~ ZHPDiag v2016.6.14.104 Por Nicolas Coolman (2016/06/10) ~ iniciado por David (Administrator) (2016/06/17 12:26:53) ~ Site: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Status da versão: ~ Modo: Scanner ~ Relatório: C:\Users\David\Desktop\ZHPDiag.txt ~ Relatório: C:\Users\David\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Inicialização do sistema: Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 10586) ---\\ Navegadores Internet (3) - 0s GCIE: Google Chrome v51.0.2704.84 MFIE: Mozilla Firefox 44.0.2 (x86 pt-BR) MSIE: Internet Explorer v11.420.10586.0 ---\\ Informações sobre os produtos Windows (3) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ Softwares de proteçao do sistema (2) - 3s Avast Free Antivirus v11.2.2262 Windows Defender (Deactivate) ---\\ Monitoramento dos softwares (2) - 4s Adobe Flash Player 10 Plugin Adobe Acrobat Reader DC - Português ---\\ Softwares de partilha do PeerToPeer (P2P) (1) - 5s µTorrent v3.4.7.42330 ---\\ Informações sobre o sistema (6) - 0s ~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 6153.304 MB (71% free) System Restore: Activé (Enable) System drive C: has 49 GB () free of 151 GB ---\\ Modo de conexão ao sistema (3) - 0s ~ Computer Name: DAVID ~ User Name: David ~ Logged in as Administrator ---\\ Enumeração das unidades dos discos (3) - 0s ~ Drive C: has 49 GB free of 151 GB (System) ~ Drive E: has 0 GB free of 3 GB ~ Drive F: has 185 GB free of 324 GB ---\\ Estado do Centro de Segurança do Windows (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Pesquisa particular de ficheiros genéricos (24) - 3s [MD5.E15BEB03592BA12C5C99E2BA46146BDD] - 28/05/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4515264] =>.Microsoft Windows® [MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher® [MD5.75CC21C976BFF286E706AA2D133EB9D4] - 28/05/2016 - (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation [MD5.5C156EC4E44E30331BCC865A3B61D839] - 23/04/2016 - (.Microsoft Corporation - Aplicativo de Logon do Windows.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation [MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation [MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 29/03/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows® [MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 29/03/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows® [MD5.70148EFA9A562E7185B75BBE7D376BF7] - 14/01/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows® [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows® [MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation [MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation [MD5.935823F79CBEDB91637B63D37E3A5A36] - 29/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation [MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Driver de porta i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation [MD5.0B3B0C1D86050355676640488FA897D3] - 23/02/2016 - (.Microsoft Corporation - Minirdr SMB do Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows® [MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation [MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows® [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Driver de porta paralela.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation [MD5.E3C82823B22463BC38AA4F8ADA852624] - 23/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 14/01/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows® [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows® ---\\ Serviços NT não Microsoft e não desativados (15) - 4s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.® O23 - Service: Clean Master Core Service (cmcore) . (.Kingsoft Corporation - Clean Master.) - F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe =>.Beijing Kingsoft Security software Co.,Ltd® O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA Corporation® O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios - HiPatchService.) - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX® O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation® O23 - Service: Phhoiedsteduied Monitor (PhhmntService) . (...) - C:\Program Files (x86)\Phhoiedsteduied\PhhmntService.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} (.not file.) O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp® O23 - Service: SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) - F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® ---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (26) - 45s SR - Auto [22/04/2016] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SR - Auto [02/03/2016] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SR - Auto [15/05/2016] [ 243296] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.® SS - Disabl [12/08/2015] [ 462096] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SR - Auto [16/06/2016] [ 315208] Clean Master Core Service (cmcore) . (.Kingsoft Corporation.) - F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe =>.Beijing Kingsoft Security software Co.,Ltd® SR - Demand [27/08/2015] [ 291744] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX® SR - Auto [02/05/2016] [ 1165368] NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA Corporation® SS - Auto [10/01/2016] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [10/01/2016] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [10/01/2016] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc® SPaused - Auto [10/03/2016] [ 9728] Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios.) - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios SR - Auto [27/08/2015] [ 330136] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation SS - Demand [19/03/2016] [ 651576] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Disabl [15/03/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [02/05/2016] [ 1881144] NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation® SR - Demand [02/05/2016] [ 3634232] NVIDIA Streamer Network Service (NvStreamNetworkSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe =>.NVIDIA Corporation® SR - Auto [02/05/2016] [ 2522680] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation® SR - Auto [22/07/2015] [ 937800] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation SS - Demand [14/01/2016] [ 2104840] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.® SS - Demand [29/05/2016] [ 1289968] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe =>.Overwolf Ltd® SR - Auto [03/08/2015] [ 312056] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp® SS - Disabl [11/12/2013] [ 1050904] Service KMSELDI (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico SR - Auto [31/03/2016] [ 5231048] SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan.) - F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Demand [14/06/2016] [ 1518672] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® ---\\ Tarefas planificadas automaticamente (22) - 6s [MD5.00000000000000000000000000000000] [APT] [Nome da tarefa] (...) -- Tarefa a ser executada (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.DE7BC28EAE6A62BC35754D1DCA4ECF38] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672] (.Activate.) =>.Adobe Systems, Incorporated® [MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] (.Activate.) =>HackTool.KMSpico [MD5.1282F8C897DBF180BCF3F6F6968DE2C3] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1517200] (.Activate.) =>.AVAST Software a.s.