~ ZHPDiag v2016.6.2.101 Por Nicolas Coolman (2016/06/02) ~ iniciado por Cicero Batista (Administrator) (2016/06/04 11:55:45) ~ Site: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Status da versão: Version OK ~ Modo: Scanner ~ Relatório: C:\Users\Cicero Batista\Desktop\ZHPDiag.txt ~ Relatório: C:\Users\Cicero Batista\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Inicialização do sistema: Normal (Normal boot) Windows 8 Enterprise, 64-bit (Build 9200) ---\\ Navegadores Internet (2) - 1s GCIE: Google Chrome v47.0.2526.106 MSIE: Internet Explorer v10.0.9200.16384 ---\\ Informações sobre os produtos Windows (3) - 3s ~ Windows Server License Manager Script : OK System - VBScript Engine not found Windows Automatic Updates : OK ---\\ Softwares de proteçao do sistema (1) - 20s Windows Defender W8 (Deactivate) ---\\ Softwares de proteçao do sistema (Supérfluo) (1) - 21s SpyHunter 4 v4.22.8.4668 ---\\ Softwares de partilha do PeerToPeer (P2P) (1) - 22s µTorrent v3.4.7.42330 ---\\ Informações sobre o sistema (6) - 0s ~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 4075.808 MB (68% free) System Restore: Activé (Enable) System drive C: has 402 GB () free of 476 GB ---\\ Modo de conexão ao sistema (3) - 0s ~ Computer Name: CICERO ~ User Name: Cicero Batista ~ Logged in as Administrator ---\\ Enumeração das unidades dos discos (1) - 0s ~ Drive C: has 402 GB free of 476 GB (System) ---\\ Estado do Centro de Segurança do Windows (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Pesquisa particular de ficheiros genéricos (24) - 7s [MD5.928791755FDDEA721B053535EF84FA17] - 26/07/2012 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2380440] =>.Microsoft Windows® [MD5.3A6209AC494296C24C2065CB4392B5F4] - 26/07/2012 - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [51712] =>.Microsoft Corporation [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - 26/07/2012 - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) -- C:\Windows\System32\Wininit.exe [132608] =>.Microsoft Corporation [MD5.3DA7E6053DB9BE3EADC70CE20B1FB92B] - 26/07/2012 - (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [2246656] =>.Microsoft Corporation [MD5.93AB226C07A9789B2EC7B41F73602F76] - 26/07/2012 - (.Microsoft Corporation - Aplicativo de Logon do Windows.) -- C:\Windows\System32\Winlogon.exe [516608] =>.Microsoft Corporation [MD5.9448F5740A037EC0C18F0E9177232DD0] - 26/07/2012 - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) -- C:\Windows\System32\sppcomapi.dll [273408] =>.Microsoft Corporation [MD5.4D10F9BB8243BCBF39774BF4D6B0D108] - 26/07/2012 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\System32\dnsapi.dll [604672] =>.Microsoft Corporation [MD5.6356C0630362CC80E4318A672FF66804] - 26/07/2012 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\Syswow64\dnsapi.dll [461312] =>.Microsoft Corporation [MD5.9E975BDC89C83900B2C534C4E1B018F8] - 26/07/2012 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [561152] =>.Microsoft Corporation [MD5.A721FF570C2387E383BDDEA9632863C9] - 26/07/2012 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [25840] =>.Microsoft Windows® [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - 25/07/2012 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [108544] =>.Microsoft Corporation [MD5.339BFF85D788268752DA8C9644B188EE] - 25/07/2012 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [174080] =>.Microsoft Corporation [MD5.09D9EB9E7898F8E6561473A20CC808B9] - 25/07/2012 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [118784] =>.Microsoft Corporation [MD5.8D6810577E9C4F56DCB8E9BACAC7287B] - 25/07/2012 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [71168] =>.Microsoft Corporation [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - 25/07/2012 - (.Microsoft Corporation - Driver de porta i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [112640] =>.Microsoft Corporation [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - 25/07/2012 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [145920] =>.Microsoft Corporation [MD5.1EEAA5A62E8C49DDF58798F06F78BFFA] - 25/07/2012 - (.Microsoft Corporation - Minirdr SMB do Windows NT.) -- C:\Windows\System32\drivers\MRxSmb.sys [368128] =>.Microsoft Corporation [MD5.7CEC25C682D319D484630B3952C31A11] - 25/07/2012 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [331776] =>.Microsoft Corporation [MD5.4A7EEA9C4AD5CBFDA3C0E5B821C99CAD] - 26/07/2012 - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\Windows\System32\drivers\ntfs.sys [1934064] =>.Microsoft Windows® [MD5.4563DAF8C6A740AD7F501E219BD10766] - 25/07/2012 - (.Microsoft Corporation - Driver de porta paralela.) -- C:\Windows\System32\drivers\Parport.sys [105984] =>.Microsoft