Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.6.14.104 Por Nicolas Coolman (2016/06/10)
~ iniciado por David (Administrator) (2016/06/17 12:26:53)
~ Site: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão:
~ Modo: Scanner
~ Relatório: C:\Users\David\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\David\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 10586)
---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v51.0.2704.84
MFIE: Mozilla Firefox 44.0.2 (x86 pt-BR)
MSIE: Internet Explorer v11.420.10586.0
---\\ Informações sobre os produtos Windows (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema (2) - 3s
Avast Free Antivirus v11.2.2262
Windows Defender (Deactivate)
---\\ Monitoramento dos softwares (2) - 4s
Adobe Flash Player 10 Plugin
Adobe Acrobat Reader DC - Português
---\\ Softwares de partilha do PeerToPeer (P2P) (1) - 5s
µTorrent v3.4.7.42330
---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 6153.304 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 49 GB () free of 151 GB
---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: DAVID
~ User Name: David
~ Logged in as Administrator
---\\ Enumeração das unidades dos discos (3) - 0s
~ Drive C: has 49 GB free of 151 GB (System)
~ Drive E: has 0 GB free of 3 GB
~ Drive F: has 185 GB free of 324 GB
---\\ Estado do Centro de Segurança do Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Pesquisa particular de ficheiros genéricos (24) - 3s
[MD5.E15BEB03592BA12C5C99E2BA46146BDD] - 28/05/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4515264] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher®
[MD5.75CC21C976BFF286E706AA2D133EB9D4] - 28/05/2016 - (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation
[MD5.5C156EC4E44E30331BCC865A3B61D839] - 23/04/2016 - (.Microsoft Corporation - Aplicativo de Logon do Windows.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 29/03/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows®
[MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 29/03/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows®
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 14/01/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.935823F79CBEDB91637B63D37E3A5A36] - 29/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Driver de porta i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.0B3B0C1D86050355676640488FA897D3] - 23/02/2016 - (.Microsoft Corporation - Minirdr SMB do Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation
[MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Driver de porta paralela.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.E3C82823B22463BC38AA4F8ADA852624] - 23/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 14/01/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®
---\\ Serviços NT não Microsoft e não desativados (15) - 4s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.®
O23 - Service: Clean Master Core Service (cmcore) . (.Kingsoft Corporation - Clean Master.) - F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe =>.Beijing Kingsoft Security software Co.,Ltd®
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA Corporation®
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios - HiPatchService.) - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX®
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation®
O23 - Service: Phhoiedsteduied Monitor (PhhmntService) . (...) - C:\Program Files (x86)\Phhoiedsteduied\PhhmntService.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} (.not file.)
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) - F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (26) - 45s
SR - Auto [22/04/2016] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SR - Auto [02/03/2016] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Auto [15/05/2016] [ 243296] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.®
SS - Disabl [12/08/2015] [ 462096] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Auto [16/06/2016] [ 315208] Clean Master Core Service (cmcore) . (.Kingsoft Corporation.) - F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe =>.Beijing Kingsoft Security software Co.,Ltd®
SR - Demand [27/08/2015] [ 291744] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SR - Auto [02/05/2016] [ 1165368] NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA Corporation®
SS - Auto [10/01/2016] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [10/01/2016] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [10/01/2016] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SPaused - Auto [10/03/2016] [ 9728] Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios.) - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios
SR - Auto [27/08/2015] [ 330136] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
SS - Demand [19/03/2016] [ 651576] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
SS - Disabl [15/03/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [02/05/2016] [ 1881144] NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation®
SR - Demand [02/05/2016] [ 3634232] NVIDIA Streamer Network Service (NvStreamNetworkSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe =>.NVIDIA Corporation®
SR - Auto [02/05/2016] [ 2522680] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation®
SR - Auto [22/07/2015] [ 937800] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation
SS - Demand [14/01/2016] [ 2104840] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.®
SS - Demand [29/05/2016] [ 1289968] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe =>.Overwolf Ltd®
SR - Auto [03/08/2015] [ 312056] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
SS - Disabl [11/12/2013] [ 1050904] Service KMSELDI (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SR - Auto [31/03/2016] [ 5231048] SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan.) - F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Demand [14/06/2016] [ 1518672] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
---\\ Tarefas planificadas automaticamente (22) - 6s
[MD5.00000000000000000000000000000000] [APT] [Nome da tarefa] (...) -- Tarefa a ser executada (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.DE7BC28EAE6A62BC35754D1DCA4ECF38] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672] (.Activate.) =>.Adobe Systems, Incorporated®
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] (.Activate.) =>HackTool.KMSpico
[MD5.1282F8C897DBF180BCF3F6F6968DE2C3] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1517200] (.Activate.) =>.AVAST Software a.s.®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.23E7A0AC59EBD01068858BC9F5D48446] [APT] [Overwolf Updater Task] (.Overwolf LTD.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1289968] (.Activate.) =>.Overwolf Ltd®
[MD5.00000000000000000000000000000000] [APT] [Phhoiedsteduied Monitor] (...) -- C:\Program Files (x86)\Phhoiedsteduied\PhhmntTask.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.2E696C90B2D1DD842F59E38FD212D225] [APT] [SafeZone scheduled Autoupdate 1458723230] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [735736] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.6CF0ACD321C93EB978C4908DEB79B7FB] [APT] [{1ECBEF96-1487-4483-A2C7-6F160D4276F2}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [941720] (.Activate.) =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [{635C7F0F-DF87-4237-BA06-823F4A0C3C2B}] (...) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\Uninst.exe (.not file.) [0] (.Activate.) =>.Superfluous.Tencent
[MD5.23985274780D27117C470AA259B79B30] [APT] [Apple] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416] (.Activate.) =>.Apple Inc.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1084] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1088] =>.Google Inc®
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] =>.Adobe Systems, Incorporated®
O39 - APT: AutoPico Daily Restart - (...) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3796] =>HackTool.KMSpico
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\System32\Tasks\avast! Emergency Update [4280] =>.AVAST Software a.s.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3436] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3660] =>.Google Inc®
O39 - APT: Overwolf Updater Task - (.Overwolf LTD.) -- C:\WINDOWS\System32\Tasks\Overwolf Updater Task [3808] =>.Overwolf Ltd®
O39 - APT: Phhoiedsteduied Monitor - (...) -- C:\WINDOWS\System32\Tasks\Phhoiedsteduied Monitor [9048] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: SafeZone scheduled Autoupdate 1458723230 - (.Avast Software.) -- C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458723230 [4006] =>.AVAST Software s.r.o.®
---\\ Processos lançados (45) - 4s
[MD5.DFCCA437717EACA8418F47992A41B39A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) -- C:\Windows\System32\nvvsvc.exe [937800] [PID.1172] =>.NVIDIA Corporation®
[MD5.DFCCA437717EACA8418F47992A41B39A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) -- C:\Windows\System32\nvvsvc.exe [937800] [PID.1372] =>.NVIDIA Corporation®
[MD5.75909533EECD0CD9D5974B59474AA6C0] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [330136] [PID.1548] =>.Intel Corporation - pGFX®
[MD5.DBE1ADA144291F8E0F29ECC40AE14562] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056] [PID.1700] =>.Realtek Semiconductor Corp®
[MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.1804] =>.Realtek Semiconductor Corp®
[MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.1812] =>.Realtek Semiconductor Corp®
[MD5.BB812787B838A74943DEF209350C3883] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [291744] [PID.1892] =>.Intel Corporation - pGFX®
[MD5.A24AF1F8186B4B69D54DCC4B059CA695] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296] [PID.1616] =>.AVAST Software a.s.®
[MD5.B937831896A32FE264B26DD97A3E432D] - (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe [315208] [PID.1820] =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.36114214BF8D7C464D1E92E4EB6B2DD3] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2476] =>.Adobe Systems, Incorporated®
[MD5.CA209960730B15E0CDFD6058475AB2AC] - (.Hi-Rez Studios - HiPatchService.) -- F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728] [PID.2572] =>.Hi-Rez Studios
[MD5.77BE9E1AFCE995652A1C4FF4C8A0F839] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680] [PID.2616] =>.NVIDIA Corporation®
[MD5.FA9BC0048ED46C5FB5C93EAFFC97F63D] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144] [PID.2624] =>.NVIDIA Corporation®
[MD5.3B3774C868868257533EC7E715BB6D53] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.2688] =>.Apple Inc.®
[MD5.29D989D1762C518FD768BD0C6B17210B] - (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5231048] [PID.2724] {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
[MD5.4CEDC66C726F7BE116BE7694B3CD22CD] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368] [PID.2744] =>.NVIDIA Corporation®
[MD5.AF5BE3694A76365874B8967331049F2C] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232] [PID.3424] =>.NVIDIA Corporation®
[MD5.3E7E1E950F123521C5CE072E61929DA4] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe [21328952] [PID.3912] =>.NVIDIA Corporation®
[MD5.80A11F070E9EEFCB48B357E9E0E2C7D1] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [541600] [PID.4732] =>.Intel Corporation - pGFX®
[MD5.E3566F4FD0B1FC99C6ED09E318155D67] - (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmtray.exe [771912] [PID.4764] =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.B6C52FADECE225339D02B6923E930B5C] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [258456] [PID.4784] =>.Intel Corporation - pGFX®
[MD5.8D2A1935AE10BE1E11A8C58B2F473560] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxTray.exe [395168] [PID.4828] =>.Intel Corporation - pGFX®
[MD5.641B19018CB32619ADBD0AED4964E1D9] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760] [PID.4644] =>.Realtek Semiconductor Corp®
[MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.724] =>.Realtek Semiconductor Corp®
[MD5.C8AC55CCB8AB33713522B4CAAFAC0F59] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776] [PID.3632] =>.NVIDIA Corporation®
[MD5.4594479D2DFD81830D91066EE210714E] - (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe [45296] [PID.4920] =>.Overwolf Ltd®
[MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.2648] =>.BitTorrent Inc®
[MD5.2D6800E17FEBB51E3C75CD935E2BA8F5] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [7405752] [PID.5976] =>.AVAST Software a.s.®
[MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.5828] =>.Elaborate Bytes AG®
[MD5.A833D342409B76742F7CCFC342837370] - (.NVIDIA Corporation - OpenAutomate wrapper cache.) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe [346552] [PID.2664] =>.Nvidia Corporation®
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.5848] =>.BitTorrent Inc.