® [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.23E7A0AC59EBD01068858BC9F5D48446] [APT] [Overwolf Updater Task] (.Overwolf LTD.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1289968] (.Activate.) =>.Overwolf Ltd® [MD5.00000000000000000000000000000000] [APT] [Phhoiedsteduied Monitor] (...) -- C:\Program Files (x86)\Phhoiedsteduied\PhhmntTask.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.2E696C90B2D1DD842F59E38FD212D225] [APT] [SafeZone scheduled Autoupdate 1458723230] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [735736] (.Activate.) =>.AVAST Software s.r.o.® [MD5.6CF0ACD321C93EB978C4908DEB79B7FB] [APT] [{1ECBEF96-1487-4483-A2C7-6F160D4276F2}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [941720] (.Activate.) =>.Google Inc® [MD5.00000000000000000000000000000000] [APT] [{635C7F0F-DF87-4237-BA06-823F4A0C3C2B}] (...) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\Uninst.exe (.not file.) [0] (.Activate.) =>.Superfluous.Tencent [MD5.23985274780D27117C470AA259B79B30] [APT] [Apple] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416] (.Activate.) =>.Apple Inc.® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1084] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1088] =>.Google Inc® O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] =>.Adobe Systems, Incorporated® O39 - APT: AutoPico Daily Restart - (...) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3796] =>HackTool.KMSpico O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\System32\Tasks\avast! Emergency Update [4280] =>.AVAST Software a.s.® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3436] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3660] =>.Google Inc® O39 - APT: Overwolf Updater Task - (.Overwolf LTD.) -- C:\WINDOWS\System32\Tasks\Overwolf Updater Task [3808] =>.Overwolf Ltd® O39 - APT: Phhoiedsteduied Monitor - (...) -- C:\WINDOWS\System32\Tasks\Phhoiedsteduied Monitor [9048] (.Orphan.) =>.Superfluous.Orphan O39 - APT: SafeZone scheduled Autoupdate 1458723230 - (.Avast Software.) -- C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458723230 [4006] =>.AVAST Software s.r.o.® ---\\ Processos lançados (45) - 4s [MD5.DFCCA437717EACA8418F47992A41B39A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) -- C:\Windows\System32\nvvsvc.exe [937800] [PID.1172] =>.NVIDIA Corporation® [MD5.DFCCA437717EACA8418F47992A41B39A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) -- C:\Windows\System32\nvvsvc.exe [937800] [PID.1372] =>.NVIDIA Corporation® [MD5.75909533EECD0CD9D5974B59474AA6C0] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [330136] [PID.1548] =>.Intel Corporation - pGFX® [MD5.DBE1ADA144291F8E0F29ECC40AE14562] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056] [PID.1700] =>.Realtek Semiconductor Corp® [MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.1804] =>.Realtek Semiconductor Corp® [MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.1812] =>.Realtek Semiconductor Corp® [MD5.BB812787B838A74943DEF209350C3883] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [291744] [PID.1892] =>.Intel Corporation - pGFX® [MD5.A24AF1F8186B4B69D54DCC4B059CA695] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296] [PID.1616] =>.AVAST Software a.s.® [MD5.B937831896A32FE264B26DD97A3E432D] - (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe [315208] [PID.1820] =>.Beijing Kingsoft Security software Co.,Ltd® [MD5.36114214BF8D7C464D1E92E4EB6B2DD3] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2476] =>.Adobe Systems, Incorporated® [MD5.CA209960730B15E0CDFD6058475AB2AC] - (.Hi-Rez Studios - HiPatchService.) -- F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728] [PID.2572] =>.Hi-Rez Studios [MD5.77BE9E1AFCE995652A1C4FF4C8A0F839] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680] [PID.2616] =>.NVIDIA Corporation® [MD5.FA9BC0048ED46C5FB5C93EAFFC97F63D] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144] [PID.2624] =>.NVIDIA Corporation® [MD5.3B3774C868868257533EC7E715BB6D53] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.2688] =>.Apple Inc.® [MD5.29D989D1762C518FD768BD0C6B17210B] - (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5231048] [PID.2724] {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan [MD5.4CEDC66C726F7BE116BE7694B3CD22CD] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368] [PID.2744] =>.NVIDIA Corporation® [MD5.AF5BE3694A76365874B8967331049F2C] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232] [PID.3424] =>.NVIDIA Corporation® [MD5.3E7E1E950F123521C5CE072E61929DA4] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe [21328952] [PID.3912] =>.NVIDIA Corporation® [MD5.80A11F070E9EEFCB48B357E9E0E2C7D1] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [541600] [PID.4732] =>.Intel Corporation - pGFX® [MD5.E3566F4FD0B1FC99C6ED09E318155D67] - (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmtray.exe [771912] [PID.4764] =>.Beijing Kingsoft Security software Co.,Ltd® [MD5.B6C52FADECE225339D02B6923E930B5C] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [258456] [PID.4784] =>.Intel Corporation - pGFX® [MD5.8D2A1935AE10BE1E11A8C58B2F473560] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxTray.exe [395168] [PID.4828] =>.Intel Corporation - pGFX® [MD5.641B19018CB32619ADBD0AED4964E1D9] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760] [PID.4644] =>.Realtek Semiconductor Corp® [MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.724] =>.Realtek Semiconductor Corp® [MD5.C8AC55CCB8AB33713522B4CAAFAC0F59] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776] [PID.3632] =>.NVIDIA Corporation® [MD5.4594479D2DFD81830D91066EE210714E] - (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe [45296] [PID.4920] =>.Overwolf Ltd® [MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.2648] =>.BitTorrent Inc® [MD5.2D6800E17FEBB51E3C75CD935E2BA8F5] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [7405752] [PID.5976] =>.AVAST Software a.s.® [MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.5828] =>.Elaborate Bytes AG® [MD5.A833D342409B76742F7CCFC342837370] - (.NVIDIA Corporation - OpenAutomate wrapper cache.) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe [346552] [PID.2664] =>.Nvidia Corporation® [MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.5848] =>.BitTorrent Inc. [MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.4700] =>.BitTorrent Inc. [MD5.4FA12350B04AAECF0D3893ADFB65101C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\David\Desktop\ZHPDiag3.exe [2216960] [PID.2764] =>.Nicolas Coolman [MD5.691F0AC6AFBBBEEFA9B8340076E5B151] - (.Overwolf LTD - Overlay.) -- C:\Program Files (x86)\Common Files\Overwolf\0.95.40.0\OverwolfHelper.exe [77552] [PID.6988] =>.Overwolf Ltd® [MD5.E53A0E7F08E43D0447AA281FD5B4223D] - (.Overwolf LTD - Overlay.) -- C:\Program Files (x86)\Common Files\Overwolf\0.95.40.0\OverwolfHelper64.exe [86256] [PID.6928] =>.Overwolf Ltd® [MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.6992] =>.Google Inc® [MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.5684] =>.Google Inc® [MD5.A425CDCEB9D26E9A5ABAFA259799D447] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe [312472] [PID.6600] =>.Google Inc® [MD5.B2A4B2F0623CB4B661E731B768C57DD6] - (.VideoLAN - VLC media player.