Corporation [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - 25/07/2012 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [124928] =>.Microsoft Corporation [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - 25/07/2012 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [179712] =>.Microsoft Corporation [MD5.73DC722CE5DF26D7638CE2446F2655C7] - 26/07/2012 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation [MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - 26/07/2012 - (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\Windows\System32\drivers\volsnap.sys [332016] =>.Microsoft Windows® ---\\ Serviços NT não Microsoft e não desativados (17) - 11s O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe =>.LogMeIn, Inc.® O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel® Upgrade Service® O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation® O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation® O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe =>.LogMeIn, Inc.® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation® O23 - Service: Net.Tcp Service Handler (NetTcpHandler) . (...) - C:\Users\Cicero Batista\AppData\Roaming\NetService\netservice.exe {505CDEFA26884B6D712577F00193E63A} =>PUP.Optional.NetService O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: (SkypeUpdateEx) . (.skype.cog.cc - SkypeUpdateEx.) - C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe {4AABE7C4E55AE3765929658935834CFD} O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation® O23 - Service: Update Oasis Space (Update Oasis Space) . (...) - C:\Program Files (x86)\Oasis Space\updateOasisSpace.exe (.not file.) =>PUP.Optional.OasisSpace O23 - Service: @oem2.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\system32\viakaraokesrv.exe =>.VIA Technologies, Inc. O23 - Service: Windows Net Proxy Auto Service (WinNetSvc) . (...) - C:\Users\Cicero Batista\AppData\Roaming\WinNetSvc\WinNetSvc.exe {578AB47B3AEE2FCBC71D1522E3641E97} O23 - Service: Windows Media Player Network Access Service (WMPNetworkAcSvc) . (...) - C:\Users\Cicero Batista\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe =>.Beijing Gaojiao Xintu Technology Co.,Ltd® ---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (24) - 40s SS - Demand [24/08/2012] [ 276288] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation® SS - Demand [16/03/2016] [ 651720] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe =>.Macrovision Europe Ltd. SS - Auto [28/08/2015] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [28/08/2015] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [06/05/2016] [ 2552840] LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe =>.LogMeIn, Inc.® SR - Auto [20/04/2012] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel® Upgrade Service® SR - Auto [17/07/2012] [ 128896] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation® SR - Auto [17/07/2012] [ 165760] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation® SS - Auto [04/05/2014] [ 2152736] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® SR - Auto [06/05/2016] [ 419248] LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe =>.LogMeIn, Inc.® SR - Auto [17/07/2012] [ 276864] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation® SR - Auto [12/06/2015] [ 173848] Net.Tcp Service Handler (NetTcpHandler) . (...) - C:\Users\Cicero Batista\AppData\Roaming\NetService\netservice.exe {505CDEFA26884B6D712577F00193E63A} =>PUP.Optional.NetService SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [05/05/2016] [ 168376] (SkypeUpdateEx) . (.skype.cog.cc.) - C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe {4AABE7C4E55AE3765929658935834CFD} SS - Auto [31/05/2016] [ 1072296] SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. SS - Demand [29/04/2016] [ 835664] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® SS - Demand [19/02/2010] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated SR - Auto [17/07/2012] [ 364416] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation® SR - Auto [14/08/2012] [ 27792] @oem2.