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.4700] =>.BitTorrent Inc.
[MD5.4FA12350B04AAECF0D3893ADFB65101C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\David\Desktop\ZHPDiag3.exe [2216960] [PID.2764] =>.Nicolas Coolman
[MD5.691F0AC6AFBBBEEFA9B8340076E5B151] - (.Overwolf LTD - Overlay.) -- C:\Program Files (x86)\Common Files\Overwolf\0.95.40.0\OverwolfHelper.exe [77552] [PID.6988] =>.Overwolf Ltd®
[MD5.E53A0E7F08E43D0447AA281FD5B4223D] - (.Overwolf LTD - Overlay.) -- C:\Program Files (x86)\Common Files\Overwolf\0.95.40.0\OverwolfHelper64.exe [86256] [PID.6928] =>.Overwolf Ltd®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.6992] =>.Google Inc®
[MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.5684] =>.Google Inc®
[MD5.A425CDCEB9D26E9A5ABAFA259799D447] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe [312472] [PID.6600] =>.Google Inc®
[MD5.B2A4B2F0623CB4B661E731B768C57DD6] - (.VideoLAN - VLC media player.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [137152] [PID.6284] =>.VideoLAN®
[MD5.ADB8D21FC136BC4092A7F87DD4426F50] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2917456] [PID.7152] =>.Valve®
[MD5.CF320FE13D0BCA3E79A20E99B72E80D4] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [2062416] [PID.5108] =>.Valve®
[MD5.A4FC868F6FC03876E29E4D87731B8E31] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1518672] [PID.2832] =>.Valve®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.7340] =>.Google Inc®
[MD5.CF320FE13D0BCA3E79A20E99B72E80D4] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [2062416] [PID.6016] =>.Valve®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.7420] =>.Google Inc®
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (11) - 2s
M0 - MFSP: prefs.js [David - c9bouejj.default] https://www.google.com.br/
P2 - EXT: (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll =>.Microsoft Corporation®
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated®
P2 - EXT: (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll {4EAB2828AFC3987D9D86D3770E741255} =>.RealNetworks, Inc.
P2 - EXT: (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll =>.RealNetworks, Inc.
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\WMP Firefox Plugin License.rtf
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\WMP Firefox Plugin RelNotes.txt
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc.
---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Gestão do Proxy (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (31)
---\\ Browser Helper Objects do navegador (3) - 1s
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>.Google Inc®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ Aplicações iniciadas por registo & pastas (24) - 1s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe =>.NVIDIA Corporation®
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.®
O4 - HKLM\..\Run: [SoftEther VPN Client UI Helper] . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - HKCU\..\Run: [Overwolf] . (.Copyright Overwolf © 2016 - Overwolf Launcher.) -- C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd®
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software a.s.®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG®
O4 - HKLM\..\Wow6432Node\Run: [cmsc] . (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmtray.exe =>.Beijing Kingsoft Security software Co.,Ltd®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [Overwolf] . (.Copyright Overwolf © 2016 - Overwolf Launcher.) -- C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
---\\ Atalhos globais Startup (72) - 10s
O4 - GS\Desktop [Administrador]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Administrador]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe
O4 - GS\Desktop [Administrador]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Administrador]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe
O4 - GS\Desktop [Administrador]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Administrador]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Administrador]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe
O4 - GS\Desktop [Administrador]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrador]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrador]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe
O4 - GS\Quicklaunch [Administrador]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\sendTo [Administrador]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\sendTo [Administrador]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrador]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [Convidado]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Convidado]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe
O4 - GS\Desktop [Convidado]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Convidado]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe
O4 - GS\Desktop [Convidado]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Convidado]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Convidado]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe
O4 - GS\Desktop [Convidado]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Convidado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Convidado]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Convidado]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe
O4 - GS\Quicklaunch [Convidado]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\sendTo [Convidado]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\sendTo [Convidado]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\TaskBar [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Convidado]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [David]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [David]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe
O4 - GS\Desktop [David]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [David]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe
O4 - GS\Desktop [David]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [David]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [David]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe
O4 - GS\Desktop [David]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [David]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [David]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [David]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [David]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe
O4 - GS\Quicklaunch [David]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\sendTo [David]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\sendTo [David]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\TaskBar [David]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [David]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software a.s.®
O4 - GS\CommonDesktop [Public]: Blade & Soul.lnk . (.NCSOFT Corporation - NCLauncher.) C:\Program Files (x86)\NCWest\NCLauncher\NCLauncher.exe =>.NCsoft Corp.®
O4 - GS\CommonDesktop [Public]: Clean Master.lnk . (.Kingsoft Corporation - Clean Master.) F:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe =>.Beijing Kingsoft Security software Co.,Ltd®
O4 - GS\CommonDesktop [Public]: CPUID CPU-Z.lnk . (.CPUID - CPU-Z Application.) C:\Program Files\CPUID\CPU-Z\cpuz.exe =>.CPUID®
O4 - GS\CommonDesktop [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software®
O4 - GS\CommonDesktop [Public]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience Launcher Applicat.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe =>.NVIDIA Corporation®
O4 - GS\CommonDesktop [Public]: Hi-Rez Diagnostics and Support.lnk . (.Hewlett-Packard Company - HiRezGamesDiagAndSupport.) F:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe =>.Hi-Rez Studios, Inc.®
O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc.
O4 - GS\CommonDesktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - GS\CommonDesktop [Public]: Overwolf.lnk . (.Copyright Overwolf © 2016 - Overwolf Launcher.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: Smite.lnk . (...) F:\Program Files (x86)\Hi-Rez Studios\HirezLauncherUI.exe =>.Hi-Rez Studios, Inc.®
O4 - GS\CommonDesktop [Public]: SoftEther VPN Client Manager.lnk . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) F:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O4 - GS\CommonDesktop [Public]: Steam.lnk . (...) C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe
O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®
O4 - GS\CommonDesktop [Public]: Virtual CloneDrive.lnk . (.Elaborate Bytes AG - VirtualCloneDrive Preferences.) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe =>.Elaborate Bytes AG
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Wirecast.lnk . (.Telestream LLC - .) C:\Program Files (x86)\Telestream\Wirecast\Wirecast.exe
O4 - GS\Programs [Public]: iPadian.lnk . (...) C:\Program Files (x86)\iPadian\iPadian.exe
O4 - GS\Programs [Public]: Slave (F).lnk . (...) F:\
---\\ Alteração Dominio/Clientes DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = motoman.lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.8.20 172.22.8.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{a5a05bb8-5ca2-42b1-9f2c-8fbc942f416a}: DhcpNameServer = 172.22.8.20 172.22.8.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{ad7c8130-d85c-49cb-97b6-1f013aa39f09}: DhcpNameServer = 172.22.8.20 172.22.8.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{a5a05bb8-5ca2-42b1-9f2c-8fbc942f416a}: DhcpDomain = motoman.lan
O17 - HKLM\System\CCS\Services\Tcpip\..\{ad7c8130-d85c-49cb-97b6-1f013aa39f09}: DhcpDomain = motoman.lan
---\\ Protocolo adicional (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (1) - 0s
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 368.) - C:\Windows\System32\nvinitx.dll
---\\ Software instalados (89) - 23s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Acrobat Reader DC - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {47FA2C44-D148-4DBC-AF60-B91934AA4842} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824184103} =>.Adobe Systems Incorporated
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2E4AF2A6-50EA-4260-9BA4-5E582D11879A} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc.
O42 - Logiciel: ARK: Survival Of The Fittest - (.Studio Wildcard.) [HKLM][64Bits] -- Steam App 407530 =>.Valve®
O42 - Logiciel: Atualizações da NVIDIA 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast =>.AVAST Software a.s.®
O42 - Logiciel: Blade & Soul - (.NC Interactive, LLC.) [HKLM][64Bits] -- {C3F383C1-D050-4A40-843F-8171A6A02C3A} =>.NC Interactive, LLC
O42 - Logiciel: Blade & Soul - (.NC Interactive, LLC.) [HKLM][64Bits] -- InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A} =>.NC Interactive, LLC
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc.
O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM][64Bits] -- CDisplay_is1 =>.dvd8n
O42 - Logiciel: Clean Master - (.Cheetah Mobile.) [HKLM][64Bits] -- Clean Master =>.Beijing Kingsoft Security software Co.,Ltd®
O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve®
O42 - Logiciel: CPUID CPU-Z 1.72.1 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1
O42 - Logiciel: Debut Video Capture Software - (.NCH Software.) [HKLM][64Bits] -- Debut =>.NCH Software®
O42 - Logiciel: EaseUS Partition Master 10.8 Trial Edition - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master Trial Edition_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: Hi-Rez Studios Authenticate and Update Service - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} =>.Hi-Rez Studios, Inc.®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2016
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {A31C5565-90D9-4615-AE13-94D86C3836C7} =>.Apple Inc.
O42 - Logiciel: Java 7 Update 79 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217079FF} =>.Oracle
O42 - Logiciel: Java Auto Updater - (.Oracle, Inc..) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle, Inc.
O42 - Logiciel: K-Lite Mega Codec Pack 4.8.5 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 44.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 44.0.2 (x86 pt-BR) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: NCSOFT Game Launcher - (.NCSOFT.) [HKLM][64Bits] -- NCLauncher_NCWest =>.NCsoft Corp.®
O42 - Logiciel: Nexon Launcher - (.Nexon.) [HKLM][64Bits] -- Nexon Nexon Launcher =>.Nexon
O42 - Logiciel: NVIDIA Driver de gráficos 361.43 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA LED Visualizer 1.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Network Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA ShadowPlay 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Software do sistema PhysX 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Virtual Audio 1.2.40 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.®
O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] -- Overwolf =>.Overwolf Ltd®
O42 - Logiciel: Painel de controle da NVIDIA 353.62 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group
O42 - Logiciel: SafeZone Stable 1.48.2066.101 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 1.48.2066.101 =>.AVAST Software s.r.o.®
O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation
O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation
O42 - Logiciel: Skype™ 7.24 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: Smite - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017} =>.Hi-Rez Studios, Inc.®
O42 - Logiciel: SoftEther VPN Client - (.SoftEther VPN Project.) [HKLM][64Bits] -- softether_sevpnclient {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} =>.Valve Corporation
O42 - Logiciel: Subtitle Edit 3.4.11 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 =>.Nikse
O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E} =>.Apple Inc.