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [137152] [PID.6284] =>.VideoLAN® [MD5.ADB8D21FC136BC4092A7F87DD4426F50] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2917456] [PID.7152] =>.Valve® [MD5.CF320FE13D0BCA3E79A20E99B72E80D4] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [2062416] [PID.5108] =>.Valve® [MD5.A4FC868F6FC03876E29E4D87731B8E31] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1518672] [PID.2832] =>.Valve® [MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.7340] =>.Google Inc® [MD5.CF320FE13D0BCA3E79A20E99B72E80D4] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [2062416] [PID.6016] =>.Valve® [MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.7420] =>.Google Inc® ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (11) - 2s M0 - MFSP: prefs.js [David - c9bouejj.default] https://www.google.com.br/ P2 - EXT: (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll =>.Microsoft Corporation® P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation® P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated® P2 - EXT: (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll {4EAB2828AFC3987D9D86D3770E741255} =>.RealNetworks, Inc. P2 - EXT: (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll =>.RealNetworks, Inc. P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\WMP Firefox Plugin License.rtf P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\WMP Firefox Plugin RelNotes.txt P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc. ---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Gestão do Proxy (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Redireção do ficheiro Hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (31) ---\\ Browser Helper Objects do navegador (3) - 1s O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation® O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>.Google Inc® O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® ---\\ Aplicações iniciadas por registo & pastas (24) - 1s O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe =>.NVIDIA Corporation® O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.® O4 - HKLM\..\Run: [SoftEther VPN Client UI Helper] . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.® O4 - HKCU\..\Run: [Overwolf] . (.Copyright Overwolf © 2016 - Overwolf Launcher.) -- C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd® O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software a.s.® O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.® O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG® O4 - HKLM\..\Wow6432Node\Run: [cmsc] . (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmtray.exe =>.Beijing Kingsoft Security software Co.,Ltd® O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.® O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [Overwolf] . (.Copyright Overwolf © 2016 - Overwolf Launcher.) -- C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd® O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® ---\\ Atalhos globais Startup (72) - 10s O4 - GS\Desktop [Administrador]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe O4 - GS\Desktop [Administrador]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe O4 - GS\Desktop [Administrador]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe O4 - GS\Desktop [Administrador]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe O4 - GS\Desktop [Administrador]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group® O4 - GS\Desktop [Administrador]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Administrador]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe O4 - GS\Desktop [Administrador]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845} O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrador]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrador]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe O4 - GS\Quicklaunch [Administrador]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Administrador]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe O4 - GS\sendTo [Administrador]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrador]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Desktop [Convidado]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe O4 - GS\Desktop [Convidado]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe O4 - GS\Desktop [Convidado]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe O4 - GS\Desktop [Convidado]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe O4 - GS\Desktop [Convidado]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group® O4 - GS\Desktop [Convidado]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Convidado]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe O4 - GS\Desktop [Convidado]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845} O4 - GS\Desktop [Convidado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Convidado]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\Quicklaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Convidado]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe O4 - GS\Quicklaunch [Convidado]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Convidado]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe O4 - GS\sendTo [Convidado]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Convidado]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Desktop [David]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe O4 - GS\Desktop [David]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe O4 - GS\Desktop [David]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe O4 - GS\Desktop [David]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe O4 - GS\Desktop [David]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group® O4 - GS\Desktop [David]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [David]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe O4 - GS\Desktop [David]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845} O4 - GS\Desktop [David]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [David]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\Quicklaunch [David]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [David]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe O4 - GS\Quicklaunch [David]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [David]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe O4 - GS\sendTo [David]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [David]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [David]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software a.s.