\\ Informações sobre os produtos Windows (4) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Softwares de proteçao do sistema (3) - 6s Avast Premier v11.1.2241 Malwarebytes Anti-Malware versão 2.2.0.1024 Windows Defender W7 (Activate) ---\\ Monitoramento dos softwares (2) - 6s Adobe Flash Player 18 PPAPI Adobe Reader X ---\\ Informações sobre o sistema (6) - 0s ~ Operating System: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3988.156 MB (38% free) System Restore: Activé (Enable) System drive C: has 268 GB () free of 421 GB ---\\ Modo de conexão ao sistema (3) - 0s ~ Computer Name: CICERO-PC ~ User Name: cicero ~ Logged in as Administrator ---\\ Enumeração das unidades dos discos (3) - 0s ~ Drive C: has 268 GB free of 421 GB (System) ~ Drive D: has 32 GB free of 43 GB ~ Drive E: has 6 GB free of 12 GB ---\\ Estado do Centro de Segurança do Windows (12) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: Modified [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Pesquisa particular de ficheiros genéricos (25) - 2s [MD5.332FEAB1435662FC6C672E25BEB37BE3] - 25/02/2011 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2871808] =>.Microsoft Corporation [MD5.DD81D91FF3B0763C392422865C9AC12E] - 13/07/2009 - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 13/07/2009 - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.033E70DEEE5FED5E9A3E197A2DB1A618] - 30/10/2015 - (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [2487808] =>.Microsoft Corporation [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Aplicativo de Logon do Windows.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497664] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - Driver de porta i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.73ADDCC406B86E7DA4416691E8E74BDA] - 19/10/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] =>.Microsoft Corporation [MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 24/01/2014 - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\Windows\System32\drivers\ntfs.sys [1684928] =>.Microsoft Windows® [MD5.0086431C29C35BE1DBC43F52CC273887] - 13/07/2009 - (.Microsoft Corporation - Driver de porta paralela.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.AA77EB517D2F07A947294F260E3ACA83] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [118272] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Serviços NT não Microsoft e não desativados (26) - 2s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - AGS Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.® O23 - Service: Avast Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe =>.AVAST Software a.s.® O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe =>.Broadcom Corporation® O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.Firebird Project - Firebird SQL Server.) - C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe =>.Firebird Project O23 - Service: GoogleChromeUpService (GoogleChromeUpService) . (.TODO: <公司名> - TODO: <文件说明>.) - C:\ProgramData\upgsvr.exe O23 - Service: GoogleChromeUpSvc (GoogleChromeUpSvc) . (.TODO: - TODO:.) - C:\ProgramData\Windows Update\upgsvr--.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation® O23 - Service: NO-IP DUC v4.1.1 (NoIPDUCService4) . (.Copyright © 2012 - ducservice.) - C:\Program Files (x86)\No-IP\ducservice.exe O23 - Service: PC Speed Up Service (PCSUService) . (.Optimal Software s.r.o. - PC Speed Up Service.) - C:\Program Files (x86)\Velocidade Do PC\PCSUService.exe {50C21E22FC95CC7EFFB6E44F30CE0384} =>.Superfluous.PCSpeedUp O23 - Service: PDF Architect 4 Creator (PDF Architect 4 Creator) . (.pdfforge GmbH - PDF Architect 4.) - C:\Program Files\PDF Architect 4\creator-ws.exe =>.pdfforge GmbH® O23 - Service: PDF Architect 4 Manager (PDF Architect 4 Manager) . (.© pdfforge GmbH. - Manager service.) - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe =>.pdfforge GmbH® O23 - Service: Razer Game Scanner (Razer Game Scanner Service) . (.Copyright © 2013-2015 - GameScannerService.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe =>.Razer Inc.® O23 - Service: RzKLService (RzKLService) . (.Razer Inc. - RzKLService.exe.) - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe =>.Razer Inc.® O23 - Service: SACSrv (SACSrv) . (.SafeNet, Inc. - SafeNet Authentication Client Service.) - C:\Program Files\Safenet\Authentication\SAC\x64\SACSrv.exe =>.SafeNet, Inc.® O23 - Service: PC Tools Auxiliary Service (sdAuxService) . (.PC Tools - PC Tools Auxiliary Service.) - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools O23 - Service: PC Tools Security Service (sdCoreService) . (.PC Tools - PC Tools Security Service.) - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: The Calendar Service (TheCalendarService) . (.Copyright (C) 2015 - The Calendar Service.) - C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarServ.exe {6726020D51A8625A1F9F13803B1FE9EE} O23 - Service: TunnelBear Maintenance (TunnelBearMaintenance) . (.Copyright © 2013 - TBear.Maintenance.) - C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe =>.TunnelBear, Inc.® O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation® O23 - Service: Windows Security (WindowsSecurity) . (...) - C:\Windows\system32\config\systemprofile\AppData\Roaming\winsecurity\winsecurity.exe (.not file.) O23 - Service: Xbox Live Network Manager Service (XBox) . (...) - C:\Windows\System32\config\systemprofile\AppData\Roaming\XBox\XBLive.exe (.not file.) ---\\ Tarefas planificadas automaticamente (30) - 5s [MD5.00000000000000000000000000000000] [APT] [3c91fcc2-ce59-42b3-b901-f68079520898] (...) -- C:\Users\cicero\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe (.not file.) [0] [MD5.B89A82FB10E98F2FDF51FA82C7366DD3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] =>.Adobe Systems, Incorporated® [MD5.F4B462319256598A123CA6A661FA935B] [APT] [AdobeAAMUpdater-1.0-cicero-PC-cicero] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104] =>.Adobe Systems Incorporated® [MD5.8A6D1C082176864414E85ACF6696331D] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1510320] =>.AVAST Software a.s.® [MD5.3D01BD151A423F6B7D89970E42E31E46] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6453528] =>.Piriform Ltd® [MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc® [MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc® [MD5.19DA07A5864DEE2F94CFB90EA3F92C66] [APT] [PC SpeedUp Service Deactivator] (.Optimal Software s.r.o..) -- C:\Program Files (x86)\Velocidade Do PC\PCSUSD.exe [404936] {50C21E22FC95CC7EFFB6E44F30CE0384} =>.Superfluous.PCSpeedUp [MD5.00000000000000000000000000000000] [APT] [PPTAssistantNotifyTask_cicero] (...) -- C:\Users\cicero\AppData\Local\PPTAssist\notify.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [PPTAssistantUpdateTask_cicero] (...) -- C:\Users\cicero\AppData\Local\PPTAssist\assistupdate.exe (.not file.) [0] [MD5.45ADCD37376140892745F157552A7051] [APT] [SafeZone scheduled Autoupdate 1446980082] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [728568] =>.AVAST Software s.r.o.® [MD5.00000000000000000000000000000000] [APT] [svchost] (...) -- C:\Users\cicero\AppData\Local\Temp\setup_685.exe (.not file.) [0] [MD5.141E04D88C4F3A14342395F31D540829] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [635368] =>.AVAST Software a.s.® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] =>.Google Inc. O39 - APT: PC SpeedUp Service Deactivator - (.Optimal Software s.r.o..) -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job [362] =>.Superfluous.PCSpeedUp O39 - APT: PPTAssistantNotifyTask_cicero - (...) -- C:\Windows\Tasks\PPTAssistantNotifyTask_cicero.job [334] (.Orphean.) O39 - APT: PPTAssistantUpdateTask_cicero - (...) -- C:\Windows\Tasks\PPTAssistantUpdateTask_cicero.job [604] (.Orphean.) O39 - APT: 3c91fcc2-ce59-42b3-b901-f68079520898 - (...) -- C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 [3912] (.Orphean.) O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems Incorporated O39 - APT: AdobeAAMUpdater-1.0-cicero-PC-cicero - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-cicero-PC-cicero [3506] =>.Adobe Systems Incorporated O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] =>.AVAST Software O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2794] =>.Piriform Ltd O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4066] =>.Google Inc. O39 - APT: PC SpeedUp Service Deactivator - (.Optimal Software s.r.o..) -- C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator [2742] =>.Superfluous.PCSpeedUp O39 - APT: PPTAssistantNotifyTask_cicero - (...) -- C:\Windows\System32\Tasks\PPTAssistantNotifyTask_cicero [3320] (.Orphean.) O39 - APT: PPTAssistantUpdateTask_cicero - (...) -- C:\Windows\System32\Tasks\PPTAssistantUpdateTask_cicero [3590] (.Orphean.) O39 - APT: SafeZone scheduled Autoupdate 1446980082 - (.Avast Software.) -- C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1446980082 [3040] =>.AVAST Software O39 - APT: svchost - (...) -- C:\Windows\System32\Tasks\svchost [2944] (.Orphean.) ---\\ Processos lançados (13) - 2s [MD5.203577ABAC6247467CF1EBDFC0749681] - (.Optimal Software s.r.o. - PC Speed Up Service.) -- C:\Program Files (x86)\Velocidade Do PC\PCSUService.exe [445384] [PID.1076] {50C21E22FC95CC7EFFB6E44F30CE0384} =>.Superfluous.PCSpeedUp [MD5.3C8F3685A0CA5AA6ECD5F6DA978A2635] - (.Firebird Project - Firebird SQL Server.) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [155136] [PID.2220] =>.Firebird Project [MD5.79C0292BED62418000EA13DA27C35DFD] - (.TODO: - TODO:.) -- C:\ProgramData\Windows Update\upgsvr--.exe [2787328] [PID.2300] [MD5.2881D5C135D076BCF52B0F5AD3D8DC0B] - (.PC Tools - PC Tools Auxiliary Service.) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe [348752] [PID.2828] {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools [MD5.C1CD0889ED320A037125124F1A00665A] - (.Copyright (C) 2015 - The Calendar Service.) -- C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarServ.exe [153224] [PID.2988] {6726020D51A8625A1F9F13803B1FE9EE} [MD5.FB3BCE7EDE9ABC0ADFD5FE94505B3463] - (...) -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe [7142328] [PID.3308] {3E9D26DCF703CA3B140D7E7AD48312E2} [MD5.5BB5EE7A6A0E084A65D01DE6801D2D9C] - (.Copyright (C) 2015 - calendar Application.) -- C:\Program Files (x86)\CalendarTool\2.0.0.11153\calendar.exe [3934344] [PID.3956] {6726020D51A8625A1F9F13803B1FE9EE} [MD5.4E78FE2E0AFB59399AD99FE96EF40645] - (.Firebird Project - Firebird SQL Server.) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5683712] [PID.4220] =>.Firebird Project [MD5.9CACA3FAD05C4B0D7967592E65B338F1] - (.PC Tools - PC Tools Security Service.) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe [1095560] [PID.4492] {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools [MD5.5A38F3BAD50558F0E09D696ACF612D9E] - (.Copyright © 2012 - ducservice.) -- C:\Program Files (x86)\No-IP\ducservice.exe [12288] [PID.7324] [MD5.223612B22B54AF4E97635D4C05A5A404] - (.The CefSharp Authors - CefSharp.BrowserSubprocess.) -- C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe [14848] [PID.7240] [MD5.396886920375631A1240954EB5684F8C] - (...) -- C:\Users\cicero\Desktop\Server.exe [29696] [PID.3752] [MD5.E7C5528FE56D701705B604546AB3DFB6] - (.Copyright (C) 2016 Nicolas Coolman - ZHPDiag.) -- C:\Users\cicero\Downloads\ZHPDiag3.exe [2060288] [PID.2360] =>.Copyright (C) 2016 Nicolas Coolman ---\\ Google Chrome, Arranque,Pesquisa,Extensões (19) - 39s G2 - GCE: Preference [User Data\Default] [aabcgdmkeabbnleenpncegpcngjpnjkc] Easy Auto Refresh G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [bidfdejcompgpbmbhbnemnbpokefjaoc] CoolROM for Chrome G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cmfgjfhhmajdnadjbfflgjjkgdbhihdc] NewtabTV(MyTV) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [dimfohdigjaffdaanhmbocfkpolglnjk] G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice G2 - GCE: Preference [User Data\Default] [fkpaakpeehepibjpdmoocdaonognfiog] ["update_url":"https://clients2.google.com/service/] fkpaakpeehepibjpdmoocdaonognfiog =>Hijacker.Browser G2 - GCE: Preference [User Data\Default] [fmohhmaojpagplefnjembfdeknjgfomn] Ultimas Novidades G2 - GCE: Preference [User Data\Default] [gegdfeiahlfolhcfioipjlkombmgbakh] G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock G2 - GCE: Preference [User Data\Default] [hjaipfncandiglmhpndpbbmcnojmlhnp] One Direction G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [papbadoldddalgcjcicnikcfenodpghp] G2 - GCE: Preference [User Data\Default] [pmopfkbilpnoidiclofkppbgppapnjeh] __MSG_name__ ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (6) - 5s M0 - MFSP: prefs.js [cicero - l0p60a2c.default] http://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=83f1ad47a7ea7a776d77e20cdd166339 =>PUP.Optional.Browser P2 - EXT FILE: (...) -- C:\Users\cicero\AppData\Roaming\Mozilla\Firefox\Profiles\l0p60a2c.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi P2 - EXT FILE: (...) -- C:\Users\cicero\AppData\Roaming\Mozilla\Firefox\Profiles\l0p60a2c.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi P2 - EXT FILE: (...) -- C:\Users\cicero\AppData\Roaming\Mozilla\Firefox\Profiles\l0p60a2c.default\searchplugins\google-avast.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla P2 - EXT: (...) -- C:\Users\cicero\AppData\Roaming\Mozilla\Firefox\Profiles\l0p60a2c.default\extensions\staged ---\\ Internet Explorer, Arranque, Pesquisa, Phishing (16) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/ =>PUP.Optional.Browser R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nav.brotlab.net?uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg R0 - HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv6&uid=5VJB46SC_ST9500420AS&tm=1437408224 R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://nav.brotlab.net?uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.navegaki.com?q={searchterms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nav.brotlab.net?uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.navegaki.com?q={searchterms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.navegaki.com?q={searchterms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nav.brotlab.net?uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.navegaki.com?q={searchterms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Gestão do Proxy (7) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Análise das linhas, Carregamento Automático de programas (4) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=explorer.exe C:\Windows\InstallDir\PB.exe F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation F3 - REG:win.ini: load=C:\Windows\InstallDir\PB.exe ---\\ Redireção do ficheiro Hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (24) ---\\ Browser Helper Objects do navegador (4) - 0s O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Orphean) O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software a.s.® O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation® O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} (Orphean) ---\\ Barras do Internet Explorer (1) - 0s O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) ---\\ Aplicações iniciadas por registo & pastas (40) - 1s O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation® O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe =>.Intel Corporation O4 - HKLM\..\Run: [Java7 Update] . (...) -- C:\Windows\SysWOW64\SYSCICERO-PC.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Run: [Java Scheduler 7] C:\Windows\SysWOW64\Java8.exe (.not file.) O4 - HKCU\..\Run: [-] . (.Copyright (C) 2015 - .) -- C:\ProgramData\msdtc.exe O4 - HKCU\..\Run: [Avirnt] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FB17E02B13909AC62F36CBDEE60D7774] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\cicero\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKCU\..\Run: [93f19dda2412c86ad7520ba4198f39a0] . (...) -- C:\Users\cicero\Desktop\Server.exe O4 - HKCU\..\Run: [HKCU] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKCU\..\RunOnce: [Server] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software a.s.® O4 - HKLM\..\Wow6432Node\Run: [RazerCortex] . (.Razer Inc. - RazerCortex.exe.) -- C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe =>.Razer Inc.® O4 - HKLM\..\Wow6432Node\Run: [Avgnt] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O4 - HKLM\..\Wow6432Node\Run: [ISTray] . (.PC Tools - PC Tools Tray Application.) -- C:\Program Files (x86)\Spyware Doctor\pctsTray.exe {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools O4 - HKLM\..\Wow6432Node\Run: [LightGate] . (...) -- C:\ProgramData\LightGate.exe O4 - HKLM\..\Wow6432Node\Run: [93f19dda2412c86ad7520ba4198f39a0] . (...) -- C:\Users\cicero\Desktop\Server.exe O4 - HKLM\..\Wow6432Node\Run: [HKLM] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKLM\..\Wow6432Node\RunOnce: [Server] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKLM\..\policies\Explorer\Run: [Server] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKLM\..\policies\Explorer\Run: [Policies] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O4 - HKCU\..\policies\Explorer\Run: [Server] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKCU\..\policies\Explorer\Run: [Policies] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [-] . (.Copyright (C) 2015 - .) -- C:\ProgramData\msdtc.exe O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [Avirnt] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [GoogleChromeAutoLaunch_FB17E02B13909AC62F36CBDEE60D7774] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\cicero\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [93f19dda2412c86ad7520ba4198f39a0] . (...) -- C:\Users\cicero\Desktop\Server.exe O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\Run: [HKCU] . (...) -- C:\Windows\InstallDir\PB.exe O4 - HKUS\S-1-5-21-501536913-4076421644-950416302-1000\..\RunOnce: [Server] . (...) -- C:\Windows\InstallDir\PB.exe ---\\ Alteração Dominio/Clientes DNS (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AEEE2A9-3C23-4FAD-8C1D-008D41AF2AE9}: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D7FE07B-7B08-4EF2-BD62-EADE69AA4E73}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AEEE2A9-3C23-4FAD-8C1D-008D41AF2AE9}: DhcpNameServer = 192.168.0.1 ---\\ Protocolo adicional (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation® O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation® O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® ---\\ Software instalados (102) - 18s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent O42 - Logiciel: Adobe Flash Player 18 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Reader X (10.1.16) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AA1000000001} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824161310} =>.Adobe Systems Incorporated O42 - Logiciel: Advanced Calendar 2.0.0.11153 - (.MEIXIAN XIE.) [HKLM][64Bits] -- {D9BAB2C9-5236-48c3-AF02-67E799F09BBD} {6726020D51A8625A1F9F13803B1FE9EE} O42 - Logiciel: Aftermath - (.Free Reign Entertainment.) [HKLM][64Bits] -- Steam App 349700 =>.Valve® O42 - Logiciel: Application Verifier x64 External Package - (.Microsoft.) [HKLM][64Bits] -- {7346C35D-942D-3CCE-94CB-7008BA8D63CB} =>.Microsoft O42 - Logiciel: Audacity 2.1.1 - (.Audacity Team.) [HKLM][64Bits] -- Audacity®_is1 =>.Audacity Team O42 - Logiciel: Avast License by ZeNiX [2014-01-11] - (...) [HKLM][64Bits] -- Avast_2050_ZeNiX [2014-01-11]_is1 O42 - Logiciel: Avast Premier - (.AVAST Software.) [HKLM][64Bits] -- Avast =>.AVAST Software a.s.