O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {2937FD88-C9D6-4B82-B539-37CD0A572F42} =>.Apple Inc.
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH
O42 - Logiciel: Total Video Converter 3.71 100812 - (.EffectMatrix Inc..) [HKLM][64Bits] -- Total Video Converter 3.71_is1
O42 - Logiciel: Tree of Savior (English Ver.) - (.IMCGAMES Co.,Ltd..) [HKLM][64Bits] -- Steam App 372000 =>.Valve®
O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation®
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive =>.Elaborate Bytes
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU][64Bits] -- WhatsApp {046660C4A56E0FD7E8FAC0B7BA03A845}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corp
O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Wirecast - (.Telestream LLC.) [HKLM][64Bits] -- {13CCAC84-0C34-4D13-8C99-02D9F8B4C714}
---\\ HKCU & HKLM Software Keys (117) - 23s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\cmcm
HKLM\SOFTWARE\Wow6432Node\Codec Tweak Tool
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\EaseUS
HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Hi-Rez Studios
HKLM\SOFTWARE\Wow6432Node\HiRez Studios
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\iTinySoft
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Kamuse Inc.
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\macrium
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Miray
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound
HKLM\SOFTWARE\Wow6432Node\NCWest
HKLM\SOFTWARE\Wow6432Node\Nikse
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Origin
HKLM\SOFTWARE\Wow6432Node\Overwolf
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\RecordDISCXXX
HKLM\SOFTWARE\Wow6432Node\Rene.E Laboratory
HKLM\SOFTWARE\Wow6432Node\S3R521
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Soaktiwaw
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\Softgogo
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Waves Audio
HKLM\SOFTWARE\Wow6432Node\Windows
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CDisplay
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\cmcm
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\FreeReign
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GinnoGames
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\INCAInternet
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\macrium
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Neowiz
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nexon
HKCU\SOFTWARE\Nexon Launcher
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Overwolf
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Rene.E Laboratory
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\SWiSHzone.com
HKCU\SOFTWARE\SyncEngines
HKCU\SOFTWARE\Telestream
HKCU\SOFTWARE\Telestream LLC
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\UltraSnap
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WireCastSupportAssistant
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
---\\ Conteúdo das pastas Programs (275) - 80s
O43 - CFD: 10/01/2016 - [0] SHD -- C:\Program Files\Arquivos Comuns
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.®
O43 - CFD: 17/06/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\CPUID =>.CPUID®
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\DIFX =>.Duodian Online Technology Co. Ltd.®
O43 - CFD: 22/11/2014 - [] D -- C:\Program Files\Embedded Lockdown Manager
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Google
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Intel
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 30/03/2016 - [] D -- C:\Program Files\iPod =>.Apple Inc.®
O43 - CFD: 30/03/2016 - [] AD -- C:\Program Files\iTunes =>.Apple Inc.®
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation®
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 13/01/2016 - [] AD -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft SQL Server
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 05/06/2016 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\OBS
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics®
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\Soaktiwaw
O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files\SoaktiwawUn
O43 - CFD: 05/05/2016 - [] AD -- C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak Systems GmbH®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Telestream
O43 - CFD: 26/07/2012 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 16/06/2016 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell
O43 - CFD: 22/03/2016 - [] AD -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\CDisplay
O43 - CFD: 17/06/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\EaseUS =>.CHENGDU YIWO Tech Development Co., Ltd.®
O43 - CFD: 25/04/2016 - [] D -- C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files (x86)\gg =>.Superfluous.Tencent
O43 - CFD: 22/03/2016 - [] AD -- C:\Program Files (x86)\Glyph
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 15/03/2016 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 11/05/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX®
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation®
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\NCH Software =>.NCH Software®
O43 - CFD: 17/01/2016 - [] AD -- C:\Program Files (x86)\NCSOFT
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\NCWest =>.NCsoft Corp.®
O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\Nexon
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.NVIDIA Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\OBS
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.®
O43 - CFD: 14/01/2016 - [0] D -- C:\Program Files (x86)\Origin Games
O43 - CFD: 16/06/2016 - [] AD -- C:\Program Files (x86)\Overwolf =>.Overwolf Ltd®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Programas RFB
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 30/03/2016 - [0] D -- C:\Program Files (x86)\Runtime Software
O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files (x86)\Shoruyjjsp
O43 - CFD: 14/06/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl®
O43 - CFD: 17/06/2016 - [] AD -- C:\Program Files (x86)\Steam =>.Valve®
O43 - CFD: 19/04/2016 - [] AD -- C:\Program Files (x86)\Subtitle Edit
O43 - CFD: 17/04/2016 - [] AD -- C:\Program Files (x86)\Total Video Converter
O43 - CFD: 14/01/2016 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 11/02/2016 - [] D -- C:\Program Files (x86)\uTorrent =>.BitTorrent Inc®
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files (x86)\Wutaingjlaph
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
O43 - CFD: 25/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 14/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
O43 - CFD: 16/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 19/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telestream
O43 - CFD: 17/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Apple
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 17/06/2016 - [0] D -- C:\ProgramData\Application Data
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 25/05/2016 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 14/01/2016 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Glyph
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Google
O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Hi-Rez Studios
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Lavasoft
O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Macrium
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 14/01/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 16/06/2016 - [0] D -- C:\ProgramData\Mozilla
O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\NCH Software
O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 11/04/2016 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 21/01/2016 - [] D -- C:\ProgramData\Origin
O43 - CFD: 02/02/2016 - [] D -- C:\ProgramData\Overwolf
O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Real
O43 - CFD: 14/01/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 16/06/2016 - [0] D -- C:\ProgramData\Skype
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Sun
O43 - CFD: 23/03/2016 - [0] D -- C:\ProgramData\Telestream
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\WEBZEN
O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\AV
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Overwolf
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/06/2016 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 16/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Adobe
O43 - CFD: 24/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Apple Computer
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\AVAST Software
O43 - CFD: 17/01/2016 - [0] D -- C:\Users\David\AppData\Roaming\Awesomium
O43 - CFD: 13/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Identities
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Macromedia
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Media Player Classic
O43 - CFD: 14/06/2016 - [] SD -- C:\Users\David\AppData\Roaming\Microsoft
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Mozilla
O43 - CFD: 11/03/2016 - [] D -- C:\Users\David\AppData\Roaming\NCH Software
O43 - CFD: 31/03/2016 - [] D -- C:\Users\David\AppData\Roaming\NEOWIZ
O43 - CFD: 20/04/2016 - [] D -- C:\Users\David\AppData\Roaming\NexonLauncher
O43 - CFD: 08/06/2016 - [] D -- C:\Users\David\AppData\Roaming\NVIDIA
O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Origin
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Profiles
O43 - CFD: 10/01/2016 - [0] D -- C:\Users\David\AppData\Roaming\Real
O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Shooter
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Skype
O43 - CFD: 11/05/2016 - [] D -- C:\Users\David\AppData\Roaming\Subtitle Edit
O43 - CFD: 05/05/2016 - [] D -- C:\Users\David\AppData\Roaming\TS3Client
O43 - CFD: 14/06/2016 - [0] D -- C:\Users\David\AppData\Roaming\up4GV
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Roaming\uTorrent
O43 - CFD: 23/03/2016 - [0] D -- C:\Users\David\AppData\Roaming\Vara Software
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Roaming\vlc
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\VSRevoGroup
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\WhatsApp
O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Roaming\WinRAR
O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Wirecast Play
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Roaming\ZHP
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\ActiveSync
O43 - CFD: 15/03/2016 - [] D -- C:\Users\David\AppData\Local\Adobe
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Apple
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Apple Computer
O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Local\assembly
O43 - CFD: 25/05/2016 - [] D -- C:\Users\David\AppData\Local\BlueStacks
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\CEF
O43 - CFD: 28/01/2016 - [] D -- C:\Users\David\AppData\Local\Comms
O43 - CFD: 16/06/2016 - [0] D -- C:\Users\David\AppData\Local\CrashDumps
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Dados de Aplicativos
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\Diagnostics
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\ElevatedDiagnostics
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\FreeReign
O43 - CFD: 22/03/2016 - [] D -- C:\Users\David\AppData\Local\Glyph
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Google
O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Histórico
O43 - CFD: 25/05/2016 - [] D -- C:\Users\David\AppData\Local\Macromedia
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\Microsoft
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\Microsoft Help
O43 - CFD: 31/01/2016 - [] D -- C:\Users\David\AppData\Local\MicrosoftEdge
O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Local\Mozilla
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\NetworkTiles
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\NexonLauncher
O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\Nox
O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\NVIDIA
O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\Nvidia Corporation
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Origin
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Local\Overwolf
O43 - CFD: 02/05/2016 - [] D -- C:\Users\David\AppData\Local\Packages
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\Profiles
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Programs
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Publishers
O43 - CFD: 10/01/2016 - [0] D -- C:\Users\David\AppData\Local\Real
O43 - CFD: 14/06/2016 - [0] D -- C:\Users\David\AppData\Local\Skype
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Local\SquirrelTemp
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Steam
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Local\Temp
O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Temporary Internet Files
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\TileDataLayer
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\VirtualStore
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Local\WhatsApp
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\Programs\Common
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 14/01/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/06/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
O43 - CFD: 30/10/2015 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/04/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
O43 - CFD: 02/02/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
O43 - CFD: 01/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2016
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 16/06/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 31/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 14/01/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 22/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 16/06/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps
O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DataSharing
O43 - CFD: 02/02/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft
O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Packages
---\\ Últimos arquivos criados no Windows Prefetcher (2) - 16s
O45 - LFCP:[MD5.C35982E96EAF4B82EA119FF11E5A7FE8] 14/06/2016 A -- C:\WINDOWS\Prefetch\OHMYTABS.EXE-265C6E6D.pf =>PUP.Optional.OhMyTabs