® O4 - GS\CommonDesktop [Public]: Blade & Soul.lnk . (.NCSOFT Corporation - NCLauncher.) C:\Program Files (x86)\NCWest\NCLauncher\NCLauncher.exe =>.NCsoft Corp.® O4 - GS\CommonDesktop [Public]: Clean Master.lnk . (.Kingsoft Corporation - Clean Master.) F:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe =>.Beijing Kingsoft Security software Co.,Ltd® O4 - GS\CommonDesktop [Public]: CPUID CPU-Z.lnk . (.CPUID - CPU-Z Application.) C:\Program Files\CPUID\CPU-Z\cpuz.exe =>.CPUID® O4 - GS\CommonDesktop [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software® O4 - GS\CommonDesktop [Public]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience Launcher Applicat.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe =>.NVIDIA Corporation® O4 - GS\CommonDesktop [Public]: Hi-Rez Diagnostics and Support.lnk . (.Hewlett-Packard Company - HiRezGamesDiagAndSupport.) F:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe =>.Hi-Rez Studios, Inc.® O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc. O4 - GS\CommonDesktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.® O4 - GS\CommonDesktop [Public]: Overwolf.lnk . (.Copyright Overwolf © 2016 - Overwolf Launcher.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd® O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: Smite.lnk . (...) F:\Program Files (x86)\Hi-Rez Studios\HirezLauncherUI.exe =>.Hi-Rez Studios, Inc.® O4 - GS\CommonDesktop [Public]: SoftEther VPN Client Manager.lnk . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) F:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan O4 - GS\CommonDesktop [Public]: Steam.lnk . (...) C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\CommonDesktop [Public]: Virtual CloneDrive.lnk . (.Elaborate Bytes AG - VirtualCloneDrive Preferences.) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe =>.Elaborate Bytes AG O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\CommonDesktop [Public]: Wirecast.lnk . (.Telestream LLC - .) C:\Program Files (x86)\Telestream\Wirecast\Wirecast.exe O4 - GS\Programs [Public]: iPadian.lnk . (...) C:\Program Files (x86)\iPadian\iPadian.exe O4 - GS\Programs [Public]: Slave (F).lnk . (...) F:\ ---\\ Alteração Dominio/Clientes DNS (6) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = motoman.lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.8.20 172.22.8.28 O17 - HKLM\System\CCS\Services\Tcpip\..\{a5a05bb8-5ca2-42b1-9f2c-8fbc942f416a}: DhcpNameServer = 172.22.8.20 172.22.8.28 O17 - HKLM\System\CCS\Services\Tcpip\..\{ad7c8130-d85c-49cb-97b6-1f013aa39f09}: DhcpNameServer = 172.22.8.20 172.22.8.28 O17 - HKLM\System\CCS\Services\Tcpip\..\{a5a05bb8-5ca2-42b1-9f2c-8fbc942f416a}: DhcpDomain = motoman.lan O17 - HKLM\System\CCS\Services\Tcpip\..\{ad7c8130-d85c-49cb-97b6-1f013aa39f09}: DhcpDomain = motoman.lan ---\\ Protocolo adicional (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (1) - 0s O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 368.) - C:\Windows\System32\nvinitx.dll ---\\ Software instalados (89) - 23s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: Adobe Acrobat Reader DC - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {47FA2C44-D148-4DBC-AF60-B91934AA4842} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824184103} =>.Adobe Systems Incorporated O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2E4AF2A6-50EA-4260-9BA4-5E582D11879A} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc. O42 - Logiciel: ARK: Survival Of The Fittest - (.Studio Wildcard.) [HKLM][64Bits] -- Steam App 407530 =>.Valve® O42 - Logiciel: Atualizações da NVIDIA 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast =>.AVAST Software a.s.® O42 - Logiciel: Blade & Soul - (.NC Interactive, LLC.) [HKLM][64Bits] -- {C3F383C1-D050-4A40-843F-8171A6A02C3A} =>.NC Interactive, LLC O42 - Logiciel: Blade & Soul - (.NC Interactive, LLC.) [HKLM][64Bits] -- InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A} =>.NC Interactive, LLC O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM][64Bits] -- CDisplay_is1 =>.dvd8n O42 - Logiciel: Clean Master - (.Cheetah Mobile.) [HKLM][64Bits] -- Clean Master =>.Beijing Kingsoft Security software Co.,Ltd® O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve® O42 - Logiciel: CPUID CPU-Z 1.72.1 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1 O42 - Logiciel: Debut Video Capture Software - (.NCH Software.) [HKLM][64Bits] -- Debut =>.NCH Software® O42 - Logiciel: EaseUS Partition Master 10.8 Trial Edition - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master Trial Edition_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.® O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc. O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect O42 - Logiciel: Hi-Rez Studios Authenticate and Update Service - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} =>.Hi-Rez Studios, Inc.® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX® O42 - Logiciel: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2016 O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {A31C5565-90D9-4615-AE13-94D86C3836C7} =>.Apple Inc. O42 - Logiciel: Java 7 Update 79 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217079FF} =>.Oracle O42 - Logiciel: Java Auto Updater - (.Oracle, Inc..) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle, Inc. O42 - Logiciel: K-Lite Mega Codec Pack 4.8.5 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Mozilla Firefox 44.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 44.0.2 (x86 pt-BR) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: NCSOFT Game Launcher - (.NCSOFT.) [HKLM][64Bits] -- NCLauncher_NCWest =>.NCsoft Corp.® O42 - Logiciel: Nexon Launcher - (.Nexon.) [HKLM][64Bits] -- Nexon Nexon Launcher =>.Nexon O42 - Logiciel: NVIDIA Driver de gráficos 361.43 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA GeForce Experience 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation O42 - Logiciel: NVIDIA GeForce Experience Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA LED Visualizer 1.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Network Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Optimus Update 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA ShadowPlay 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Software do sistema PhysX 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Audio 1.2.40 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.® O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] -- Overwolf =>.Overwolf Ltd® O42 - Logiciel: Painel de controle da NVIDIA 353.62 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group O42 - Logiciel: SafeZone Stable 1.48.2066.101 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 1.48.2066.101 =>.AVAST Software s.r.o.® O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation O42 - Logiciel: Skype™ 7.24 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A. O42 - Logiciel: Smite - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017} =>.Hi-Rez Studios, Inc.