® O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} =>.Cisco Systems, Inc. O42 - Logiciel: Conectividade Social - (...) [HKLM][64Bits] -- Conectividade Social O42 - Logiciel: CPUID CPU-Z 1.74 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1 O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.Disc Soft Ltd® O42 - Logiciel: Defiance - (.Trion Worlds, Inc..) [HKLM][64Bits] -- Steam App 224600 =>.Valve® O42 - Logiciel: ECCentralOp - (.e-Contab Sistemas.) [HKLM][64Bits] -- ECCentralOp_is1 O42 - Logiciel: EVEREST Ultimate Edition v5.50 - (.Lavalys, Inc..) [HKLM][64Bits] -- EVEREST Ultimate Edition_is1 =>.Lavalys, Inc. O42 - Logiciel: Fallout 3 - (.Bethesda Softworks.) [HKLM][64Bits] -- {974C4B12-4D02-4879-85E0-61C95CC63E9E} =>.Bethesda Softworks O42 - Logiciel: Galeria de Fotos - (.Microsoft Corporation.) [HKLM][64Bits] -- {9EE1AE8B-4872-41CA-8C9A-C33D899523E0} =>.Microsoft Corporation O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: GRRF Eletrônica - (...) [HKLM][64Bits] -- GRRF Eletrônica O42 - Logiciel: HandBrake 0.10.2 - (...) [HKLM][64Bits] -- HandBrake O42 - Logiciel: HiAlgo BOOST 4.0 - (.HiAlgo Inc..) [HKCU][64Bits] -- HiAlgoBOOST O42 - Logiciel: HiAlgo SWITCH 2.0 - (.HiAlgo Inc..) [HKCU][64Bits] -- HiAlgoSWITCH O42 - Logiciel: IdleMaster - (.IdleMaster.) [HKCU][64Bits] -- 1d85483b1c982d8c O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {5CA7FC9B-8508-4494-B365-6FBCBAEB8E89} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {27DEA29A-222C-45F8-B70D-0A7B303FC71B} =>.Intel Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} =>.Microsoft Corporation O42 - Logiciel: Kits Configuration Installer - (.Microsoft.) [HKLM][64Bits] -- {E14DDED2-919B-FCCB-84AC-5ABB6D182D46} =>.Microsoft O42 - Logiciel: Lazar Crypter 1.3 - (.Lazar Laszlo.) [HKLM][64Bits] -- {B17751C4-9D72-486C-8AB8-A339CB044DAD}_is1 O42 - Logiciel: Malwarebytes Anti-Malware versão 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: Manager - (.2015 pdfforge GmbH. All rights reserved.) [HKLM][64Bits] -- {A11F05A4-7CAD-4F85-8C85-DCA18E3E208D} O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation O42 - Logiciel: Mitos.is: The Game - (.Freakinware Studios.) [HKLM][64Bits] -- Steam App 389570 =>.Valve® O42 - Logiciel: Mozilla Firefox 42.0 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 42.0 (x86 pt-BR) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: MSI to redistribute MS VS2005 CRT libraries - (.The Firebird Project.) [HKLM][64Bits] -- {A8D93648-9F7F-407D-915C-62044644C3DA} =>.The Firebird Project O42 - Logiciel: MSI to redistribute MS VS2005 CRT libraries - (.The Firebird Project.) [HKLM][64Bits] -- {EBFC96E5-4409-426E-88B7-650ADB342E78} =>.The Firebird Project O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM][64Bits] -- NoIPDUC =>.Vitalwerks Internet Solutions LLC O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} =>.NVIDIA Corporation O42 - Logiciel: PDF Architect 4 - (.pdfforge GmbH.) [HKLM][64Bits] -- PDF Architect 4 =>.pdfforge GmbH® O42 - Logiciel: PDF Architect 4 Create Module - (.pdfforge GmbH.) [HKLM][64Bits] -- {373FD974-6F3C-4946-99BA-B9E6E2608DE2} =>.pdfforge GmbH O42 - Logiciel: PDF Architect 4 Edit Module - (.pdfforge GmbH.) [HKLM][64Bits] -- {5FF218A5-86BC-420A-A44A-66EA7C234068} =>.pdfforge GmbH O42 - Logiciel: PDF Architect 4 View Module - (.pdfforge GmbH.) [HKLM][64Bits] -- {A8104CED-8954-4311-9894-FC1E0FDE3ACB} =>.pdfforge GmbH O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} =>.pdfforge O42 - Logiciel: PointBlank - (.Ongame S.A & Zepetto.) [HKCU][64Bits] -- PointBlank O42 - Logiciel: Quantum - (.Quantum LLC.) [HKLM][64Bits] -- Quantum O42 - Logiciel: Razer Cortex - (.Razer Inc..) [HKLM][64Bits] -- Razer Cortex_is1 =>.Razer Inc.® O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Social Club =>.Take-Two Interactive Software, Inc.® O42 - Logiciel: SafeZone Stable 1.46.1990.55 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 1.46.1990.55 =>.AVAST Software s.r.o.® O42 - Logiciel: SDK Debuggers - (.Microsoft Corporation.) [HKLM][64Bits] -- {E63A3353-003C-E4C2-230B-F155212D1479} =>.Microsoft Corporation O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} =>.Microsoft Corporation O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB931906 =>.Microsoft Corporation O42 - Logiciel: SEFIP 8.40 - (...) [HKLM][64Bits] -- SEFIP 8.40 O42 - Logiciel: Sicalc Auto Atendimento - (.Receita Federal do Brasil.) [HKLM][64Bits] -- Sicalc Auto Atendimento O42 - Logiciel: Simple Port Tester - (.PcWinTech.com.) [HKLM][64Bits] -- Simple Port Tester3.0.0 =>.PcWinTech.com O42 - Logiciel: Skype™ 7.13 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} =>.Skype Technologies S.A. O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {98f335cd-0a32-4b3f-b74c-ef9480e834f0} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: SpeedRunners Party Mode - (.DoubleDutch Games.) [HKLM][64Bits] -- {43FFD775-30F4-474F-A767-E48A17432B0F}_is1 =>.DoubleDutch Games O42 - Logiciel: Spyware Doctor 6.0 - (.PC Tools.) [HKLM][64Bits] -- Spyware Doctor {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools O42 - Logiciel: Stay Live 2000 - (.Gregory Braun -- Software Design.) [HKLM][64Bits] -- Stay Live 2000 O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve® O42 - Logiciel: Survarium-Steam - (...) [HKLM][64Bits] -- {A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1 {55C7F0AA57213024FE248E5182C9C6C7} O42 - Logiciel: Transformice - (.Atelier 801.) [HKLM][64Bits] -- Steam App 335240 =>.Valve® O42 - Logiciel: Trove - (.Trion Worlds.) [HKLM][64Bits] -- Steam App 304050 =>.Valve® O42 - Logiciel: TunnelBear - (.TunnelBear.) [HKLM][64Bits] -- {16e8ed28-0234-485c-9898-d1fb0462161a} =>.TunnelBear, Inc.® O42 - Logiciel: TunnelBear - (.TunnelBear.) [HKLM][64Bits] -- {8B95DB67-29B8-4479-BBC5-3122BCB0AF1E} =>.TunnelBear O42 - Logiciel: TZip 1.0 - (.TZip.) [HKLM][64Bits] -- TZip O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay =>.Ubisoft Entertainment Sweden AB® O42 - Logiciel: Velocidade Do PC - (.Optimal Software s.r.o..) [HKLM][64Bits] -- PCSU-SL_is1 {50C21E22FC95CC7EFFB6E44F30CE0384} =>.Superfluous.OptimalSoftware O42 - Logiciel: Windows App Certification Kit Native Components - (.Microsoft Corporation.) [HKLM][64Bits] -- {3FA063D7-EDC1-AFA8-54AF-0563C7DEE070} =>.Microsoft Corporation O42 - Logiciel: Windows App Certification Kit x64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {02213A81-CB13-7262-5ABE-1FFA2C75559F} =>.Microsoft Corporation O42 - Logiciel: Windows Software Development Kit DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FB4C443-6BD6-1514-2717-3827D65AE6FB} =>.Microsoft Corporation O42 - Logiciel: Windows Software Development Kit DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {23176E97-26CB-C72A-19EB-BFB21AC1D15A} =>.Microsoft Corporation O42 - Logiciel: Windows Software Development Kit EULA - (.Microsoft Corporations.) [HKLM][64Bits] -- {D4F102C5-EEA1-CAE1-8E67-1A7FCE27F673} =>Heuristique.Suspect O42 - Logiciel: Windows Software Development Kit for Windows Store Apps - (.Microsoft Corporation.) [HKLM][64Bits] -- {D11F66FF-82B3-DDB8-1146-525370552BE1} =>.Microsoft Corporation O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {27EF252D-800C-ED42-9904-459FE0046225} =>.Microsoft Corporation O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {42F61556-29ED-8122-F39E-6F04EA5FF279} =>.Microsoft Corporation O42 - Logiciel: Windows Software Development Kit Redistributables - (.Microsoft Corporation.) [HKLM][64Bits] -- {512957F0-B211-C50A-C1FC-6867FC3348A1} =>.Microsoft Corporation O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: World of Soccer online - (.Johannes Eski.) [HKLM][64Bits] -- Steam App 393410 =>.Valve® O42 - Logiciel: World of Tanks - (.Wargaming.net.) [HKCU][64Bits] -- {1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1 =>.Wargaming.net O42 - Logiciel: WPT Redistributables - (.Microsoft.) [HKLM][64Bits] -- {A5D42D71-4036-5F88-5085-657C9DF9F1DD} =>.Microsoft O42 - Logiciel: WPTx64 - (.Microsoft.) [HKLM][64Bits] -- {986EABFC-92F6-CECD-9E5A-B13CAC40BB1D} =>.Microsoft ---\\ Ponto de restauro do sistema (173) - 18s HKLM\SOFTWARE\Wow6432Node\A.E.T. Europe B.V. HKLM\SOFTWARE\Wow6432Node\Activision HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\Bethesda Softworks HKLM\SOFTWARE\Wow6432Node\Borland HKLM\SOFTWARE\Wow6432Node\Caixa HKLM\SOFTWARE\Wow6432Node\chrome_elf_wk HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo HKLM\SOFTWARE\Wow6432Node\EasyAntiCheat HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\EVP HKLM\SOFTWARE\Wow6432Node\GameHi HKLM\SOFTWARE\Wow6432Node\GameVicio HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\goopdate_wk HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\PCTools HKLM\SOFTWARE\Wow6432Node\PDF Architect 4 HKLM\SOFTWARE\Wow6432Node\Programas RFB HKLM\SOFTWARE\Wow6432Node\ProtectedHp HKLM\SOFTWARE\Wow6432Node\Quantum HKLM\SOFTWARE\Wow6432Node\Razer HKLM\SOFTWARE\Wow6432Node\REGISTEREDAPPLICATIONS HKLM\SOFTWARE\Wow6432Node\Reltek HKLM\SOFTWARE\Wow6432Node\Rockstar Games HKLM\SOFTWARE\Wow6432Node\SafeNet HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Software by Design HKLM\SOFTWARE\Wow6432Node\Sony Creative Software HKLM\SOFTWARE\Wow6432Node\Speedchecker Limited =>PUP.Optional.InternetSpeedChecker HKLM\SOFTWARE\Wow6432Node\TightVNC HKLM\SOFTWARE\Wow6432Node\TunnelBear HKLM\SOFTWARE\Wow6432Node\Ubisoft HKLM\SOFTWARE\Wow6432Node\Unwinder HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\Vitalwerks HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Vostok Games HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\WombatUpdater HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo! HKCU\SOFTWARE\((Mutex)) HKCU\SOFTWARE\1LWXP HKCU\SOFTWARE\93f19dda2412c86ad7520ba4198f39a0 =>PUP.Optional.CrossRider HKCU\SOFTWARE\A.E.T. Europe B.V. HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AhnLab HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ARL HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\BcmSetup HKCU\SOFTWARE\Bertware HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\bPGWY4z HKCU\SOFTWARE\Brasfoot2015 HKCU\SOFTWARE\Cassowary HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\DirectShow HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\Drivers HKCU\SOFTWARE\e-Contab HKCU\SOFTWARE\Elgato Systems GmbH HKCU\SOFTWARE\EMU HKCU\SOFTWARE\eNWYSSJ HKCU\SOFTWARE\Facepunch Studios HKCU\SOFTWARE\Fishing Planet LLC HKCU\SOFTWARE\FreeReign HKCU\SOFTWARE\GameSpy HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HiAlgo HKCU\SOFTWARE\HngSync HKCU\SOFTWARE\Hogkey Games HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Jeski HKCU\SOFTWARE\Lavalys HKCU\SOFTWARE\Lazar Crypter HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\LightGate HKCU\SOFTWARE\LogMeInRescueCallingCard HKCU\SOFTWARE\ltUaEuNlaRON0ExrPU5Qb6Eq HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mirillis HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Ndemic Creations HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nexon HKCU\SOFTWARE\njRAT v0.6.4 HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OOdLi5UkR46O2 HKCU\SOFTWARE\OpenAutomate HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\ORL HKCU\SOFTWARE\osTip HKCU\SOFTWARE\PB HKCU\SOFTWARE\PCTools HKCU\SOFTWARE\PDF Architect 4 HKCU\SOFTWARE\PDFCreator.net HKCU\SOFTWARE\pdfforge HKCU\SOFTWARE\PdLfHbRy8tFLQmrMk HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PlayCheat HKCU\SOFTWARE\PopWnd HKCU\SOFTWARE\PPTAssist HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\Quantum HKCU\SOFTWARE\Rage HKCU\SOFTWARE\Remote Mouse HKCU\SOFTWARE\RemoteMouse.net HKCU\SOFTWARE\Rockstar Games HKCU\SOFTWARE\s4UUJhQtT1v7dCD HKCU\SOFTWARE\S6bZ8FsK HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\SimonTatham HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Software by Design HKCU\SOFTWARE\Sony Creative Software HKCU\SOFTWARE\Speedchecker Limited =>PUP.Optional.InternetSpeedChecker HKCU\SOFTWARE\SvrUpg HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\System32 HKCU\SOFTWARE\Telltale Games HKCU\SOFTWARE\TightVNC HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner HKCU\SOFTWARE\TunnelBear HKCU\SOFTWARE\Unity HKCU\SOFTWARE\UpgSvr HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Vitalwerks HKCU\SOFTWARE\Vostok Games HKCU\SOFTWARE\VSjgya57LtV HKCU\SOFTWARE\VSRevoGroup HKCU\SOFTWARE\Wargaming.net HKCU\SOFTWARE\WCA HKCU\SOFTWARE\whZiNQwMimORbx9F6t28mdHpG HKCU\SOFTWARE\Widcomm HKCU\SOFTWARE\Win HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\Xatoku Productions HKCU\SOFTWARE\XtremeRAT-DISCLAIMER HKCU\SOFTWARE\yahooprovidedsearch =>PUP.Optional.Dealply HKCU\SOFTWARE\YeaInstaller HKCU\SOFTWARE\YeaInstallUID HKCU\SOFTWARE\ZBbNyXWdxwuMWyleeITG7nT8dA HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Conteúdo das pastas Programs (360) - 79s O43 - CFD: 11/12/2015 - [0] D -- C:\Program Files (x86)\Addons O43 - CFD: 29/07/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 23/08/2015 - [0] D -- C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\Application Verifier O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Audacity O43 - CFD: 18/11/2015 - [] D -- C:\Program Files (x86)\CAIXA O43 - CFD: 01/01/2016 - [] D -- C:\Program Files (x86)\CalendarTool {6726020D51A8625A1F9F13803B1FE9EE} O43 - CFD: 11/12/2015 - [0] D -- C:\Program Files (x86)\cc211a16-7cb6-4559-a416-00e0a4d9fbc7 =>PUP.Optional.CrossRider O43 - CFD: 11/12/2015 - [] D -- C:\Program Files (x86)\Cisco O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 17/12/2015 - [] D -- C:\Program Files (x86)\Counter-Strike Global Offensive O43 - CFD: 11/12/2015 - [0] D -- C:\Program Files (x86)\ddd707ee-f5c2-413a-a7e0-183b6f78b921 =>PUP.Optional.CrossRider O43 - CFD: 01/01/2016 - [0] D -- C:\Program Files (x86)\Dead Rising 3 O43 - CFD: 11/12/2015 - [0] D -- C:\Program Files (x86)\e48f59c3-b87a-4bac-b032-418aa6336d56 =>PUP.Optional.CrossRider O43 - CFD: 11/12/2015 - [0] D -- C:\Program Files (x86)\e70ec5a3-faee-4eac-a4b5-f53a503f738d =>PUP.Optional.CrossRider O43 - CFD: 15/09/2015 - [0] D -- C:\Program Files (x86)\f5e2bbeb-a554-4e16-9a92-2734914fe903 =>PUP.Optional.CrossRider O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\GameVicio O43 - CFD: 29/08/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 12/11/2015 - [] D -- C:\Program Files (x86)\GRRF O43 - CFD: 03/08/2015 - [] D -- C:\Program Files (x86)\HiAlgo O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - Software and Firmware Products® O43 - CFD: 17/12/2015 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility O43 - CFD: 18/12/2015 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 19/12/2015 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 19/07/2015 - [] D -- C:\Program Files (x86)\Lavalys =>.LAVALYS® O43 - CFD: 31/12/2015 - [] D -- C:\Program Files (x86)\Lazar Crypter O43 - CFD: 01/01/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 29/07/2015 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 30/07/2015 - [] D -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 29/07/2015 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\Microsoft OneDrive =>.Microsoft Corporation® O43 - CFD: 28/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 24/12/2015 - [] D -- C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation® O43 - CFD: 29/07/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 05/12/2015 - [] D -- C:\Program Files (x86)\Mirillis =>.Mirillis® O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 21/10/2015 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 29/07/2015 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 31/12/2015 - [] D -- C:\Program Files (x86)\No-IP O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\PDF Architect 4 O43 - CFD: 31/08/2015 - [] D -- C:\Program Files (x86)\Programas RFB O43 - CFD: 17/12/2015 - [] D -- C:\Program Files (x86)\PSafe {07F79AA9335B794D70779F719061AFF2} O43 - CFD: 28/12/2015 - [] D -- C:\Program Files (x86)\Quantum O43 - CFD: 17/07/2015 - [] D -- C:\Program Files (x86)\R.G. Mechanics O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Razer =>.Razer Inc.® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 17/12/2015 - [] D -- C:\Program Files (x86)\Remote Mouse O43 - CFD: 11/08/2015 - [] D -- C:\Program Files (x86)\RivaTuner Statistics Server O43 - CFD: 25/12/2015 - [] D -- C:\Program Files (x86)\Rockstar Games =>.Take-Two Interactive Software, Inc.® O43 - CFD: 18/12/2015 - [] D -- C:\Program Files (x86)\ShowMyPCService {0417672C50CCCEB12ACC38DA34266994} O43 - CFD: 31/12/2015 - [] D -- C:\Program Files (x86)\Simple Port Tester O43 - CFD: 08/11/2015 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 07/08/2015 - [] D -- C:\Program Files (x86)\Software by Design O43 - CFD: 24/12/2015 - [] D -- C:\Program Files (x86)\SpeedRunnersPartyMode O43 - CFD: 19/12/2015 - [] D -- C:\Program Files (x86)\Spyware Doctor {0DBD834441EB5DA04C0C3A88C3BD42FC} O43 - CFD: 01/01/2016 - [] D -- C:\Program Files (x86)\Steam =>.Valve® O43 - CFD: 02/01/2016 - [] D -- C:\Program Files (x86)\TunnelBear =>.TunnelBear, Inc.® O43 - CFD: 28/12/2015 - [] D -- C:\Program Files (x86)\TZip {2617E71F3DD61639E291AD2D048E1D8A} O43 - CFD: 06/12/2015 - [] D -- C:\Program Files (x86)\Ubisoft =>.Ubisoft Entertainment Sweden AB® O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 12/11/2015 - [] D -- C:\Program Files (x86)\UPCleaner O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Velocidade Do PC {50C21E22FC95CC7EFFB6E44F30CE0384} O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\VS Revo Group =>.VS Revo Group® O43 - CFD: 23/07/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\Windows Kits =>.Microsoft Corporation® O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 07/02/2011 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 27/07/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 07/02/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 07/02/2011 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 07/02/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 17/07/2015 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH® O43 - CFD: 21/10/2015 - [] D -- C:\Program Files (x86)\Wise O43 - CFD: 13/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 06/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 07/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 13/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot 2015 O43 - CFD: 13/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot2015 O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAIXA O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 03/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Rising 3 O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Contab O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 O43 - CFD: 03/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4 O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (x64) O43 - CFD: 12/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 18/07/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gemc O43 - CFD: 22/10/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake O43 - CFD: 30/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 19/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys O43 - CFD: 17/07/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft O43 - CFD: 31/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazar Crypter O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 01/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 01/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4 O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quantum O43 - CFD: 08/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeNet O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeSign Standard O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 08/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedRunnersPartyMode O43 - CFD: 26/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Doctor O43 - CFD: 17/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 17/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam O43 - CFD: 05/02/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TZip O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Velocidade Do PC O43 - CFD: 26/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits O43 - CFD: 14/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks O43 - CFD: 28/07/2015 - [] SHD -- C:\ProgramData\360Quarant O43 - CFD: 29/07/2015 - [] D -- C:\ProgramData\A.E.T. Europe B.V O43 - CFD: 04/11/2015 - [] D -- C:\ProgramData\adb O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\AdobeCatchTemp O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 07/11/2015 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Baidu O43 - CFD: 17/07/2015 - [0] SHD -- C:\ProgramData\Dados de aplicativos O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 10/08/2015 - [] D -- C:\ProgramData\Dell O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 17/07/2015 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 17/07/2015 - [0] SHD -- C:\ProgramData\Favoritos O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\firebird O43 - CFD: 25/07/2015 - [] D -- C:\ProgramData\fwaJIm O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Intel O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\IntelDLM O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\kingsoft O43 - CFD: 11/10/2015 - [] D -- C:\ProgramData\KONAMI O43 - CFD: 27/07/2015 - [] D -- C:\ProgramData\LogMeIn O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\LumaEmu_SteamCloud O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 17/07/2015 - [0] SHD -- C:\ProgramData\Menu Iniciar O43 - CFD: 28/12/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 26/11/2015 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 14/09/2015 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 