O45 - LFCP:[MD5.B5AE0082BA7F6FE7980E1538E5D842D1] 16/06/2016 A -- C:\WINDOWS\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent
---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software a.s.®
---\\ Lista dos drivers do sistema (72) - 15s
O58 - SDL:2015/10/30 04:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys [37656] =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2016/05/15 15:51:46 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\aswKbd.sys [37144] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [107792] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr2.sys [103064] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [74544] =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2016/05/15 15:51:47 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [1070904] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [465792] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStm.sys [166432] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys [287528] =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2015/08/13 21:11:48 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys [4318760] =>.WDKTestCert qcaswbld,130129545209614653®
O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/03/09 08:48:34 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys [599240] =>.Qualcomm Atheros®
O58 - SDL:2015/10/30 04:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2013/03/04 09:24:27 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\WINDOWS\System32\drivers\ElbyCDIO.sys [40344] =>.Elaborate Bytes AG®
O58 - SDL:2015/10/30 04:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2012/07/17 17:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2015/10/30 04:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2015/08/27 17:20:10 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3797424] =>.Intel Corporation - pGFX®
O58 - SDL:2015/08/21 10:50:48 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/07/20 16:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50240] =>.Intel(R) Wireless Display®
O58 - SDL:2015/07/20 16:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38976] =>.Intel(R) Wireless Display®
O58 - SDL:2016/06/16 21:55:01 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\WINDOWS\System32\drivers\ksapi.sys [81768] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/06/16 21:55:01 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\WINDOWS\System32\drivers\ksapi64.sys [56680] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2016/03/31 20:50:09 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216] =>.SoftEther Corporation®
O58 - SDL:2016/05/22 18:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys [13509184] =>.NVIDIA Corporation®
O58 - SDL:2016/05/22 18:02:52 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvpciflt.sys [47048] =>.NVIDIA Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2016/04/14 02:38:19 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [56384] =>.NVIDIA Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] =>.Realtek
O58 - SDL:2015/08/03 23:21:50 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4518136] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/05/14 11:10:30 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [402960] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2016/03/31 20:47:47 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\SeLow_x64.sys [51024] =>.SoftEther Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2016/02/09 11:16:26 A . (.Windows (R) Win 7 DDK provider - Telestream Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\tsvadpcm.sys [33552] =>.Telestream Inc.®
O58 - SDL:2015/06/17 16:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2015/09/16 03:07:12 A . (.BigNox Corporation - VirtualBox USB Monitor Driver.) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [127432] =>.Duodian Online Technology Co. Ltd.®
O58 - SDL:2013/07/24 12:02:55 A . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\WINDOWS\System32\drivers\VClone.sys [34816] =>.Elaborate Bytes AG
O58 - SDL:2015/10/30 04:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®
O58 - SDL:2015/09/16 00:29:46 A . (.BigNox Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\XQHDrv.sys [253384] =>.Duodian Online Technology Co. Ltd.®
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\WINDOWS\System32\epmntdrv.sys [18528] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\WINDOWS\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.®
---\\ Últimos ficheiros alterados ou criados (Utilizador) (12) - 108s
O61 - LFC: 2016/06/17 10:22:54 A . (.ToolsLib.) -- C:\Users\David\Desktop\AdwCleaner.exe [3703360] {090323230C295BD623F42B911882691E}
O61 - LFC: 2016/06/09 18:17:04 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\Update.exe [1942800] {046660C4A56E0FD7E8FAC0B7BA03A845}
O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\ffmpeg.dll [2009600]
O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\natives_blob.bin [412130]
O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\snapshot_blob.bin [618708]
O61 - LFC: 2016/06/09 18:17:04 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\squirrel.exe [1942800] {046660C4A56E0FD7E8FAC0B7BA03A845}
O61 - LFC: 2016/06/09 21:27:00 A . (.WhatsApp.) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\WhatsApp.exe [79310608] {046660C4A56E0FD7E8FAC0B7BA03A845}
O61 - LFC: 2016/06/17 12:28:11 A . (..) -- C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2016/06/16 19:57:56 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d9c\DAO.20857007.exe [0]
O61 - LFC: 2016/06/17 06:56:16 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d1b\vops-counter_strike_global_offensive.20852605.exe [458752]
O61 - LFC: 2016/06/17 06:55:48 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d0b\CoProc update.20851393.exe [294912]
O61 - LFC: 2016/06/17 12:24:45 A . (..) -- C:\Users\David\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
---\\ Associações Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
---\\ Menu de inicialização Internet (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
---\\ Pesquisa de infeção nos navegadores da Internet (2) - 9s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Listagem dos serviços iniciados pelo Svchost (41) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [1339904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll [963072] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll [997376] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Serviço de Configuração de Rede.) -- C:\WINDOWS\System32\NetSetupSvc.dll [207360] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Geolocalização.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2281472] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Atualizar Sessão do Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [368640] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL do Serviço de Gerenciamento do Windows.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation
---\\ Lista das exceções do FireWall (FirewallRules) (24) - 5s
O87 - FAEL: "TCP Query User{83B40C6E-8F5A-43CB-A2D3-6748481130EF}C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P6-TRUE] .(...) -- C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.)
O87 - FAEL: "UDP Query User{72959660-404A-4B9B-BDC8-34576FC6B824}C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P17-TRUE] .(...) -- C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.)
O87 - FAEL: "{B35DC69A-9C5E-418E-99F0-03421F054DBC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Steam SteamApps Games
O87 - FAEL: "{9672EDC4-A978-4DE7-9FA0-D3B25DC27E65}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Steam SteamApps Games
O87 - FAEL: "TCP Query User{7C3F1ECC-3241-45C7-9C8A-CF50A940433C}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "UDP Query User{BF110C6E-46C3-4A6B-B903-3BF027087BC1}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{333C34F0-AE80-46BB-98DF-2F6EDD6C5EE9}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{E92918D5-0B1A-4E20-9C5E-8A021A943211}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{DB2321D1-69CF-48C4-9D3F-53F93AFB6015}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{0F72CE28-AED1-4A46-A0DC-AB5C34C5CF55}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "TCP Query User{09BFD1D6-F2AC-4344-A278-09ADA71ECBE9}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "UDP Query User{022C78BC-CA8F-42E2-A83B-A4396F64C5CD}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{E8884487-D8C5-451C-B4F4-A9A33F515962}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{10A4E927-FE96-4269-8767-40F91F2DB3E6}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "TCP Query User{560D5A3B-2AAC-4658-91EF-1AC021B50FD1}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "UDP Query User{14D1D91B-4693-4156-9087-E780909B6D08}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{FC9C3DE0-4766-4789-BA1C-8A7A5D9FE6FD}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{866467B8-6F88-459E-BCD4-A5D333707FA7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "TCP Query User{4ECFD83B-ECCB-48FF-AE98-B9F267B3CF3C}F:\downloads\project icarus online\bin64\launcher.exe" [In-None-P6-TRUE] .(...) -- F:\downloads\project icarus online\bin64\launcher.exe {476BF24A4B1E9F4BC2A61B152115E1FE}
O87 - FAEL: "UDP Query User{FD5C4E6A-B708-4BF2-9F38-534EA61ABDC5}F:\downloads\project icarus online\bin64\launcher.exe" [In-None-P17-TRUE] .(...) -- F:\downloads\project icarus online\bin64\launcher.exe {476BF24A4B1E9F4BC2A61B152115E1FE}
O87 - FAEL: "TCP Query User{65C23CA6-6CEE-4F31-BDAD-5DE2EAD0EB84}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P6-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
O87 - FAEL: "UDP Query User{1AFE21BF-040E-4A11-8CFF-D42D56F81875}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P17-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
O87 - FAEL: "TCP Query User{9C04F31E-3B40-4F54-BD63-287674378C9E}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P6-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
O87 - FAEL: "UDP Query User{C569621C-A808-46FB-8427-B61CDDFBB01F}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P17-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
---\\ Claves Tracing (2) - 1s
HKLM\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASAPI32 =>.Superfluous.CSDI
HKLM\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASMANCS =>.Superfluous.CSDI
---\\ Scâner Aditional (18) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\Users\David\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\WINDOWS\Prefetch\OHMYTABS.EXE-265C6E6D.pf =>PUP.Optional.OhMyTabs
C:\WINDOWS\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent
C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASAPI32 =>.Superfluous.CSDI
HKLM64\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASMANCS =>.Superfluous.CSDI
---\\ Resumo dos elementos encontrados na sua estação de trabalho (7) - 0s
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OhMyTabs
https://www.nicolascoolman.info/2016/05/03/superfluous-csdi/ =>.Superfluous.CSDI
~ End of the scan, 25405 items in 00h06mn39s (1066)(0)
~ iniciado por David (Administrator) (2016/06/17 12:26:53)
~ Site: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão:
~ Modo: Scanner
~ Relatório: C:\Users\David\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\David\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 10586)
---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v51.0.2704.84
MFIE: Mozilla Firefox 44.0.2 (x86 pt-BR)
MSIE: Internet Explorer v11.420.10586.0
---\\ Informações sobre os produtos Windows (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema (2) - 3s
Avast Free Antivirus v11.2.2262
Windows Defender (Deactivate)
---\\ Monitoramento dos softwares (2) - 4s
Adobe Flash Player 10 Plugin
Adobe Acrobat Reader DC - Português
---\\ Softwares de partilha do PeerToPeer (P2P) (1) - 5s
µTorrent v3.4.7.42330
---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 6153.304 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 49 GB () free of 151 GB
---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: DAVID
~ User Name: David
~ Logged in as Administrator
---\\ Enumeração das unidades dos discos (3) - 0s
~ Drive C: has 49 GB free of 151 GB (System)
~ Drive E: has 0 GB free of 3 GB
~ Drive F: has 185 GB free of 324 GB
---\\ Estado do Centro de Segurança do Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Pesquisa particular de ficheiros genéricos (24) - 3s
[MD5.E15BEB03592BA12C5C99E2BA46146BDD] - 28/05/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4515264] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher®
[MD5.75CC21C976BFF286E706AA2D133EB9D4] - 28/05/2016 - (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation
[MD5.5C156EC4E44E30331BCC865A3B61D839] - 23/04/2016 - (.Microsoft Corporation - Aplicativo de Logon do Windows.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 29/03/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows®
[MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 29/03/2016 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows®
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 14/01/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.935823F79CBEDB91637B63D37E3A5A36] - 29/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Driver de porta i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.0B3B0C1D86050355676640488FA897D3] - 23/02/2016 - (.Microsoft Corporation - Minirdr SMB do Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation
[MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Driver de porta paralela.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.E3C82823B22463BC38AA4F8ADA852624] - 23/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 14/01/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®
---\\ Serviços NT não Microsoft e não desativados (15) - 4s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.®
O23 - Service: Clean Master Core Service (cmcore) . (.Kingsoft Corporation - Clean Master.) - F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe =>.Beijing Kingsoft Security software Co.,Ltd®
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA Corporation®
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios - HiPatchService.) - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX®
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation®
O23 - Service: Phhoiedsteduied Monitor (PhhmntService) . (...) - C:\Program Files (x86)\Phhoiedsteduied\PhhmntService.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} (.not file.)