® O42 - Logiciel: SoftEther VPN Client - (.SoftEther VPN Project.) [HKLM][64Bits] -- softether_sevpnclient {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} =>.Valve Corporation O42 - Logiciel: Subtitle Edit 3.4.11 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 =>.Nikse O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E} =>.Apple Inc. O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {2937FD88-C9D6-4B82-B539-37CD0A572F42} =>.Apple Inc. O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH O42 - Logiciel: Total Video Converter 3.71 100812 - (.EffectMatrix Inc..) [HKLM][64Bits] -- Total Video Converter 3.71_is1 O42 - Logiciel: Tree of Savior (English Ver.) - (.IMCGAMES Co.,Ltd..) [HKLM][64Bits] -- Steam App 372000 =>.Valve® O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5} =>.Microsoft Corporation® O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation® O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation® O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation® O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive =>.Elaborate Bytes O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU][64Bits] -- WhatsApp {046660C4A56E0FD7E8FAC0B7BA03A845} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corp O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: Wirecast - (.Telestream LLC.) [HKLM][64Bits] -- {13CCAC84-0C34-4D13-8C99-02D9F8B4C714} ---\\ HKCU & HKLM Software Keys (117) - 23s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\cmcm HKLM\SOFTWARE\Wow6432Node\Codec Tweak Tool HKLM\SOFTWARE\Wow6432Node\DivXNetworks HKLM\SOFTWARE\Wow6432Node\EaseUS HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Hi-Rez Studios HKLM\SOFTWARE\Wow6432Node\HiRez Studios HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\iTinySoft HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Kamuse Inc. HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\macrium HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Miray HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\NCH Software HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound HKLM\SOFTWARE\Wow6432Node\NCWest HKLM\SOFTWARE\Wow6432Node\Nikse HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Origin HKLM\SOFTWARE\Wow6432Node\Overwolf HKLM\SOFTWARE\Wow6432Node\PowerPivot HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\RecordDISCXXX HKLM\SOFTWARE\Wow6432Node\Rene.E Laboratory HKLM\SOFTWARE\Wow6432Node\S3R521 HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Soaktiwaw HKLM\SOFTWARE\Wow6432Node\SoftEther Project HKLM\SOFTWARE\Wow6432Node\Softgogo HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Waves Audio HKLM\SOFTWARE\Wow6432Node\Windows HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\Avast Software HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\CDisplay HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\cmcm HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\EaseUS HKCU\SOFTWARE\Elaborate Bytes HKCU\SOFTWARE\FreeReign HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GinnoGames HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GSpot Appliance Corp HKCU\SOFTWARE\Haali HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\INCAInternet HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\kde.org HKCU\SOFTWARE\macrium HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\NCH Software HKCU\SOFTWARE\NCH Swift Sound HKCU\SOFTWARE\Neowiz HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nexon HKCU\SOFTWARE\Nexon Launcher HKCU\SOFTWARE\NVIDIA Corporation HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Overwolf HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Rene.E Laboratory HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SoftEther Project HKCU\SOFTWARE\SWiSHzone.com HKCU\SOFTWARE\SyncEngines HKCU\SOFTWARE\Telestream HKCU\SOFTWARE\Telestream LLC HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\UltraSnap HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\University of Tsukuba HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VSRevoGroup HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\WireCastSupportAssistant HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Conteúdo das pastas Programs (275) - 80s O43 - CFD: 10/01/2016 - [0] SHD -- C:\Program Files\Arquivos Comuns O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.® O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.® O43 - CFD: 17/06/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\CPUID =>.CPUID® O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\DIFX =>.Duodian Online Technology Co. Ltd.® O43 - CFD: 22/11/2014 - [] D -- C:\Program Files\Embedded Lockdown Manager O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Google O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Intel O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 30/03/2016 - [] D -- C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 30/03/2016 - [] AD -- C:\Program Files\iTunes =>.Apple Inc.® O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files\KMSpico =>HackTool.KMSpico O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 13/01/2016 - [] AD -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft SQL Server O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 17/01/2016 - [] D -- C:\Program Files\MSBuild O43 - CFD: 05/06/2016 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation® O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\OBS O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 17/01/2016 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\Soaktiwaw O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files\SoaktiwawUn O43 - CFD: 05/05/2016 - [] AD -- C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak Systems GmbH® O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Telestream O43 - CFD: 26/07/2012 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Windows NT O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar O43 - CFD: 16/06/2016 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation® O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell O43 - CFD: 22/03/2016 - [] AD -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.® O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.® O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\CDisplay O43 - CFD: 17/06/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\EaseUS =>.CHENGDU YIWO Tech Development Co., Ltd.® O43 - CFD: 25/04/2016 - [] D -- C:\Program Files (x86)\Elaborate Bytes O43 - CFD: 14/06/2016 - [] D -- C:\Program Files (x86)\gg =>.Superfluous.Tencent O43 - CFD: 22/03/2016 - [] AD -- C:\Program Files (x86)\Glyph O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 15/03/2016 - [] HD -- C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 11/05/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX® O43 - CFD: 14/06/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\NCH Software =>.NCH Software® O43 - CFD: 17/01/2016 - [] AD -- C:\Program Files (x86)\NCSOFT O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\NCWest =>.NCsoft Corp.® O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\Nexon O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.NVIDIA Corporation® O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\OBS O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.