17/07/2015 - [] D -- C:\ProgramData\Mirillis O43 - CFD: 17/07/2015 - [0] SHD -- C:\ProgramData\Modelos O43 - CFD: 13/09/2015 - [] D -- C:\ProgramData\Nexon O43 - CFD: 17/07/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 26/11/2015 - [] D -- C:\ProgramData\PC Tools O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\PDF Architect 4 O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\pdfforge O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Programas RFB O43 - CFD: 22/07/2015 - [] D -- C:\ProgramData\PSafe O43 - CFD: 08/11/2015 - [] D -- C:\ProgramData\Razer O43 - CFD: 01/01/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 08/11/2015 - [] D -- C:\ProgramData\Skype O43 - CFD: 17/07/2015 - [] D -- C:\ProgramData\SlimWare Utilities, Inc O43 - CFD: 18/07/2015 - [] D -- C:\ProgramData\Socialclub O43 - CFD: 23/07/2015 - [] D -- C:\ProgramData\Sony O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 18/07/2015 - [] D -- C:\ProgramData\Steam O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\System32 O43 - CFD: 05/01/2016 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 31/12/2015 - [] D -- C:\ProgramData\Vitalwerks O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Windows App Certification Kit O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Windows Update O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\WindowsMsg O43 - CFD: 25/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Common Files\AV O43 - CFD: 09/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 10/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 19/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Microsoft O43 - CFD: 24/12/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\Common Files\PC Tools O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\PDF Software O43 - CFD: 17/07/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 23/07/2015 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 23/07/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 17/07/2015 - [] SHD -- C:\Users\cicero\AppData\Roaming\.# O43 - CFD: 19/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\.minecraft O43 - CFD: 24/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\.mono O43 - CFD: 26/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\.technic O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\abgx360 O43 - CFD: 25/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Adobe O43 - CFD: 08/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\afght O43 - CFD: 21/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Audacity O43 - CFD: 29/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\AVAST Software O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\AVG O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\AVG2014 O43 - CFD: 12/10/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Awesomium O43 - CFD: 02/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\baidu O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Baidu Security O43 - CFD: 02/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Bertware O43 - CFD: 05/01/2016 - [] D -- C:\Users\cicero\AppData\Roaming\CalendarTool O43 - CFD: 29/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Citra team O43 - CFD: 21/10/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\CnDpXo O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 04/10/2015 - [] D -- C:\Users\cicero\AppData\Roaming\com.freakinware.mitosis O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Creative O43 - CFD: 03/01/2016 - [] D -- C:\Users\cicero\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\DiskDefrag O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\dvdcss O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\DVDVideoSoft O43 - CFD: 01/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Elgato O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\GetRightToGo O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\GlarySoft O43 - CFD: 17/07/2015 - [] HD -- C:\Users\cicero\AppData\Roaming\GoldenGate O43 - CFD: 26/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\HandBrake O43 - CFD: 07/09/2015 - [] D -- C:\Users\cicero\AppData\Roaming\HeroesAndGeneralsDesktop O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Identities O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\IMVU O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\InstallW O43 - CFD: 10/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Intel Corporation O43 - CFD: 22/10/2015 - [] D -- C:\Users\cicero\AppData\Roaming\java O43 - CFD: 01/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\kingsoft O43 - CFD: 05/01/2016 - [0] D -- C:\Users\cicero\AppData\Roaming\LightGate O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Locktime O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Locktime Software O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Macromedia O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Macrovision O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\MAXON O43 - CFD: 05/02/2011 - [0] D -- C:\Users\cicero\AppData\Roaming\Media Center Programs O43 - CFD: 26/06/2005 - [] RSHD -- C:\Users\cicero\AppData\Roaming\Microsoft O43 - CFD: 01/07/2013 - [0] D -- C:\Users\cicero\AppData\Roaming\Minecraft Version Changer O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Mirillis O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\MMFApplications O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Mozilla O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\MusicNet O43 - CFD: 22/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Notepad++ O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\OnLive App O43 - CFD: 20/07/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\Opera Software O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\OTP O43 - CFD: 26/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\PC Tools O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\PCDr O43 - CFD: 21/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\PDF Architect 4 O43 - CFD: 01/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\pptassist O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Programas RFB O43 - CFD: 23/07/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\Publish Providers O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Reallusion O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Roxio O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Roxio Burn O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Samsung O43 - CFD: 17/07/2015 - [] RHD -- C:\Users\cicero\AppData\Roaming\SecuROM O43 - CFD: 29/09/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\seekmx O43 - CFD: 12/09/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Shooter O43 - CFD: 21/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Skype O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\SoftGrid Client O43 - CFD: 17/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Sony O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Spiritsoft O43 - CFD: 17/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 O43 - CFD: 12/10/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Steam O43 - CFD: 13/09/2015 - [] D -- C:\Users\cicero\AppData\Roaming\steam.transformice.com O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Steganos O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Steganos Updates O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Steganos VPN O43 - CFD: 28/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Sun O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\TechSmith O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Tibia O43 - CFD: 25/02/2014 - [0] D -- C:\Users\cicero\AppData\Roaming\TP O43 - CFD: 20/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Trove O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\TuneUp Software O43 - CFD: 01/01/2016 - [] D -- C:\Users\cicero\AppData\Roaming\TunnelBear O43 - CFD: 21/10/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Tunngle O43 - CFD: 28/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\UG O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Unity O43 - CFD: 05/01/2016 - [] D -- C:\Users\cicero\AppData\Roaming\uTorrent O43 - CFD: 22/07/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\vlc O43 - CFD: 05/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Wargaming.net O43 - CFD: 17/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\WeatherTool =>PUP.Optional.WeatherTool O43 - CFD: 01/01/2016 - [0] RSHD -- C:\Users\cicero\AppData\Roaming\Win32 O43 - CFD: 29/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Windows Live Writer O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\WinRAR O43 - CFD: 05/01/2016 - [] D -- C:\Users\cicero\AppData\Roaming\ZHP O43 - CFD: 17/07/2015 - [] D -- C:\Users\cicero\AppData\Roaming\{90140011-0066-0416-0000-0000000FF1CE} O43 - CFD: 16/12/2015 - [] D -- C:\Users\cicero\AppData\Local\A.E.T. Europe B.V O43 - CFD: 05/01/2016 - [] D -- C:\Users\cicero\AppData\Local\Adobe O43 - CFD: 12/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Apps O43 - CFD: 27/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Broadcom O43 - CFD: 27/10/2015 - [] D -- C:\Users\cicero\AppData\Local\CEF O43 - CFD: 05/01/2016 - [] D -- C:\Users\cicero\AppData\Local\CrashDumps O43 - CFD: 28/10/2015 - [] D -- C:\Users\cicero\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 24/12/2015 - [0] D -- C:\Users\cicero\AppData\Local\Deployment O43 - CFD: 21/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Disc_Soft_Ltd O43 - CFD: 20/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Fallout3 O43 - CFD: 22/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Fallout4 O43 - CFD: 17/12/2015 - [0] D -- C:\Users\cicero\AppData\Local\fina O43 - CFD: 28/10/2015 - [] D -- C:\Users\cicero\AppData\Local\FreeReign O43 - CFD: 26/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Google O43 - CFD: 28/10/2015 - [] D -- C:\Users\cicero\AppData\Local\GWX O43 - CFD: 12/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Intel O43 - CFD: 01/12/2015 - [] D -- C:\Users\cicero\AppData\Local\IsolatedStorage O43 - CFD: 31/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Level Up! O43 - CFD: 27/10/2015 - [] D -- C:\Users\cicero\AppData\Local\LogMeIn O43 - CFD: 04/11/2015 - [] D -- C:\Users\cicero\AppData\Local\LogMeIn Hamachi O43 - CFD: 28/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Microsoft O43 - CFD: 02/11/2015 - [0] D -- C:\Users\cicero\AppData\Local\Microsoft Help O43 - CFD: 05/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Mike_Hall O43 - CFD: 27/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Mirillis O43 - CFD: 11/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Mozilla O43 - CFD: 05/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Ndemic Creations O43 - CFD: 16/12/2015 - [0] D -- C:\Users\cicero\AppData\Local\PDFCreator O43 - CFD: 03/01/2016 - [0] D -- C:\Users\cicero\AppData\Local\PointBlank O43 - CFD: 03/11/2015 - [0] D -- C:\Users\cicero\AppData\Local\PPTAssist O43 - CFD: 26/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Programs O43 - CFD: 08/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Razer O43 - CFD: 08/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Razer_Inc O43 - CFD: 14/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Rockstar Games O43 - CFD: 17/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Setup1517983 O43 - CFD: 17/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Setup1617933 O43 - CFD: 27/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Skype O43 - CFD: 27/11/2015 - [] D -- C:\Users\cicero\AppData\Local\Skyrim O43 - CFD: 13/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Sony O43 - CFD: 27/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Steam O43 - CFD: 05/01/2016 - [] D -- C:\Users\cicero\AppData\Local\Temp O43 - CFD: 06/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Ubisoft O43 - CFD: 06/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Ubisoft Game Launcher O43 - CFD: 05/12/2015 - [] D -- C:\Users\cicero\AppData\Local\ULG O43 - CFD: 31/12/2015 - [] D -- C:\Users\cicero\AppData\Local\Vitalwerks O43 - CFD: 28/10/2015 - [] D -- C:\Users\cicero\AppData\Local\Windows Live Writer O43 - CFD: 17/12/2015 - [] D -- C:\Users\cicero\AppData\Local\{D7F2E1AE-F35A-8D16-9EC2-A8FEBAAA5466} O43 - CFD: 14/07/2009 - [] RD -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 03/11/2015 - [] RD -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 03/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome O43 - CFD: 06/09/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot2015 O43 - CFD: 29/07/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CAIXA O43 - CFD: 11/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-Contab O43 - CFD: 12/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 20/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio O43 - CFD: 03/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 13/12/2015 - [0] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake O43 - CFD: 15/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiAlgo O43 - CFD: 12/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IdleMaster O43 - CFD: 04/11/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up O43 - CFD: 14/07/2009 - [] RD -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 31/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC O43 - CFD: 02/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 10/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server O43 - CFD: 31/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Tester O43 - CFD: 07/08/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Software by Design O43 - CFD: 05/01/2016 - [] RD -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 17/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 06/12/2015 - [] D -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft ---\\ Últimos arquivos criados no Windows Prefetcher (2) - 6s O45 - LFCP:[MD5.13FB3E3D2045D15E824F647E306D48C6] 05/01/2016 A -- C:\Windows\Prefetch\PCSUSD.EXE-61D26DB6.pf =>.Superfluous.PCSpeedUp O45 - LFCP:[MD5.BF20929D89E5F091066493617037A1A4] 04/01/2016 A -- C:\Windows\Prefetch\PCSUSERVICE.EXE-1F396688.pf =>.Superfluous.PCSpeedUp ---\\ Softwares de proteçao do sistema (Supérfluo) (6) - 1s O106 - SIOI: UpToDateOverlayHandler Class [ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\cicero\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\cicero\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll =>.Microsoft Corporation® O106 - SIOI: ErrorOverlayHandler Class [ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\cicero\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll =>.Microsoft Corporation® O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL de Extensão do Shell do Armazenamento A.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensões do Shell para compartilhamento.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software a.s.® ---\\ Enumeração das chaves StartupReg (14) - 1s O53 - SMSR:HKLM\...\startupreg\Avgnt [Key] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O53 - SMSR:HKLM\...\startupreg\Avirnt [Key] . (...) -- C:\Users\cicero\AppData\Roaming\Microsoft\Pluguin.exe O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite Automount [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTAgent.exe =>.Disc Soft Ltd O53 - SMSR:HKLM\...\startupreg\ECCentralOP [Key] . (...) -- D:\SISTEMAS\ECONTAB\OP.exe O53 - SMSR:HKLM\...\startupreg\GoogleChromeAutoLaunch_FB17E02B13909AC62F36CBDEE60D7774 [Key] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O53 - SMSR:HKLM\...\startupreg\HiAlgoBOOST [Key] . (.HiAlgo Inc. - HiAlgo Boost.) -- C:\Program Files (x86)\HiAlgo\Plugins\BOOST\HiAlgoBOOST.exe O53 - SMSR:HKLM\...\startupreg\HiAlgoSWITCH [Key] . (.HiAlgo Inc. - HiAlgo Switch.) -- C:\Program Files (x86)\HiAlgo\Plugins\SWITCH\HiAlgoSWITCH.exe O53 - SMSR:HKLM\...\startupreg\ISTray [Key] . (.PC Tools - PC Tools Tray Application.) -- C:\Program Files (x86)\Spyware Doctor\pctsTray.exe =>.PC Tools O53 - SMSR:HKLM\...\startupreg\LightGate [Key] . (...) -- C:\ProgramData\LightGate.exe O53 - SMSR:HKLM\...\startupreg\osmsg [Key] . (.Copyright (C) 2015 - .) -- C:\ProgramData\WindowsMsg\osmsg.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\TunnelBear [Key] . (.TunnelBear - TunnelBear.) -- C:\Program Files (x86)\TunnelBear\TBear.Client.exe =>.TunnelBear O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\cicero\AppData\Roaming\uTorrent\uTorrent.exe ---\\ Lista dos drivers do sistema (79) - 10s O58 - SDL:2015/07/10 13:35:08 A . (.Advanced Card Systems Ltd. - PCSC/CCID IFD Handler.) -- C:\Windows\System32\drivers\a38ccid.sys [72208] =>.Microsoft Windows Hardware Compatibility Publisher® O58 - SDL:2009/07/13 23:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2008/07/30 12:45:40 A . (.Aladdin Knowledge Systems, Ltd. - PCSC IFD handler for eToken.) -- C:\Windows\System32\drivers\aksifdh.sys [62632] {7BD92765A3195DD9F2D53F0CDEB5D062} O58 - SDL:2008/07/30 12:45:40 A . (.Aladdin Knowledge Systems, Ltd. - USB pipe driver for eToken.) -- C:\Windows\System32\drivers\aksup.sys [44712] {7BD92765A3195DD9F2D53F0CDEB5D062} O58 - SDL:2009/07/13 23:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2011/03/11 04:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2011/03/11 04:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2015/11/07 18:40:43 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:02 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [28144] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:43 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [97648] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:39:30 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [466400] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:42 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:43 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:04 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [1059656] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:43 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [449992] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:43 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [154256] =>.AVAST Software a.s.® O58 - SDL:2015/11/07 18:40:43 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [273784] =>.AVAST Software a.s.® O58 - SDL:2009/06/10 18:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:1999/12/31 22:00:00 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL664.SYS [6534248] =>.Broadcom Corporation® O58 - SDL:2009/06/10 18:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 18:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 23:19:07 A . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 18:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 18:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 18:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:1999/12/31 22:00:00 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [598328] =>.Broadcom Corporation® O58 - SDL:1999/12/31 22:00:00 A . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\drivers\btwl2cap.sys [39976] =>.Broadcom Corporation® O58 - SDL:2009/06/10 18:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2009/07/13 23:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2015/10/14 17:12:39 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtlitescsibus.sys [30264] =>.Disc Soft Ltd® O58 - SDL:2009/06/10 18:35:09 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G6032E.sys [145792] =>.Intel Corporation O58 - SDL:2009/07/13 23:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2009/06/10 18:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2015/07/14 12:44:38 AH . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\drivers\hamachi.sys [33856] =>.LogMeIn, Inc.® O58 - SDL:2009/06/10 18:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:1999/12/31 22:00:00 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344] =>.Intel Corporation® O58 - SDL:2010/11/20 05:33:36 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2013/11/21 09:31:28 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [632168] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2013/11/21 09:31:28 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2011/03/11 04:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2013/02/19 14:44:08 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12312928] =>.Intel Corporation O58 - SDL:2009/07/13 23:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2010/07/08 17:52:44 A . (.SafeNet, Inc. - iKey Enumerator.) -- C:\Windows\System32\drivers\IKEYENUM.SYS [16160] =>.SafeNet, Inc.