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) - F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (26) - 45s
SR - Auto [22/04/2016] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SR - Auto [02/03/2016] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Auto [15/05/2016] [ 243296] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.®
SS - Disabl [12/08/2015] [ 462096] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Auto [16/06/2016] [ 315208] Clean Master Core Service (cmcore) . (.Kingsoft Corporation.) - F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe =>.Beijing Kingsoft Security software Co.,Ltd®
SR - Demand [27/08/2015] [ 291744] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SR - Auto [02/05/2016] [ 1165368] NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA Corporation®
SS - Auto [10/01/2016] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [10/01/2016] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [10/01/2016] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SPaused - Auto [10/03/2016] [ 9728] Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios.) - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios
SR - Auto [27/08/2015] [ 330136] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
SS - Demand [19/03/2016] [ 651576] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
SS - Disabl [15/03/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [02/05/2016] [ 1881144] NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation®
SR - Demand [02/05/2016] [ 3634232] NVIDIA Streamer Network Service (NvStreamNetworkSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe =>.NVIDIA Corporation®
SR - Auto [02/05/2016] [ 2522680] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation®
SR - Auto [22/07/2015] [ 937800] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation
SS - Demand [14/01/2016] [ 2104840] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.®
SS - Demand [29/05/2016] [ 1289968] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe =>.Overwolf Ltd®
SR - Auto [03/08/2015] [ 312056] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
SS - Disabl [11/12/2013] [ 1050904] Service KMSELDI (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SR - Auto [31/03/2016] [ 5231048] SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan.) - F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Demand [14/06/2016] [ 1518672] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
---\\ Tarefas planificadas automaticamente (22) - 6s
[MD5.00000000000000000000000000000000] [APT] [Nome da tarefa] (...) -- Tarefa a ser executada (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.DE7BC28EAE6A62BC35754D1DCA4ECF38] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672] (.Activate.) =>.Adobe Systems, Incorporated®
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] (.Activate.) =>HackTool.KMSpico
[MD5.1282F8C897DBF180BCF3F6F6968DE2C3] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1517200] (.Activate.) =>.AVAST Software a.s.®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.23E7A0AC59EBD01068858BC9F5D48446] [APT] [Overwolf Updater Task] (.Overwolf LTD.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1289968] (.Activate.) =>.Overwolf Ltd®
[MD5.00000000000000000000000000000000] [APT] [Phhoiedsteduied Monitor] (...) -- C:\Program Files (x86)\Phhoiedsteduied\PhhmntTask.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.2E696C90B2D1DD842F59E38FD212D225] [APT] [SafeZone scheduled Autoupdate 1458723230] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [735736] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.6CF0ACD321C93EB978C4908DEB79B7FB] [APT] [{1ECBEF96-1487-4483-A2C7-6F160D4276F2}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [941720] (.Activate.) =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [{635C7F0F-DF87-4237-BA06-823F4A0C3C2B}] (...) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\Uninst.exe (.not file.) [0] (.Activate.) =>.Superfluous.Tencent
[MD5.23985274780D27117C470AA259B79B30] [APT] [Apple] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416] (.Activate.) =>.Apple Inc.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1084] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1088] =>.Google Inc®
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] =>.Adobe Systems, Incorporated®
O39 - APT: AutoPico Daily Restart - (...) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3796] =>HackTool.KMSpico
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\System32\Tasks\avast! Emergency Update [4280] =>.AVAST Software a.s.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3436] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3660] =>.Google Inc®
O39 - APT: Overwolf Updater Task - (.Overwolf LTD.) -- C:\WINDOWS\System32\Tasks\Overwolf Updater Task [3808] =>.Overwolf Ltd®
O39 - APT: Phhoiedsteduied Monitor - (...) -- C:\WINDOWS\System32\Tasks\Phhoiedsteduied Monitor [9048] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: SafeZone scheduled Autoupdate 1458723230 - (.Avast Software.) -- C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458723230 [4006] =>.AVAST Software s.r.o.®
---\\ Processos lançados (45) - 4s
[MD5.DFCCA437717EACA8418F47992A41B39A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) -- C:\Windows\System32\nvvsvc.exe [937800] [PID.1172] =>.NVIDIA Corporation®
[MD5.DFCCA437717EACA8418F47992A41B39A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.6.) -- C:\Windows\System32\nvvsvc.exe [937800] [PID.1372] =>.NVIDIA Corporation®
[MD5.75909533EECD0CD9D5974B59474AA6C0] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [330136] [PID.1548] =>.Intel Corporation - pGFX®
[MD5.DBE1ADA144291F8E0F29ECC40AE14562] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056] [PID.1700] =>.Realtek Semiconductor Corp®
[MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.1804] =>.Realtek Semiconductor Corp®
[MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.1812] =>.Realtek Semiconductor Corp®
[MD5.BB812787B838A74943DEF209350C3883] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [291744] [PID.1892] =>.Intel Corporation - pGFX®
[MD5.A24AF1F8186B4B69D54DCC4B059CA695] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296] [PID.1616] =>.AVAST Software a.s.®
[MD5.B937831896A32FE264B26DD97A3E432D] - (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmcore.exe [315208] [PID.1820] =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.36114214BF8D7C464D1E92E4EB6B2DD3] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2476] =>.Adobe Systems, Incorporated®
[MD5.CA209960730B15E0CDFD6058475AB2AC] - (.Hi-Rez Studios - HiPatchService.) -- F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728] [PID.2572] =>.Hi-Rez Studios
[MD5.77BE9E1AFCE995652A1C4FF4C8A0F839] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680] [PID.2616] =>.NVIDIA Corporation®
[MD5.FA9BC0048ED46C5FB5C93EAFFC97F63D] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144] [PID.2624] =>.NVIDIA Corporation®
[MD5.3B3774C868868257533EC7E715BB6D53] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.2688] =>.Apple Inc.®
[MD5.29D989D1762C518FD768BD0C6B17210B] - (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5231048] [PID.2724] {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
[MD5.4CEDC66C726F7BE116BE7694B3CD22CD] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368] [PID.2744] =>.NVIDIA Corporation®
[MD5.AF5BE3694A76365874B8967331049F2C] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232] [PID.3424] =>.NVIDIA Corporation®
[MD5.3E7E1E950F123521C5CE072E61929DA4] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe [21328952] [PID.3912] =>.NVIDIA Corporation®
[MD5.80A11F070E9EEFCB48B357E9E0E2C7D1] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [541600] [PID.4732] =>.Intel Corporation - pGFX®
[MD5.E3566F4FD0B1FC99C6ED09E318155D67] - (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmtray.exe [771912] [PID.4764] =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.B6C52FADECE225339D02B6923E930B5C] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [258456] [PID.4784] =>.Intel Corporation - pGFX®
[MD5.8D2A1935AE10BE1E11A8C58B2F473560] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxTray.exe [395168] [PID.4828] =>.Intel Corporation - pGFX®
[MD5.641B19018CB32619ADBD0AED4964E1D9] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760] [PID.4644] =>.Realtek Semiconductor Corp®
[MD5.BC5A40AEAC1CF7708D07CBC2F577F90B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320] [PID.724] =>.Realtek Semiconductor Corp®
[MD5.C8AC55CCB8AB33713522B4CAAFAC0F59] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776] [PID.3632] =>.NVIDIA Corporation®
[MD5.4594479D2DFD81830D91066EE210714E] - (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe [45296] [PID.4920] =>.Overwolf Ltd®
[MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.2648] =>.BitTorrent Inc®
[MD5.2D6800E17FEBB51E3C75CD935E2BA8F5] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [7405752] [PID.5976] =>.AVAST Software a.s.®
[MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.5828] =>.Elaborate Bytes AG®
[MD5.A833D342409B76742F7CCFC342837370] - (.NVIDIA Corporation - OpenAutomate wrapper cache.) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe [346552] [PID.2664] =>.Nvidia Corporation®
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.5848] =>.BitTorrent Inc.
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.4700] =>.BitTorrent Inc.
[MD5.4FA12350B04AAECF0D3893ADFB65101C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\David\Desktop\ZHPDiag3.exe [2216960] [PID.2764] =>.Nicolas Coolman
[MD5.691F0AC6AFBBBEEFA9B8340076E5B151] - (.Overwolf LTD - Overlay.) -- C:\Program Files (x86)\Common Files\Overwolf\0.95.40.0\OverwolfHelper.exe [77552] [PID.6988] =>.Overwolf Ltd®
[MD5.E53A0E7F08E43D0447AA281FD5B4223D] - (.Overwolf LTD - Overlay.) -- C:\Program Files (x86)\Common Files\Overwolf\0.95.40.0\OverwolfHelper64.exe [86256] [PID.6928] =>.Overwolf Ltd®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.6992] =>.Google Inc®
[MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.5684] =>.Google Inc®
[MD5.A425CDCEB9D26E9A5ABAFA259799D447] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe [312472] [PID.6600] =>.Google Inc®
[MD5.B2A4B2F0623CB4B661E731B768C57DD6] - (.VideoLAN - VLC media player.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [137152] [PID.6284] =>.VideoLAN®
[MD5.ADB8D21FC136BC4092A7F87DD4426F50] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2917456] [PID.7152] =>.Valve®
[MD5.CF320FE13D0BCA3E79A20E99B72E80D4] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [2062416] [PID.5108] =>.Valve®
[MD5.A4FC868F6FC03876E29E4D87731B8E31] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1518672] [PID.2832] =>.Valve®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.7340] =>.Google Inc®
[MD5.CF320FE13D0BCA3E79A20E99B72E80D4] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [2062416] [PID.6016] =>.Valve®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.7420] =>.Google Inc®
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (11) - 2s
M0 - MFSP: prefs.js [David - c9bouejj.default] https://www.google.com.br/
P2 - EXT: (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll =>.Microsoft Corporation®
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated®
P2 - EXT: (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll {4EAB2828AFC3987D9D86D3770E741255} =>.RealNetworks, Inc.