® O43 - CFD: 14/01/2016 - [0] D -- C:\Program Files (x86)\Origin Games O43 - CFD: 16/06/2016 - [] AD -- C:\Program Files (x86)\Overwolf =>.Overwolf Ltd® O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Programas RFB O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 30/03/2016 - [0] D -- C:\Program Files (x86)\Runtime Software O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files (x86)\Shoruyjjsp O43 - CFD: 14/06/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 17/06/2016 - [] AD -- C:\Program Files (x86)\Steam =>.Valve® O43 - CFD: 19/04/2016 - [] AD -- C:\Program Files (x86)\Subtitle Edit O43 - CFD: 17/04/2016 - [] AD -- C:\Program Files (x86)\Total Video Converter O43 - CFD: 14/01/2016 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 11/02/2016 - [] D -- C:\Program Files (x86)\uTorrent =>.BitTorrent Inc® O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files (x86)\Wutaingjlaph O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8 O43 - CFD: 25/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes O43 - CFD: 14/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 14/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client O43 - CFD: 16/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 19/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telestream O43 - CFD: 17/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Apple O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 17/06/2016 - [0] D -- C:\ProgramData\Application Data O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 25/05/2016 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\boost_interprocess O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\cmcm O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Dados de Aplicativos O43 - CFD: 14/01/2016 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Electronic Arts O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Glyph O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Google O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Hi-Rez Studios O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Kingsoft O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Lavasoft O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Macrium O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Menu Iniciar O43 - CFD: 14/01/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Modelos O43 - CFD: 16/06/2016 - [0] D -- C:\ProgramData\Mozilla O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\NCH Software O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\NVIDIA O43 - CFD: 11/04/2016 - [] D -- C:\ProgramData\NVIDIA Corporation O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Oracle O43 - CFD: 21/01/2016 - [] D -- C:\ProgramData\Origin O43 - CFD: 02/02/2016 - [] D -- C:\ProgramData\Overwolf O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\PRICache O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Real O43 - CFD: 14/01/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 16/06/2016 - [0] D -- C:\ProgramData\Skype O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Sun O43 - CFD: 23/03/2016 - [0] D -- C:\ProgramData\Telestream O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\USOShared O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\WEBZEN O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\AV O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Overwolf O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/06/2016 - [] AD -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 16/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Adobe O43 - CFD: 24/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Apple Computer O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\AVAST Software O43 - CFD: 17/01/2016 - [0] D -- C:\Users\David\AppData\Roaming\Awesomium O43 - CFD: 13/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Identities O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Macromedia O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Media Player Classic O43 - CFD: 14/06/2016 - [] SD -- C:\Users\David\AppData\Roaming\Microsoft O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Mozilla O43 - CFD: 11/03/2016 - [] D -- C:\Users\David\AppData\Roaming\NCH Software O43 - CFD: 31/03/2016 - [] D -- C:\Users\David\AppData\Roaming\NEOWIZ O43 - CFD: 20/04/2016 - [] D -- C:\Users\David\AppData\Roaming\NexonLauncher O43 - CFD: 08/06/2016 - [] D -- C:\Users\David\AppData\Roaming\NVIDIA O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Origin O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Profiles O43 - CFD: 10/01/2016 - [0] D -- C:\Users\David\AppData\Roaming\Real O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Shooter O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Skype O43 - CFD: 11/05/2016 - [] D -- C:\Users\David\AppData\Roaming\Subtitle Edit O43 - CFD: 05/05/2016 - [] D -- C:\Users\David\AppData\Roaming\TS3Client O43 - CFD: 14/06/2016 - [0] D -- C:\Users\David\AppData\Roaming\up4GV O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Roaming\uTorrent O43 - CFD: 23/03/2016 - [0] D -- C:\Users\David\AppData\Roaming\Vara Software O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Roaming\vlc O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\VSRevoGroup O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\WhatsApp O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Roaming\WinRAR O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Wirecast Play O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Roaming\ZHP O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\ActiveSync O43 - CFD: 15/03/2016 - [] D -- C:\Users\David\AppData\Local\Adobe O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Apple O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Apple Computer O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Local\assembly O43 - CFD: 25/05/2016 - [] D -- C:\Users\David\AppData\Local\BlueStacks O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\CEF O43 - CFD: 28/01/2016 - [] D -- C:\Users\David\AppData\Local\Comms O43 - CFD: 16/06/2016 - [0] D -- C:\Users\David\AppData\Local\CrashDumps O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Dados de Aplicativos O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\Diagnostics O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\ElevatedDiagnostics O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\FreeReign O43 - CFD: 22/03/2016 - [] D -- C:\Users\David\AppData\Local\Glyph O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Google O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Histórico O43 - CFD: 25/05/2016 - [] D -- C:\Users\David\AppData\Local\Macromedia O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\Microsoft O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\Microsoft Help O43 - CFD: 31/01/2016 - [] D -- C:\Users\David\AppData\Local\MicrosoftEdge O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Local\Mozilla O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\NetworkTiles