® O58 - SDL:2010/07/08 17:52:44 A . (.SafeNet, Inc. - iKey Virtual Reader Device Driver.) -- C:\Windows\System32\drivers\IKEYIFD.SYS [22304] =>.SafeNet, Inc.® O58 - SDL:2010/02/26 17:32:14 A . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\Windows\System32\drivers\Impcd.sys [158976] =>.Intel Corporation O58 - SDL:1999/12/31 22:00:00 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [317440] =>.Intel(R) Corporation O58 - SDL:2009/07/13 23:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] =>.Malwarebytes Corporation® O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] =>.Malwarebytes Corporation® O58 - SDL:2016/01/01 12:02:50 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation® O58 - SDL:2009/07/13 23:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2015/10/05 09:50:18 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704] =>.Malwarebytes Corporation® O58 - SDL:2009/07/13 23:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2011/03/11 04:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2011/03/11 04:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2010/07/08 17:52:44 A . (.SafeNet, Inc. - iKey Token Device Driver.) -- C:\Windows\System32\drivers\RNBTOKEN.SYS [24352] =>.SafeNet, Inc.® O58 - SDL:2009/06/10 18:35:42 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 64-bit Dr.) -- C:\Windows\System32\drivers\Rt64win7.sys [187392] =>.Realtek Corporation O58 - SDL:2015/09/22 19:36:40 A . (.Razer, Inc. - Razer Overlay Support.) -- C:\Windows\System32\drivers\rzpmgrk.sys [37184] =>.Razer Inc.® O58 - SDL:2009/06/10 18:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/13 22:00:40 A . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 23:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2015/08/10 19:11:42 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap-tb-0901.sys [38656] =>.TunnelBear, Inc.® O58 - SDL:2009/09/16 08:02:42 A . (.Tunngle.net - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901t.sys [31232] =>.Tunngle.net O58 - SDL:2009/07/13 23:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® O58 - SDL:2015/10/26 11:15:46 AH . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\hamachi.sys [34720] =>.LogMeIn, Inc.® ---\\ Últimos ficheiros alterados ou criados (Utilizador) (25) - 48s O61 - LFC: 2015/12/31 11:00:47 A . (..) -- C:\Users\cicero\Downloads\DUCSetup_v4_1_1.exe [241720] {08987B15170A5C6DE6E18FD6A23BD938} O61 - LFC: 2015/12/31 11:27:14 A . (.Lazar Laszlo.) -- C:\Users\cicero\Downloads\Lazar_Crypter_1.3 (1).exe [425194] O61 - LFC: 2015/12/31 11:24:03 A . (.Lazar Laszlo.) -- C:\Users\cicero\Downloads\Lazar_Crypter_1.3.exe [425194] O61 - LFC: 2015/12/30 17:02:40 A . (..) -- C:\Users\cicero\Downloads\PlayCheat - PBBR (23-12).exe [21504] O61 - LFC: 2015/12/28 19:24:23 A . (.Quantum LLC.) -- C:\Users\cicero\Downloads\quantum-setup.exe [12433528] {74CB8A9F6210A537EAE293153461ED0C} O61 - LFC: 2015/12/31 10:58:38 A . (.Setup Engine Copyright © 2004-2013 Indigo Rose Corpor.) -- C:\Users\cicero\Downloads\simple-port-tester-3-0-0-es-en-win.exe [3714209] O61 - LFC: 2015/12/28 22:46:17 A . (.Optimal Software s.r.o..) -- C:\Users\cicero\Downloads\velocidadedopc_fe1c01c3c6c0447ebb1ed7dbaa6378c3_.exe [602776] {50C21E22FC95CC7EFFB6E44F30CE0384} =>.Superfluous.OptimalSoftware O61 - LFC: 2015/12/28 19:29:19 A . (.Quantum LLC.) -- C:\Users\cicero\Documents\update1.exe [12433528] {74CB8A9F6210A537EAE293153461ED0C} O61 - LFC: 2016/01/05 17:36:17 AH . (..) -- C:\Users\cicero\Desktop\Server.exe [29696] O61 - LFC: 2015/12/31 18:37:17 A . (..) -- C:\Users\cicero\AppData\Roaming\Mirillis\Action\back.bin [20] O61 - LFC: 2016/01/05 17:36:17 A . (..) -- C:\Users\cicero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\93f19dda2412c86ad7520ba4198f39a0.exe [29696] O61 - LFC: 2015/12/30 13:47:34 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\avutil-ttv-51.dll [246332] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\jinput-dx8.dll [61952] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\jinput-dx8_64.dll [65024] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\jinput-raw.dll [59392] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\jinput-raw_64.dll [62464] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\jinput-wintab.dll [56832] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\libmp3lame-ttv.dll [394810] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\lwjgl.dll [298496] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\lwjgl64.dll [310272] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\OpenAL32.dll [390144] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\OpenAL64.dll [382464] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\swresample-ttv-0.dll [113171] O61 - LFC: 2015/12/30 13:47:35 A . (..) -- C:\Users\cicero\AppData\Roaming\.technic\modpacks\herane\bin\natives\twitchsdk.dll [967168] O61 - LFC: 2015/12/28 22:49:47 A . (..) -- C:\Users\cicero\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser\index\www.pcspeedup.com [86] ---\\ Associações Shell Spawning (9) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de inicialização Internet (16) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software ---\\ Pesquisa de infeção nos navegadores da Internet (44) - 42s O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.searchengine.uid", "[xpconnect wrapped nsIUUIDGenerator]"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.uid", "ST9500420AS_5VJB46SCXXXX5VJB46SC"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1446515944&z=9c9d470d4b672141e714c28g9z[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("browser.startup.homepage", "http://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=83f1ad47a7ea7a776d77e20cdd166339")[...] =>PUP.Optional.Browser O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.SupraSavings.created", 1405003560); =>PUP.Optional.SupraSavings O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.SupraSavings.license", "D8DCE398-9820-3A26-FDC0-60ABB135B0CD"); =>PUP.Optional.SupraSavings O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.SupraSavings.source", "54C1CAEC-3448-4C94-8EF7-1313689B8F99"); =>PUP.Optional.SupraSavings O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.internaldb.monetization_plugin_bundledUrls[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.internaldb.monetization_plugin_bundledWith[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.internaldb.monetization_plugin_notBundledA[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.internaldb.monetization_plugin_regBundledW[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.name", "TheTorntvs V10"); =>PUP.Optional.TornTV O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.name", "Plus-HD-5.0"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a9d2db1ce83264e61a7ee63d4ff932995ed00643899218cf824d695com61195.61195.internaldb.monetization_plugin_bundled[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a9d2db1ce83264e61a7ee63d4ff932995ed00643899218cf824d695com61195.61195.internaldb.monetization_plugin_notBund[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a9d2db1ce83264e61a7ee63d4ff932995ed00643899218cf824d695com61195.61195.internaldb.monetization_plugin_regBund[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.a9d2db1ce83264e61a7ee63d4ff932995ed00643899218cf824d695com61195.61195.name", "CinemaxME"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 [...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_bundledWithHash.value", "null"); =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb [...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D"); =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.aJLPQ94732309TRY102138975com62056.62056.name", "Plus-HD-5.0c"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.expi[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledWithHash.[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_notBundledArr_.e[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_notBundledArr_.v[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_regBundledWithSo[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.name", "CinemaPlus-3.2cV25.10"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.publisher", "CinemaPlus-3.2cV25.10"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [cicero - l0p60a2c.default] user_pref("{1457d95f-dd62-4e3c-820f-ccef2bea9201}.ScriptData_product_name", "shopperz20072015"); =>PUP.Optional.Shopperz O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKLM] {E921F400-D383-4B1B-9DE6-FCFCACFC1173} [DefaultScope] - (navegaki) - http://search.navegaki.com?q={searchTerms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki O69 - SBI: SearchScopes [HKUS\.DEFAULT] {E921F400-D383-4B1B-9DE6-FCFCACFC1173} [DefaultScope] - (navegaki) - http://search.navegaki.com?q={searchTerms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki O69 - SBI: SearchScopes [HKUS\S-1-5-18] {E921F400-D383-4B1B-9DE6-FCFCACFC1173} [DefaultScope] - (navegaki) - http://search.navegaki.com?q={searchTerms}&uid={14a90de56c3943b8bbf8d63f2fe917ed}&r=eg =>PUP.Optional.Navegaki ---\\ Listagem dos serviços iniciados pelo Svchost (33) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2608128] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de pla.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation ---\\ Lista das exceções do FireWall (FirewallRules) (23) - 6s O87 - FAEL: "{FFBF30F8-2515-40B3-AEC2-73E64E91B790}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Mitos.is The Game\Mitosis.exe O87 - FAEL: "{8B7E2AC5-D485-4A49-BE66-BE45437A2716}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Mitos.is The Game\Mitosis.exe O87 - FAEL: "{92B76201-0EB6-4461-8019-6EB11BAEFCC7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\World of Soccer online\World of Soccer online.exe O87 - FAEL: "{19252E43-345B-4C94-BC66-0DA96C39A336}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\World of Soccer online\World of Soccer online.exe O87 - FAEL: "{E0DCE327-55CD-4A9D-9C1D-44CA83342541}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{2A83D761-4243-43FC-A33B-82956DA1B02E}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{0F610D5B-BC24-4EBB-9042-F043B2E09F93}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{F7549802-6E7F-4C9E-A2B2-92A7D1C185B8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{027E8B42-0086-4EEF-95A3-E0D3FB5907E1}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{2EC39F81-4930-4B42-ADC1-3C38C802874C}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{C45BEC1F-28C7-4E4A-8EBD-6D2D95E5AC9C}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe {55C7F0AA57213024FE248E5182C9C6C7} O87 - FAEL: "{C3894E75-38B8-4F79-9395-6F7109BFB392}" [In-None-P6-TRUE] .