P2 - EXT: (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll =>.RealNetworks, Inc.
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\WMP Firefox Plugin License.rtf
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\WMP Firefox Plugin RelNotes.txt
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc.
---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Gestão do Proxy (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (31)
---\\ Browser Helper Objects do navegador (3) - 1s
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>.Google Inc®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ Aplicações iniciadas por registo & pastas (24) - 1s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe =>.NVIDIA Corporation®
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.®
O4 - HKLM\..\Run: [SoftEther VPN Client UI Helper] . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - HKCU\..\Run: [Overwolf] . (.Copyright Overwolf © 2016 - Overwolf Launcher.) -- C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd®
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software a.s.®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG®
O4 - HKLM\..\Wow6432Node\Run: [cmsc] . (.Kingsoft Corporation - Clean Master.) -- F:\Program Files (x86)\cmcm\Clean Master\cmtray.exe =>.Beijing Kingsoft Security software Co.,Ltd®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [Overwolf] . (.Copyright Overwolf © 2016 - Overwolf Launcher.) -- C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKUS\S-1-5-21-2752671879-21587289-234878278-1001\..\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
---\\ Atalhos globais Startup (72) - 10s
O4 - GS\Desktop [Administrador]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Administrador]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe
O4 - GS\Desktop [Administrador]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Administrador]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe
O4 - GS\Desktop [Administrador]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Administrador]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Administrador]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe
O4 - GS\Desktop [Administrador]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrador]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrador]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe
O4 - GS\Quicklaunch [Administrador]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\sendTo [Administrador]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\sendTo [Administrador]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrador]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [Convidado]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Convidado]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe
O4 - GS\Desktop [Convidado]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [Convidado]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe
O4 - GS\Desktop [Convidado]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Convidado]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Convidado]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe
O4 - GS\Desktop [Convidado]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Convidado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Convidado]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Convidado]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe
O4 - GS\Quicklaunch [Convidado]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\sendTo [Convidado]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\sendTo [Convidado]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\TaskBar [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Convidado]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [David]: Icarus.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [David]: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe
O4 - GS\Desktop [David]: Nexon Launcher.lnk . (...) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe
O4 - GS\Desktop [David]: Project Icarus Launcher.lnk . (.Copyright © 2015 - Icarus Online Launcher.) F:\Downloads\Project Icarus Online\Project Icarus Launcher.exe
O4 - GS\Desktop [David]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) F:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [David]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [David]: Total Video Converter.lnk . (.Copyright (C) 2010 - tvcshell MFC Application.) C:\Program Files (x86)\Total Video Converter\tvcshell.exe
O4 - GS\Desktop [David]: WhatsApp.lnk . (...) C:\Users\David\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [David]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\David\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [David]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [David]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [David]: Total Video Player.lnk . (...) C:\Program Files (x86)\Total Video Converter\tvp.exe
O4 - GS\Quicklaunch [David]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files (x86)\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\sendTo [David]: MediaInfo.lnk . (...) C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
O4 - GS\sendTo [David]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\TaskBar [David]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [David]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software a.s.®
O4 - GS\CommonDesktop [Public]: Blade & Soul.lnk . (.NCSOFT Corporation - NCLauncher.) C:\Program Files (x86)\NCWest\NCLauncher\NCLauncher.exe =>.NCsoft Corp.®
O4 - GS\CommonDesktop [Public]: Clean Master.lnk . (.Kingsoft Corporation - Clean Master.) F:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe =>.Beijing Kingsoft Security software Co.,Ltd®
O4 - GS\CommonDesktop [Public]: CPUID CPU-Z.lnk . (.CPUID - CPU-Z Application.) C:\Program Files\CPUID\CPU-Z\cpuz.exe =>.CPUID®
O4 - GS\CommonDesktop [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software®
O4 - GS\CommonDesktop [Public]: EaseUS Partition Master 10.8.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience Launcher Applicat.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe =>.NVIDIA Corporation®
O4 - GS\CommonDesktop [Public]: Hi-Rez Diagnostics and Support.lnk . (.Hewlett-Packard Company - HiRezGamesDiagAndSupport.) F:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe =>.Hi-Rez Studios, Inc.®
O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc.
O4 - GS\CommonDesktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - GS\CommonDesktop [Public]: Overwolf.lnk . (.Copyright Overwolf © 2016 - Overwolf Launcher.) C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe =>.Overwolf Ltd®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: Smite.lnk . (...) F:\Program Files (x86)\Hi-Rez Studios\HirezLauncherUI.exe =>.Hi-Rez Studios, Inc.®
O4 - GS\CommonDesktop [Public]: SoftEther VPN Client Manager.lnk . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) F:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O4 - GS\CommonDesktop [Public]: Steam.lnk . (...) C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe
O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®
O4 - GS\CommonDesktop [Public]: Virtual CloneDrive.lnk . (.Elaborate Bytes AG - VirtualCloneDrive Preferences.) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe =>.Elaborate Bytes AG
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Wirecast.lnk . (.Telestream LLC - .) C:\Program Files (x86)\Telestream\Wirecast\Wirecast.exe
O4 - GS\Programs [Public]: iPadian.lnk . (...) C:\Program Files (x86)\iPadian\iPadian.exe
O4 - GS\Programs [Public]: Slave (F).lnk . (...) F:\
---\\ Alteração Dominio/Clientes DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = motoman.lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.8.20 172.22.8.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{a5a05bb8-5ca2-42b1-9f2c-8fbc942f416a}: DhcpNameServer = 172.22.8.20 172.22.8.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{ad7c8130-d85c-49cb-97b6-1f013aa39f09}: DhcpNameServer = 172.22.8.20 172.22.8.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{a5a05bb8-5ca2-42b1-9f2c-8fbc942f416a}: DhcpDomain = motoman.lan
O17 - HKLM\System\CCS\Services\Tcpip\..\{ad7c8130-d85c-49cb-97b6-1f013aa39f09}: DhcpDomain = motoman.lan
---\\ Protocolo adicional (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (1) - 0s
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 368.) - C:\Windows\System32\nvinitx.dll
---\\ Software instalados (89) - 23s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Acrobat Reader DC - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {47FA2C44-D148-4DBC-AF60-B91934AA4842} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824184103} =>.Adobe Systems Incorporated
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2E4AF2A6-50EA-4260-9BA4-5E582D11879A} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc.
O42 - Logiciel: ARK: Survival Of The Fittest - (.Studio Wildcard.) [HKLM][64Bits] -- Steam App 407530 =>.Valve®
O42 - Logiciel: Atualizações da NVIDIA 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast =>.AVAST Software a.s.®
O42 - Logiciel: Blade & Soul - (.NC Interactive, LLC.) [HKLM][64Bits] -- {C3F383C1-D050-4A40-843F-8171A6A02C3A} =>.NC Interactive, LLC
O42 - Logiciel: Blade & Soul - (.NC Interactive, LLC.) [HKLM][64Bits] -- InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A} =>.NC Interactive, LLC
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc.
O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM][64Bits] -- CDisplay_is1 =>.dvd8n
O42 - Logiciel: Clean Master - (.Cheetah Mobile.) [HKLM][64Bits] -- Clean Master =>.Beijing Kingsoft Security software Co.,Ltd®
O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve®
O42 - Logiciel: CPUID CPU-Z 1.72.1 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1
O42 - Logiciel: Debut Video Capture Software - (.NCH Software.) [HKLM][64Bits] -- Debut =>.NCH Software®
O42 - Logiciel: EaseUS Partition Master 10.8 Trial Edition - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master Trial Edition_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: Hi-Rez Studios Authenticate and Update Service - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} =>.Hi-Rez Studios, Inc.®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2016
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {A31C5565-90D9-4615-AE13-94D86C3836C7} =>.Apple Inc.
O42 - Logiciel: Java 7 Update 79 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217079FF} =>.Oracle
O42 - Logiciel: Java Auto Updater - (.Oracle, Inc..) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle, Inc.
O42 - Logiciel: K-Lite Mega Codec Pack 4.8.5 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 44.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 44.0.2 (x86 pt-BR) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: NCSOFT Game Launcher - (.NCSOFT.) [HKLM][64Bits] -- NCLauncher_NCWest =>.NCsoft Corp.®
O42 - Logiciel: Nexon Launcher - (.Nexon.) [HKLM][64Bits] -- Nexon Nexon Launcher =>.Nexon
O42 - Logiciel: NVIDIA Driver de gráficos 361.43 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA LED Visualizer 1.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Network Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA ShadowPlay 2.11.3.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Software do sistema PhysX 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Virtual Audio 1.2.40 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.®
O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] -- Overwolf =>.Overwolf Ltd®
O42 - Logiciel: Painel de controle da NVIDIA 353.62 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group
O42 - Logiciel: SafeZone Stable 1.48.2066.101 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 1.48.2066.101 =>.AVAST Software s.r.o.®
O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation
O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation
O42 - Logiciel: Skype™ 7.24 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: Smite - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017} =>.Hi-Rez Studios, Inc.®
O42 - Logiciel: SoftEther VPN Client - (.SoftEther VPN Project.) [HKLM][64Bits] -- softether_sevpnclient {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} =>.Valve Corporation
O42 - Logiciel: Subtitle Edit 3.4.11 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 =>.Nikse
O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E} =>.Apple Inc.