O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\NexonLauncher O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\Nox O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\NVIDIA O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\Nvidia Corporation O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Origin O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Local\Overwolf O43 - CFD: 02/05/2016 - [] D -- C:\Users\David\AppData\Local\Packages O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\Profiles O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Programs O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Publishers O43 - CFD: 10/01/2016 - [0] D -- C:\Users\David\AppData\Local\Real O43 - CFD: 14/06/2016 - [0] D -- C:\Users\David\AppData\Local\Skype O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Local\SquirrelTemp O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Steam O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Local\Temp O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Temporary Internet Files O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\TileDataLayer O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\VirtualStore O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Local\WhatsApp O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\Programs\Common O43 - CFD: 30/10/2015 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 14/01/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 16/06/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome O43 - CFD: 30/10/2015 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 20/04/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon O43 - CFD: 02/02/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf O43 - CFD: 01/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2016 O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 16/06/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 31/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 14/01/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 22/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 16/06/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DataSharing O43 - CFD: 02/02/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Packages ---\\ Últimos arquivos criados no Windows Prefetcher (2) - 16s O45 - LFCP:[MD5.C35982E96EAF4B82EA119FF11E5A7FE8] 14/06/2016 A -- C:\WINDOWS\Prefetch\OHMYTABS.EXE-265C6E6D.pf =>PUP.Optional.OhMyTabs O45 - LFCP:[MD5.B5AE0082BA7F6FE7980E1538E5D842D1] 16/06/2016 A -- C:\WINDOWS\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent ---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 1s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software a.s.® ---\\ Lista dos drivers do sistema (72) - 15s O58 - SDL:2015/10/30 04:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys [37656] =>.AVAST Software a.s.® (ALWIL Software) O58 - SDL:2016/05/15 15:51:46 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\aswKbd.sys [37144] =>.AVAST Software a.s.® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [107792] =>.AVAST Software a.s.® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr2.sys [103064] =>.AVAST Software a.s.® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [74544] =>.AVAST Software a.s.® (ALWIL Software) O58 - SDL:2016/05/15 15:51:47 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [1070904] =>.AVAST Software a.s.® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [465792] =>.AVAST Software a.s.® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStm.sys [166432] =>.AVAST Software a.s.® O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys [287528] =>.AVAST Software a.s.® (ALWIL Software) O58 - SDL:2015/08/13 21:11:48 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys [4318760] =>.WDKTestCert qcaswbld,130129545209614653® O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/03/09 08:48:34 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys [599240] =>.Qualcomm Atheros® O58 - SDL:2015/10/30 04:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows® O58 - SDL:2013/03/04 09:24:27 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\WINDOWS\System32\drivers\ElbyCDIO.sys [40344] =>.Elaborate Bytes AG® O58 - SDL:2015/10/30 04:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows® O58 - SDL:2012/07/17 17:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation® O58 - SDL:2015/10/30 04:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows® O58 - SDL:2015/08/27 17:20:10 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3797424] =>.Intel Corporation - pGFX® O58 - SDL:2015/08/21 10:50:48 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/07/20 16:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50240] =>.Intel(R) Wireless Display® O58 - SDL:2015/07/20 16:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38976] =>.Intel(R) Wireless Display® O58 - SDL:2016/06/16 21:55:01 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\WINDOWS\System32\drivers\ksapi.sys [81768] =>.Beijing Kingsoft Security software Co.,Ltd® O58 - SDL:2016/06/16 21:55:01 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\WINDOWS\System32\drivers\ksapi64.sys [56680] =>.Beijing Kingsoft Security software Co.,Ltd® O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows® O58 - SDL:2016/03/31 20:50:09 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216] =>.SoftEther Corporation® O58 - SDL:2016/05/22 18:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys [13509184] =>.NVIDIA Corporation® O58 - SDL:2016/05/22 18:02:52 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvpciflt.sys [47048] =>.NVIDIA Corporation® O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows® O58 - SDL:2016/04/14 02:38:19 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [56384] =>.NVIDIA Corporation® O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] =>.Realtek O58 - SDL:2015/08/03 23:21:50 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4518136] =>.Realtek Semiconductor Corp® O58 - SDL:2015/05/14 11:10:30 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [402960] =>.Microsoft Windows Hardware Compatibility Publisher® O58 - SDL:2016/03/31 20:47:47 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\SeLow_x64.sys [51024] =>.SoftEther Corporation® O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows® O58 - SDL:2016/02/09 11:16:26 A . (.Windows (R) Win 7 DDK provider - Telestream Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\tsvadpcm.sys [33552] =>.Telestream Inc.® O58 - SDL:2015/06/17 16:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2015/09/16 03:07:12 A . (.BigNox Corporation - VirtualBox USB Monitor Driver.) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [127432] =>.Duodian Online Technology Co. Ltd.® O58 - SDL:2013/07/24 12:02:55 A . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\WINDOWS\System32\drivers\VClone.sys [34816] =>.Elaborate Bytes AG O58 - SDL:2015/10/30 04:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows® O58 - SDL:2015/09/16 00:29:46 A . (.BigNox Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\XQHDrv.sys [253384] =>.Duodian Online Technology Co. Ltd.