(.Zepetto - Point Blank.) -- C:\ongame\Pointblank\PointBlank.exe {4BC8341367B36212C6C28ED5C546F854} O87 - FAEL: "{A9379198-4AEE-4590-AAFF-15C82CD55C00}" [In-None-P17-TRUE] .(.Zepetto - Point Blank.) -- C:\ongame\Pointblank\PointBlank.exe {4BC8341367B36212C6C28ED5C546F854} O87 - FAEL: "{E7691C8C-D906-4A85-BB15-3F660E21354F}" [In-None-P6-TRUE] .(...) -- C:\Users\cicero\Desktop\spy net\SpyNet.exe (.not file.) O87 - FAEL: "{52D6CC2E-6915-4900-B86B-61C5D9589114}" [In-None-P17-TRUE] .(...) -- C:\Users\cicero\Desktop\spy net\SpyNet.exe (.not file.) O87 - FAEL: "{06860429-C7B5-44FD-9849-9D9DD5280653}" [In-None-P6-FALSE] .(...) -- C:\Users\cicero\Desktop\spy net\SpyNet.exe (.not file.) O87 - FAEL: "{D1941083-1E8C-4DFE-8CE5-71608BEB3BB8}" [In-None-P17-FALSE] .(...) -- C:\Users\cicero\Desktop\spy net\SpyNet.exe (.not file.) O87 - FAEL: "{CAEED2C2-DE12-4254-B33C-8055E862DD8E}" [In-None-P6-TRUE] .(...) -- C:\Users\cicero\Desktop\Server.exe O87 - FAEL: "{7DFB87CC-8977-4844-949E-778224F2A684}" [In-None-P17-TRUE] .(...) -- C:\Users\cicero\Desktop\Server.exe O87 - FAEL: "{24F254DD-23FD-45ED-96BC-A41D259F8EB7}" [In-None-P6-TRUE] .(...) -- C:\Users\cicero\Desktop\xtreme\xtreme 3.6 vip.exe (.not file.) O87 - FAEL: "{24E8A1D7-3BA8-4E87-9C9C-7B6E54106FD0}" [In-None-P17-TRUE] .(...) -- C:\Users\cicero\Desktop\xtreme\xtreme 3.6 vip.exe (.not file.) O87 - FAEL: "{FAEC34FF-2B84-461A-969D-657914FD28EF}" [In-None-P6-FALSE] .(...) -- C:\Users\cicero\Desktop\xtreme\xtreme 3.6 vip.exe (.not file.) O87 - FAEL: "{E4194718-65DB-4FD8-9741-F79A43BA7575}" [In-None-P17-FALSE] .(...) -- C:\Users\cicero\Desktop\xtreme\xtreme 3.6 vip.exe (.not file.) ---\\ Listagem dos códigos dos software (1) - 1s O90 - PUC: "93BAD29AC2E44034A96BCB446EB8552E" . (.globalupdate Helper.) =>PUP.Optional.GlobalUpdate ---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (35) - 22s SS - Demand [25/10/2014] [ 16064] Action! service (ACTION_SVC) . (...) - C:\Program Files (x86)\Mirillis\Action!\action_svc.exe =>.Mirillis® SS - Auto [28/10/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [21/07/2015] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [25/11/2015] [ 2016448] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® SR - Auto [07/11/2015] [ 174416] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.® SR - Auto [07/11/2015] [ 109520] Avast Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe =>.AVAST Software a.s.® SR - Auto [23/10/2012] [ 1005944] Bluetooth Service (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe =>.Broadcom Corporation® SS - Demand [18/06/2015] [ 1268568] Disc Soft Lite Bus Service (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe =>.Disc Soft Ltd® SR - Auto [03/10/2011] [ 155136] Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.Firebird Project.) - C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe =>.Firebird Project SR - Demand [03/10/2011] [ 5683712] Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) . (.Firebird Project.) - C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe =>.Firebird Project SS - Auto [16/10/2015] [ 1762304] GoogleChromeUpService (GoogleChromeUpService) . (.TODO: <公司名>.) - C:\ProgramData\upgsvr.exe SR - Auto [25/12/2015] [ 2787328] GoogleChromeUpSvc (GoogleChromeUpSvc) . (.TODO:.) - C:\ProgramData\Windows Update\upgsvr--.exe SS - Auto [29/08/2015] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [29/08/2015] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [21/11/2013] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology® SR - Auto [31/12/1999] [ 268824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation® SS - Demand [19/10/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [20/07/2015] [ 12288] NO-IP DUC v4.1.1 (NoIPDUCService4) . (.Copyright © 2012.) - C:\Program Files (x86)\No-IP\ducservice.exe SR - Auto [14/08/2015] [ 445384] PC Speed Up Service (PCSUService) . (.Optimal Software s.r.o..) - C:\Program Files (x86)\Velocidade Do PC\PCSUService.exe {50C21E22FC95CC7EFFB6E44F30CE0384} =>.Superfluous.PCSpeedUp SS - Demand [19/10/2015] [ 2417376] PDF Architect 4 (PDF Architect 4) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 4\ws.exe =>.pdfforge GmbH® SS - Demand [19/10/2015] [ 1038048] PDF Architect 4 CrashHandler (PDF Architect 4 CrashHandler) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 4\crash-handler-ws.exe =>.pdfforge GmbH® SR - Auto [19/10/2015] [ 851168] PDF Architect 4 Creator (PDF Architect 4 Creator) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 4\creator-ws.exe =>.pdfforge GmbH® SR - Auto [05/10/2015] [ 959248] PDF Architect 4 Manager (PDF Architect 4 Manager) . (.© pdfforge GmbH..) - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe =>.pdfforge GmbH® SR - Auto [23/09/2015] [ 188072] Razer Game Scanner (Razer Game Scanner Service) . (.Copyright © 2013-2015.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe =>.Razer Inc.® SR - Auto [28/10/2015] [ 129168] RzKLService (RzKLService) . (.Razer Inc..) - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe =>.Razer Inc.® SS - Auto [14/01/2014] [ 11192] SACSrv (SACSrv) . (.SafeNet, Inc..) - C:\Program Files\Safenet\Authentication\SAC\x64\SACSrv.exe =>.SafeNet, Inc.® SR - Auto [07/01/2009] [ 348752] PC Tools Auxiliary Service (sdAuxService) . (.PC Tools.) - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools SR - Auto [21/01/2009] [ 1095560] PC Tools Security Service (sdCoreService) . (.PC Tools.) - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe {0DBD834441EB5DA04C0C3A88C3BD42FC} =>.PC Tools SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SS - Demand [14/10/2015] [ 838224] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® SS - Demand [09/12/2015] [ 97880] Survarium-Steam Update Service (Survarium-Steam Update Service) . (...) - C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe {55C7F0AA57213024FE248E5182C9C6C7} SR - Auto [10/12/2015] [ 153224] The Calendar Service (TheCalendarService) . (.Copyright (C) 2015.) - C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarServ.exe {6726020D51A8625A1F9F13803B1FE9EE} SR - Auto [26/10/2015] [ 37376] TunnelBear Maintenance (TunnelBearMaintenance) . (.Copyright © 2013.) - C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe =>.TunnelBear, Inc.® SS - Auto [31/12/1999] [ 2320920] Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation® ---\\ Scâner Aditional (29) - 0s HKLM\SYSTEM\CurrentControlSet\Services\PCSUService =>.Superfluous.PCSpeedUp C:\Program Files (x86)\Velocidade Do PC\PCSUService.exe =>.Superfluous.PCSpeedUp C:\Program Files (x86)\Velocidade Do PC\PCSUSD.exe =>.Superfluous.PCSpeedUp C:\Windows\Tasks\PC SpeedUp Service Deactivator.job =>.Superfluous.PCSpeedUp C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator =>.Superfluous.PCSpeedUp C:\Users\cicero\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpaakpeehepibjpdmoocdaonognfiog =>Hijacker.Browser HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 =>.Superfluous.OptimalSoftware HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D4F102C5-EEA1-CAE1-8E67-1A7FCE27F673} =>Heuristique.Suspect HKLM\SOFTWARE\Wow6432Node\Speedchecker Limited =>PUP.Optional.InternetSpeedChecker HKCU\SOFTWARE\93f19dda2412c86ad7520ba4198f39a0 =>PUP.Optional.CrossRider HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\Speedchecker Limited =>PUP.Optional.InternetSpeedChecker HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner HKCU\SOFTWARE\yahooprovidedsearch =>PUP.Optional.Dealply C:\Program Files (x86)\cc211a16-7cb6-4559-a416-00e0a4d9fbc7 =>PUP.Optional.CrossRider C:\Program Files (x86)\ddd707ee-f5c2-413a-a7e0-183b6f78b921 =>PUP.Optional.CrossRider C:\Program Files (x86)\e48f59c3-b87a-4bac-b032-418aa6336d56 =>PUP.Optional.CrossRider C:\Program Files (x86)\e70ec5a3-faee-4eac-a4b5-f53a503f738d =>PUP.Optional.CrossRider C:\Program Files (x86)\f5e2bbeb-a554-4e16-9a92-2734914fe903 =>PUP.Optional.CrossRider C:\Users\cicero\AppData\Roaming\WeatherTool =>PUP.Optional.WeatherTool C:\Users\cicero\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\Windows\Prefetch\PCSUSD.EXE-61D26DB6.pf =>.Superfluous.PCSpeedUp C:\Windows\Prefetch\PCSUSERVICE.EXE-1F396688.pf =>.Superfluous.PCSpeedUp C:\Users\cicero\Downloads\velocidadedopc_fe1c01c3c6c0447ebb1ed7dbaa6378c3_.exe =>.Superfluous.OptimalSoftware HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} =>PUP.Optional.Navegaki HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} =>PUP.Optional.Navegaki HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} =>PUP.Optional.Navegaki HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate HKLM\Software\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate ---\\ Informações complémentaires do módulos (20) - 0s http://www.nicolascoolman.fr/?p=1255 =>.Superfluous.PCSpeedUp http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Browser http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Navegaki http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.OptimalSoftware http://www.nicolascoolman.fr/?p=4664 =>Heuristique.Suspect http://www.nicolascoolman.fr/pup-internetspeedchecker/ =>PUP.Optional.InternetSpeedChecker http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore http://www.nicolascoolman.fr/pup-maxcomputercleaner/ =>PUP.Optional.MaxComputerCleaner http://www.nicolascoolman.fr/?p=203 =>PUP.Optional.Dealply http://www.nicolascoolman.fr/pup-optional-weathertool =>PUP.Optional.WeatherTool http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.CrashReports http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchEngine http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/?p=621 =>PUP.Optional.SupraSavings http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Monetization http://www.nicolascoolman.fr/?p=290 =>PUP.Optional.TornTV http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Shopperz http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate ~ End of the scan, 30551 items in 00h07mn47s (1267)(0)