O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {2937FD88-C9D6-4B82-B539-37CD0A572F42} =>.Apple Inc.
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH
O42 - Logiciel: Total Video Converter 3.71 100812 - (.EffectMatrix Inc..) [HKLM][64Bits] -- Total Video Converter 3.71_is1
O42 - Logiciel: Tree of Savior (English Ver.) - (.IMCGAMES Co.,Ltd..) [HKLM][64Bits] -- Steam App 372000 =>.Valve®
O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3115033) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1} =>.Microsoft Corporation®
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive =>.Elaborate Bytes
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU][64Bits] -- WhatsApp {046660C4A56E0FD7E8FAC0B7BA03A845}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corp
O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Wirecast - (.Telestream LLC.) [HKLM][64Bits] -- {13CCAC84-0C34-4D13-8C99-02D9F8B4C714}
---\\ HKCU & HKLM Software Keys (117) - 23s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\cmcm
HKLM\SOFTWARE\Wow6432Node\Codec Tweak Tool
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\EaseUS
HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Hi-Rez Studios
HKLM\SOFTWARE\Wow6432Node\HiRez Studios
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\iTinySoft
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Kamuse Inc.
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\macrium
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Miray
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound
HKLM\SOFTWARE\Wow6432Node\NCWest
HKLM\SOFTWARE\Wow6432Node\Nikse
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Origin
HKLM\SOFTWARE\Wow6432Node\Overwolf
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\RecordDISCXXX
HKLM\SOFTWARE\Wow6432Node\Rene.E Laboratory
HKLM\SOFTWARE\Wow6432Node\S3R521
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Soaktiwaw
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\Softgogo
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Waves Audio
HKLM\SOFTWARE\Wow6432Node\Windows
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CDisplay
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\cmcm
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\FreeReign
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GinnoGames
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\INCAInternet
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\macrium
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Neowiz
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nexon
HKCU\SOFTWARE\Nexon Launcher
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Overwolf
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Rene.E Laboratory
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\SWiSHzone.com
HKCU\SOFTWARE\SyncEngines
HKCU\SOFTWARE\Telestream
HKCU\SOFTWARE\Telestream LLC
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\UltraSnap
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WireCastSupportAssistant
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
---\\ Conteúdo das pastas Programs (275) - 80s
O43 - CFD: 10/01/2016 - [0] SHD -- C:\Program Files\Arquivos Comuns
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.®
O43 - CFD: 17/06/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\CPUID =>.CPUID®
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\DIFX =>.Duodian Online Technology Co. Ltd.®
O43 - CFD: 22/11/2014 - [] D -- C:\Program Files\Embedded Lockdown Manager
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Google
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Intel
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 30/03/2016 - [] D -- C:\Program Files\iPod =>.Apple Inc.®
O43 - CFD: 30/03/2016 - [] AD -- C:\Program Files\iTunes =>.Apple Inc.®
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation®
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 13/01/2016 - [] AD -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft SQL Server
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 05/06/2016 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\OBS
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics®
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\Soaktiwaw
O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files\SoaktiwawUn
O43 - CFD: 05/05/2016 - [] AD -- C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak Systems GmbH®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Telestream
O43 - CFD: 26/07/2012 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 16/06/2016 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell
O43 - CFD: 22/03/2016 - [] AD -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\CDisplay
O43 - CFD: 17/06/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\EaseUS =>.CHENGDU YIWO Tech Development Co., Ltd.®
O43 - CFD: 25/04/2016 - [] D -- C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files (x86)\gg =>.Superfluous.Tencent
O43 - CFD: 22/03/2016 - [] AD -- C:\Program Files (x86)\Glyph
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 15/03/2016 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 11/05/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX®
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation®
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\NCH Software =>.NCH Software®
O43 - CFD: 17/01/2016 - [] AD -- C:\Program Files (x86)\NCSOFT
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\NCWest =>.NCsoft Corp.®
O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\Nexon
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.NVIDIA Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\OBS
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.®
O43 - CFD: 14/01/2016 - [0] D -- C:\Program Files (x86)\Origin Games
O43 - CFD: 16/06/2016 - [] AD -- C:\Program Files (x86)\Overwolf =>.Overwolf Ltd®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Programas RFB
O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 30/03/2016 - [0] D -- C:\Program Files (x86)\Runtime Software
O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files (x86)\Shoruyjjsp
O43 - CFD: 14/06/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl®
O43 - CFD: 17/06/2016 - [] AD -- C:\Program Files (x86)\Steam =>.Valve®
O43 - CFD: 19/04/2016 - [] AD -- C:\Program Files (x86)\Subtitle Edit
O43 - CFD: 17/04/2016 - [] AD -- C:\Program Files (x86)\Total Video Converter
O43 - CFD: 14/01/2016 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 11/02/2016 - [] D -- C:\Program Files (x86)\uTorrent =>.BitTorrent Inc®
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 14/06/2016 - [0] D -- C:\Program Files (x86)\Wutaingjlaph
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
O43 - CFD: 25/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 14/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
O43 - CFD: 16/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 19/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telestream
O43 - CFD: 17/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Apple
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 17/06/2016 - [0] D -- C:\ProgramData\Application Data
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 25/05/2016 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 14/01/2016 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Glyph
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Google
O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Hi-Rez Studios
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 16/06/2016 - [] D -- C:\ProgramData\Lavasoft
O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Macrium
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 14/01/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 10/01/2016 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 16/06/2016 - [0] D -- C:\ProgramData\Mozilla
O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\NCH Software
O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 11/04/2016 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 21/01/2016 - [] D -- C:\ProgramData\Origin
O43 - CFD: 02/02/2016 - [] D -- C:\ProgramData\Overwolf
O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Real
O43 - CFD: 14/01/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 16/06/2016 - [0] D -- C:\ProgramData\Skype
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Sun
O43 - CFD: 23/03/2016 - [0] D -- C:\ProgramData\Telestream
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\WEBZEN
O43 - CFD: 15/03/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\AV
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Overwolf
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/06/2016 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 16/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Adobe
O43 - CFD: 24/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Apple Computer
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\AVAST Software
O43 - CFD: 17/01/2016 - [0] D -- C:\Users\David\AppData\Roaming\Awesomium
O43 - CFD: 13/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Identities
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Macromedia
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Media Player Classic
O43 - CFD: 14/06/2016 - [] SD -- C:\Users\David\AppData\Roaming\Microsoft
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Mozilla
O43 - CFD: 11/03/2016 - [] D -- C:\Users\David\AppData\Roaming\NCH Software
O43 - CFD: 31/03/2016 - [] D -- C:\Users\David\AppData\Roaming\NEOWIZ
O43 - CFD: 20/04/2016 - [] D -- C:\Users\David\AppData\Roaming\NexonLauncher
O43 - CFD: 08/06/2016 - [] D -- C:\Users\David\AppData\Roaming\NVIDIA
O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Origin
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Profiles
O43 - CFD: 10/01/2016 - [0] D -- C:\Users\David\AppData\Roaming\Real
O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Roaming\Shooter
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Skype
O43 - CFD: 11/05/2016 - [] D -- C:\Users\David\AppData\Roaming\Subtitle Edit
O43 - CFD: 05/05/2016 - [] D -- C:\Users\David\AppData\Roaming\TS3Client
O43 - CFD: 14/06/2016 - [0] D -- C:\Users\David\AppData\Roaming\up4GV
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Roaming\uTorrent
O43 - CFD: 23/03/2016 - [0] D -- C:\Users\David\AppData\Roaming\Vara Software
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Roaming\vlc
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\VSRevoGroup
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Roaming\WhatsApp
O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Roaming\WinRAR
O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Wirecast Play
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Roaming\ZHP
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\ActiveSync
O43 - CFD: 15/03/2016 - [] D -- C:\Users\David\AppData\Local\Adobe
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Apple
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Apple Computer
O43 - CFD: 23/03/2016 - [] D -- C:\Users\David\AppData\Local\assembly
O43 - CFD: 25/05/2016 - [] D -- C:\Users\David\AppData\Local\BlueStacks
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\CEF
O43 - CFD: 28/01/2016 - [] D -- C:\Users\David\AppData\Local\Comms
O43 - CFD: 16/06/2016 - [0] D -- C:\Users\David\AppData\Local\CrashDumps
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Dados de Aplicativos
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\Diagnostics
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\ElevatedDiagnostics
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\FreeReign
O43 - CFD: 22/03/2016 - [] D -- C:\Users\David\AppData\Local\Glyph
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Google
O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Histórico
O43 - CFD: 25/05/2016 - [] D -- C:\Users\David\AppData\Local\Macromedia
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\Microsoft
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\Microsoft Help
O43 - CFD: 31/01/2016 - [] D -- C:\Users\David\AppData\Local\MicrosoftEdge
O43 - CFD: 17/01/2016 - [] D -- C:\Users\David\AppData\Local\Mozilla
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\NetworkTiles
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Local\NexonLauncher
O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\Nox
O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\NVIDIA
O43 - CFD: 05/06/2016 - [] D -- C:\Users\David\AppData\Local\Nvidia Corporation
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Origin
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Local\Overwolf
O43 - CFD: 02/05/2016 - [] D -- C:\Users\David\AppData\Local\Packages
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\Profiles
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Programs
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\Publishers
O43 - CFD: 10/01/2016 - [0] D -- C:\Users\David\AppData\Local\Real
O43 - CFD: 14/06/2016 - [0] D -- C:\Users\David\AppData\Local\Skype
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Local\SquirrelTemp
O43 - CFD: 10/01/2016 - [] D -- C:\Users\David\AppData\Local\Steam
O43 - CFD: 17/06/2016 - [] D -- C:\Users\David\AppData\Local\Temp