® O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\WINDOWS\System32\epmntdrv.sys [18528] =>.CHENGDU YIWO Tech Development Co., Ltd.® O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\WINDOWS\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.® ---\\ Últimos ficheiros alterados ou criados (Utilizador) (12) - 108s O61 - LFC: 2016/06/17 10:22:54 A . (.ToolsLib.) -- C:\Users\David\Desktop\AdwCleaner.exe [3703360] {090323230C295BD623F42B911882691E} O61 - LFC: 2016/06/09 18:17:04 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\Update.exe [1942800] {046660C4A56E0FD7E8FAC0B7BA03A845} O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\ffmpeg.dll [2009600] O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\natives_blob.bin [412130] O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\snapshot_blob.bin [618708] O61 - LFC: 2016/06/09 18:17:04 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\squirrel.exe [1942800] {046660C4A56E0FD7E8FAC0B7BA03A845} O61 - LFC: 2016/06/09 21:27:00 A . (.WhatsApp.) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\WhatsApp.exe [79310608] {046660C4A56E0FD7E8FAC0B7BA03A845} O61 - LFC: 2016/06/17 12:28:11 A . (..) -- C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192] O61 - LFC: 2016/06/16 19:57:56 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d9c\DAO.20857007.exe [0] O61 - LFC: 2016/06/17 06:56:16 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d1b\vops-counter_strike_global_offensive.20852605.exe [458752] O61 - LFC: 2016/06/17 06:55:48 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d0b\CoProc update.20851393.exe [294912] O61 - LFC: 2016/06/17 12:24:45 A . (..) -- C:\Users\David\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148] ---\\ Associações Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® ---\\ Menu de inicialização Internet (16) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software ---\\ Pesquisa de infeção nos navegadores da Internet (2) - 9s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Listagem dos serviços iniciados pelo Svchost (41) - 1s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [1339904] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll [963072] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll [997376] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Serviço de Configuração de Rede.) -- C:\WINDOWS\System32\NetSetupSvc.dll [207360] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Geolocalização.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2281472] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Atualizar Sessão do Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [368640] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL do Serviço de Gerenciamento do Windows.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation ---\\ Lista das exceções do FireWall (FirewallRules) (24) - 5s O87 - FAEL: "TCP Query User{83B40C6E-8F5A-43CB-A2D3-6748481130EF}C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P6-TRUE] .(...) -- C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.) O87 - FAEL: "UDP Query User{72959660-404A-4B9B-BDC8-34576FC6B824}C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P17-TRUE] .(...) -- C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.) O87 - FAEL: "{B35DC69A-9C5E-418E-99F0-03421F054DBC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Steam SteamApps Games O87 - FAEL: "{9672EDC4-A978-4DE7-9FA0-D3B25DC27E65}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{7C3F1ECC-3241-45C7-9C8A-CF50A940433C}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{BF110C6E-46C3-4A6B-B903-3BF027087BC1}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{333C34F0-AE80-46BB-98DF-2F6EDD6C5EE9}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico O87 - FAEL: "{E92918D5-0B1A-4E20-9C5E-8A021A943211}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico O87 - FAEL: "{DB2321D1-69CF-48C4-9D3F-53F93AFB6015}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico O87 - FAEL: "{0F72CE28-AED1-4A46-A0DC-AB5C34C5CF55}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico O87 - FAEL: "TCP Query User{09BFD1D6-F2AC-4344-A278-09ADA71ECBE9}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{022C78BC-CA8F-42E2-A83B-A4396F64C5CD}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{E8884487-D8C5-451C-B4F4-A9A33F515962}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico O87 - FAEL: "{10A4E927-FE96-4269-8767-40F91F2DB3E6}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico O87 - FAEL: "TCP Query User{560D5A3B-2AAC-4658-91EF-1AC021B50FD1}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{14D1D91B-4693-4156-9087-E780909B6D08}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{FC9C3DE0-4766-4789-BA1C-8A7A5D9FE6FD}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{866467B8-6F88-459E-BCD4-A5D333707FA7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{4ECFD83B-ECCB-48FF-AE98-B9F267B3CF3C}F:\downloads\project icarus online\bin64\launcher.exe" [In-None-P6-TRUE] .(...) -- F:\downloads\project icarus online\bin64\launcher.exe {476BF24A4B1E9F4BC2A61B152115E1FE} O87 - FAEL: "UDP Query User{FD5C4E6A-B708-4BF2-9F38-534EA61ABDC5}F:\downloads\project icarus online\bin64\launcher.exe" [In-None-P17-TRUE] .(...) -- F:\downloads\project icarus online\bin64\launcher.exe {476BF24A4B1E9F4BC2A61B152115E1FE} O87 - FAEL: "TCP Query User{65C23CA6-6CEE-4F31-BDAD-5DE2EAD0EB84}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P6-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.) O87 - FAEL: "UDP Query User{1AFE21BF-040E-4A11-8CFF-D42D56F81875}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P17-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.) O87 - FAEL: "TCP Query User{9C04F31E-3B40-4F54-BD63-287674378C9E}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P6-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.) O87 - FAEL: "UDP Query User{C569621C-A808-46FB-8427-B61CDDFBB01F}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P17-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.) ---\\ Claves Tracing (2) - 1s HKLM\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASAPI32 =>.Superfluous.CSDI HKLM\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASMANCS =>.Superfluous.CSDI ---\\ Scâner Aditional (18) - 0s HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\undefined =>.Superfluous.Downloader C:\Program Files\KMSpico =>HackTool.KMSpico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico C:\Users\David\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\WINDOWS\Prefetch\OHMYTABS.EXE-265C6E6D.pf =>PUP.Optional.OhMyTabs C:\WINDOWS\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico HKLM64\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASAPI32 =>.Superfluous.CSDI HKLM64\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASMANCS =>.Superfluous.CSDI ---\\ Resumo dos elementos encontrados na sua estação de trabalho (7) - 0s http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OhMyTabs https://www.nicolascoolman.info/2016/05/03/superfluous-csdi/ =>.Superfluous.CSDI ~ End of the scan, 25405 items in 00h06mn39s (1066)(0)