O43 - CFD: 14/01/2016 - [0] SHD -- C:\Users\David\AppData\Local\Temporary Internet Files
O43 - CFD: 14/01/2016 - [] D -- C:\Users\David\AppData\Local\TileDataLayer
O43 - CFD: 14/06/2016 - [] D -- C:\Users\David\AppData\Local\VirtualStore
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Local\WhatsApp
O43 - CFD: 14/01/2016 - [0] D -- C:\Users\David\AppData\Local\Programs\Common
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 14/01/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/06/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
O43 - CFD: 30/10/2015 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/04/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
O43 - CFD: 02/02/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
O43 - CFD: 01/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2016
O43 - CFD: 16/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 16/06/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 31/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 14/01/2016 - [] RD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 09/06/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 22/03/2016 - [] D -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 16/06/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps
O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DataSharing
O43 - CFD: 02/02/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft
O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Packages
---\\ Últimos arquivos criados no Windows Prefetcher (2) - 16s
O45 - LFCP:[MD5.C35982E96EAF4B82EA119FF11E5A7FE8] 14/06/2016 A -- C:\WINDOWS\Prefetch\OHMYTABS.EXE-265C6E6D.pf =>PUP.Optional.OhMyTabs
O45 - LFCP:[MD5.B5AE0082BA7F6FE7980E1538E5D842D1] 16/06/2016 A -- C:\WINDOWS\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent
---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software a.s.®
---\\ Lista dos drivers do sistema (72) - 15s
O58 - SDL:2015/10/30 04:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys [37656] =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2016/05/15 15:51:46 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\aswKbd.sys [37144] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [107792] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr2.sys [103064] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [74544] =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2016/05/15 15:51:47 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [1070904] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [465792] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStm.sys [166432] =>.AVAST Software a.s.®
O58 - SDL:2016/05/15 15:52:11 A . (.AVAST Software - avast! VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys [287528] =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2015/08/13 21:11:48 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys [4318760] =>.WDKTestCert qcaswbld,130129545209614653®
O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 04:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/03/09 08:48:34 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys [599240] =>.Qualcomm Atheros®
O58 - SDL:2015/10/30 04:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2013/03/04 09:24:27 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\WINDOWS\System32\drivers\ElbyCDIO.sys [40344] =>.Elaborate Bytes AG®
O58 - SDL:2015/10/30 04:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2012/07/17 17:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2015/10/30 04:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 04:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2015/08/27 17:20:10 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3797424] =>.Intel Corporation - pGFX®
O58 - SDL:2015/08/21 10:50:48 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/07/20 16:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50240] =>.Intel(R) Wireless Display®
O58 - SDL:2015/07/20 16:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38976] =>.Intel(R) Wireless Display®
O58 - SDL:2016/06/16 21:55:01 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\WINDOWS\System32\drivers\ksapi.sys [81768] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/06/16 21:55:01 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\WINDOWS\System32\drivers\ksapi64.sys [56680] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2016/03/31 20:50:09 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216] =>.SoftEther Corporation®
O58 - SDL:2016/05/22 18:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys [13509184] =>.NVIDIA Corporation®
O58 - SDL:2016/05/22 18:02:52 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvpciflt.sys [47048] =>.NVIDIA Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2016/04/14 02:38:19 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [56384] =>.NVIDIA Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] =>.Realtek
O58 - SDL:2015/08/03 23:21:50 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4518136] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/05/14 11:10:30 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [402960] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2016/03/31 20:47:47 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\SeLow_x64.sys [51024] =>.SoftEther Corporation®
O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2016/02/09 11:16:26 A . (.Windows (R) Win 7 DDK provider - Telestream Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\tsvadpcm.sys [33552] =>.Telestream Inc.®
O58 - SDL:2015/06/17 16:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2015/09/16 03:07:12 A . (.BigNox Corporation - VirtualBox USB Monitor Driver.) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [127432] =>.Duodian Online Technology Co. Ltd.®
O58 - SDL:2013/07/24 12:02:55 A . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\WINDOWS\System32\drivers\VClone.sys [34816] =>.Elaborate Bytes AG
O58 - SDL:2015/10/30 04:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 04:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®
O58 - SDL:2015/09/16 00:29:46 A . (.BigNox Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\XQHDrv.sys [253384] =>.Duodian Online Technology Co. Ltd.®
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\WINDOWS\System32\epmntdrv.sys [18528] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\WINDOWS\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.®
---\\ Últimos ficheiros alterados ou criados (Utilizador) (12) - 108s
O61 - LFC: 2016/06/17 10:22:54 A . (.ToolsLib.) -- C:\Users\David\Desktop\AdwCleaner.exe [3703360] {090323230C295BD623F42B911882691E}
O61 - LFC: 2016/06/09 18:17:04 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\Update.exe [1942800] {046660C4A56E0FD7E8FAC0B7BA03A845}
O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\ffmpeg.dll [2009600]
O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\natives_blob.bin [412130]
O61 - LFC: 2016/06/09 21:26:52 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\snapshot_blob.bin [618708]
O61 - LFC: 2016/06/09 18:17:04 A . (..) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\squirrel.exe [1942800] {046660C4A56E0FD7E8FAC0B7BA03A845}
O61 - LFC: 2016/06/09 21:27:00 A . (.WhatsApp.) -- C:\Users\David\AppData\Local\WhatsApp\app-0.2.936\WhatsApp.exe [79310608] {046660C4A56E0FD7E8FAC0B7BA03A845}
O61 - LFC: 2016/06/17 12:28:11 A . (..) -- C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2016/06/16 19:57:56 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d9c\DAO.20857007.exe [0]
O61 - LFC: 2016/06/17 06:56:16 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d1b\vops-counter_strike_global_offensive.20852605.exe [458752]
O61 - LFC: 2016/06/17 06:55:48 A . (..) -- C:\Users\David\AppData\Local\NVIDIA\NvBackend\Packages\00008d0b\CoProc update.20851393.exe [294912]
O61 - LFC: 2016/06/17 12:24:45 A . (..) -- C:\Users\David\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
---\\ Associações Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Menu de inicialização Internet (16) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Pesquisa de infeção nos navegadores da Internet (2) - 9s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Listagem dos serviços iniciados pelo Svchost (41) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [1339904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll [963072] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll [997376] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Serviço de Configuração de Rede.) -- C:\WINDOWS\System32\NetSetupSvc.dll [207360] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Geolocalização.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2281472] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Atualizar Sessão do Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [368640] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL do Serviço de Gerenciamento do Windows.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation
---\\ Lista das exceções do FireWall (FirewallRules) (24) - 5s
O87 - FAEL: "TCP Query User{83B40C6E-8F5A-43CB-A2D3-6748481130EF}C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P6-TRUE] .(...) -- C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.)
O87 - FAEL: "UDP Query User{72959660-404A-4B9B-BDC8-34576FC6B824}C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P17-TRUE] .(...) -- C:\users\david\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.)
O87 - FAEL: "{B35DC69A-9C5E-418E-99F0-03421F054DBC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Steam SteamApps Games
O87 - FAEL: "{9672EDC4-A978-4DE7-9FA0-D3B25DC27E65}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Steam SteamApps Games
O87 - FAEL: "TCP Query User{7C3F1ECC-3241-45C7-9C8A-CF50A940433C}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "UDP Query User{BF110C6E-46C3-4A6B-B903-3BF027087BC1}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{333C34F0-AE80-46BB-98DF-2F6EDD6C5EE9}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{E92918D5-0B1A-4E20-9C5E-8A021A943211}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{DB2321D1-69CF-48C4-9D3F-53F93AFB6015}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{0F72CE28-AED1-4A46-A0DC-AB5C34C5CF55}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "TCP Query User{09BFD1D6-F2AC-4344-A278-09ADA71ECBE9}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "UDP Query User{022C78BC-CA8F-42E2-A83B-A4396F64C5CD}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{E8884487-D8C5-451C-B4F4-A9A33F515962}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{10A4E927-FE96-4269-8767-40F91F2DB3E6}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "TCP Query User{560D5A3B-2AAC-4658-91EF-1AC021B50FD1}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "UDP Query User{14D1D91B-4693-4156-9087-E780909B6D08}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{FC9C3DE0-4766-4789-BA1C-8A7A5D9FE6FD}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "{866467B8-6F88-459E-BCD4-A5D333707FA7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe (.not file.) =>.Steam SteamApps Games
O87 - FAEL: "TCP Query User{4ECFD83B-ECCB-48FF-AE98-B9F267B3CF3C}F:\downloads\project icarus online\bin64\launcher.exe" [In-None-P6-TRUE] .(...) -- F:\downloads\project icarus online\bin64\launcher.exe {476BF24A4B1E9F4BC2A61B152115E1FE}
O87 - FAEL: "UDP Query User{FD5C4E6A-B708-4BF2-9F38-534EA61ABDC5}F:\downloads\project icarus online\bin64\launcher.exe" [In-None-P17-TRUE] .(...) -- F:\downloads\project icarus online\bin64\launcher.exe {476BF24A4B1E9F4BC2A61B152115E1FE}
O87 - FAEL: "TCP Query User{65C23CA6-6CEE-4F31-BDAD-5DE2EAD0EB84}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P6-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
O87 - FAEL: "UDP Query User{1AFE21BF-040E-4A11-8CFF-D42D56F81875}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P17-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
O87 - FAEL: "TCP Query User{9C04F31E-3B40-4F54-BD63-287674378C9E}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P6-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
O87 - FAEL: "UDP Query User{C569621C-A808-46FB-8427-B61CDDFBB01F}F:\neowiz\pmang\bless\binaries\win64\bless.exe" [In-None-P17-TRUE] .(...) -- F:\neowiz\pmang\bless\binaries\win64\bless.exe (.not file.)
---\\ Claves Tracing (2) - 1s
HKLM\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASAPI32 =>.Superfluous.CSDI
HKLM\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASMANCS =>.Superfluous.CSDI
---\\ Scâner Aditional (18) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\Users\David\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\WINDOWS\Prefetch\OHMYTABS.EXE-265C6E6D.pf =>PUP.Optional.OhMyTabs
C:\WINDOWS\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent
C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASAPI32 =>.Superfluous.CSDI
HKLM64\SOFTWARE\Microsoft\Tracing\easyhotspot-installer_RASMANCS =>.Superfluous.CSDI
---\\ Resumo dos elementos encontrados na sua estação de trabalho (7) - 0s
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OhMyTabs
https://www.nicolascoolman.info/2016/05/03/superfluous-csdi/ =>.Superfluous.CSDI
~ End of the scan, 25405 items in 00h06mn39s (1066)(0)