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\system32\viakaraokesrv.exe =>.VIA Technologies, Inc. SS - Demand [01/05/2014] [ 22016] wampapache (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe =>.Apache Software Foundation SS - Demand [01/05/2014] [10959360] wampmysqld (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe SR - Auto [16/12/2015] [ 4845408] Windows Net Proxy Auto Service (WinNetSvc) . (...) - C:\Users\Cicero Batista\AppData\Roaming\WinNetSvc\WinNetSvc.exe {578AB47B3AEE2FCBC71D1522E3641E97} SR - Auto [15/03/2016] [ 4984448] Windows Media Player Network Access Service (WMPNetworkAcSvc) . (...) - C:\Users\Cicero Batista\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe =>.Beijing Gaojiao Xintu Technology Co.,Ltd® ---\\ Tarefas planificadas automaticamente (33) - 12s [MD5.00000000000000000000000000000000] [APT] [Nome da tarefa] (...) -- Tarefa a ser executada (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.1315C5C5C54CE2AA37A155F97027DB59] [APT] [AdobeAAMUpdater-1.0-Cicero-Cicero Batista] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392] (.Activate.) =>.Adobe Systems Incorporated® [MD5.00000000000000000000000000000000] [APT] [Bidaily Synchronize Task[973b]] (...) -- c:\programdata\{391242d5-8297-0678-3912-242d58290b56}\minecraft.rar.exe (.not file.) [0] (.Activate.) =>PUP.Optional.BidailySync [MD5.00000000000000000000000000000000] [APT] [Cicero BatistaPeregrinateSmeltingV2] (...) -- rundll32.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [Format Factory] (...) -- C:\Users\CICERO~1\AppData\Local\Temp\is-J3APH.tmp\prsetup.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [Game_Booster_AutoUpdate] (...) -- C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.F012A9A910D0D37FAEDD6010D7F6F218] [APT] [HPCustParticipation HP Deskjet 1510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5422112] (.Activate.) =>.Hewlett Packard® [MD5.00000000000000000000000000000000] [APT] [PriceFountainUpdateVer] (...) -- C:\Users\CICERO~1\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE (.not file.) [0] (.Activate.) =>PUP.Optional.PriceFountain [MD5.7D5DABA82E4B4421CC6DB333F2E89EE4] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [8521384] (.Activate.) {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. [MD5.00000000000000000000000000000000] [APT] [{046ACAA9-B3AB-469A-AC58-1F76A8205DE7}] (...) -- C:\Users\Cicero Batista\Downloads\PointBlankSetup_20150611 (3).exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{13F7704E-C772-4213-8B64-C8661F69B070}] (...) -- C:\Users\Cicero Batista\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) [0] (.Activate.) =>PUP.Optional.StartSearch [MD5.F88FA64CB852E7D0233CC612E204FA79] [APT] [{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}] (...) -- C:\Users\Cicero Batista\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [1324008] (.Activate.) {3CD09515CC4DCE7B71D57D559E0AF51C} [MD5.00000000000000000000000000000000] [APT] [{61BF34EC-7D30-4D3E-B2B4-313DF9C084E5}] (...) -- C:\Users\Cicero Batista\Downloads\forge-1.7.10-10.13.4.1558-1.7.10-installer-win.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.3A924B200D86590D2C83214CEBFA9742] [APT] [{7F1A44BD-0D62-404A-904C-DC0F664C6D4E}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [859976] (.Activate.) =>.Google Inc® [MD5.00000000000000000000000000000000] [APT] [{F71B9D34-1A1E-4318-802D-52FE49566D97}] (...) -- C:\Users\Cicero Batista\AppData\Roaming\oursurfing\UninstallManager.exe (.not file.) [0] (.Activate.) =>PUP.Optional.OurSurfing [MD5.CD11D500328F07AE1666D046F94179E0] [APT] [AVAST Software] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [702056] (.Activate.) =>.AVAST Software a.s.® [MD5.E3238CA9101C670556B636C8F4FCE358] [APT] [Lenovo] (.Lenovo.) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184] (.Activate.) =>.LENOVO® O39 - APT: Bidaily Synchronize Task[973b] - (...) -- C:\Windows\Tasks\Bidaily Synchronize Task[973b].job [372] (.Orphean.) =>PUP.Optional.BidailySync O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1086] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1090] =>.Google Inc® O39 - APT: PriceFountainUpdateVer - (...) -- C:\Windows\Tasks\PriceFountainUpdateVer.job [330] (.Orphean.) =>PUP.Optional.PriceFountain O39 - APT: AdobeAAMUpdater-1.0-Cicero-Cicero Batista - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Cicero-Cicero Batista [3516] =>.Adobe Systems Incorporated® O39 - APT: Bidaily Synchronize Task[973b] - (...) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] [3276] (.Orphean.) =>PUP.Optional.BidailySync O39 - APT: Cicero BatistaPeregrinateSmeltingV2 - (...) -- C:\Windows\System32\Tasks\Cicero BatistaPeregrinateSmeltingV2 [3498] (.Orphean.) =>.Superfluous.Orphean O39 - APT: Format Factory - (...) -- C:\Windows\System32\Tasks\Format Factory [3366] (.Orphean.) =>.Superfluous.Orphean O39 - APT: Game_Booster_AutoUpdate - (...) -- C:\Windows\System32\Tasks\Game_Booster_AutoUpdate [3178] (.Orphean.) =>.Superfluous.Orphean O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3826] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4062] =>.Google Inc® O39 - APT: HPCustParticipation HP Deskjet 1510 series - (.Hewlett-Packard Co..) -- C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1510 series [3646] =>.Hewlett Packard® O39 - APT: PriceFountainUpdateVer - (...) -- C:\Windows\System32\Tasks\PriceFountainUpdateVer [2668] (.Orphean.) =>PUP.Optional.PriceFountain O39 - APT: SpyHunter4Startup - (.Enigma Software Group USA, LLC..) -- C:\Windows\System32\Tasks\SpyHunter4Startup [3358] {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. ---\\ Processos lançados (26) - 2s [MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.1468] =>.Intel® Upgrade Service® [MD5.3C4002D339491AF73D663FFC7F6E5ECB] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760] [PID.1524] =>.Intel Corporation® [MD5.58FA4A9CC1F6406B6B9FA57415989123] - (.LogMeIn, Inc. - LMIGuardianSvc.) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248] [PID.1608] =>.LogMeIn, Inc.® [MD5.CAAA94D6BE533E86DC47657F15AB0402] - (...) -- C:\Users\Cicero Batista\AppData\Roaming\NetService\netservice.exe [173848] [PID.1644] {505CDEFA26884B6D712577F00193E63A} =>PUP.Optional.NetService [MD5.89CB852B62A6CC8BAC80CBDE4450220D] - (.skype.cog.cc - SkypeUpdateEx.) -- C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [168376] [PID.1700] {4AABE7C4E55AE3765929658935834CFD} [MD5.C3DBB625AD2214CED2303E71E5B39BCA] - (.VIA Technologies, Inc. - Service binary.) -- C:\Windows\System32\viakaraokesrv.exe [27792] [PID.1896] =>.VIA Technologies Inc.® [MD5.0D8AA8DFC2F9B4EC005948B37B1EE7DB] - (...) -- C:\Users\Cicero Batista\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408] [PID.2004] {578AB47B3AEE2FCBC71D1522E3641E97} [MD5.359E2BA296737A247B2D7FF9B3AD987D] - (...) -- C:\Users\Cicero Batista\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [4984448] [PID.1252] =>.Beijing Gaojiao Xintu Technology Co.,Ltd® [MD5.C0702639ADE5C6D9CD27FD604146A6D4] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2552840] [PID.2204] =>.LogMeIn, Inc.® [MD5.30E9FAC23E2537D82F2836CB81AEE186] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896] [PID.1984] =>.Intel Corporation® [MD5.4269D44BB47A6DA5D80B11F4C8536458] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [276864] [PID.3424] =>.Intel Corporation® [MD5.DBE2E6388379D5CC78099650541E9566] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [364416] [PID.3548] =>.Intel Corporation® [MD5.1D520DD9F756BF14B1252BD029758849] - (.Baidu, Inc. - CheckUpdate.) -- C:\Users\Cicero Batista\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe [263448] [PID.4912] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.BCBB35E6310A517543AE6A464A5F5A5A] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [170304] [PID.5020] =>.Intel Corporation® [MD5.DFCD1B8BCB3369BB4233362B3CE4181D] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [398656] [PID.4740] =>.Intel Corporation® [MD5.BB26684BB57DB5C229D5FFFDB4DDBAD5] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [441152] [PID.3552] =>.Intel Corporation® [MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Cicero Batista\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3944] =>.Microsoft Corporation® [MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2672] =>.Hewlett-Packard Company® [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.1068] =>.Google Inc® [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4560] =>.Google Inc® [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.2684] =>.Google Inc® [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4964] =>.Google Inc® [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4396] =>.Google Inc® [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.2276] =>.Google Inc® [MD5.AD25BA039A4EA22521370C76F3C35F18] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Cicero Batista\Downloads\ZHPDiag3.exe [2212352] [PID.2748] =>.Nicolas Coolman [MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.884] =>.Google Inc® ---\\ Google Chrome, Arranque,Pesquisa,Extensões (10) - 1s G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Docs G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__ =>.AdblocPlus Plugin G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gfodceobamlojldlopjbldlkpoadbckd] Meu Torrent ++ G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [nnjkiegoeoejaaaalgmcjikecmhfddpj] Baixar CDs Grátis G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (1) - 1s P2 - FPN: [HKLM] [@microsoft.com/Lync,version=15.0] - (.Microsoft.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll =>.Microsoft ---\\ Internet Explorer, Arranque, Pesquisa, Phishing (8) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/ =>PUP.Optional.IMBooster R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/ =>PUP.Optional.IMBooster R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/ =>PUP.Optional.IMBooster R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=top8844&uid=wd-wcc2ev819898_wdcwd5000aakx-00u6aa0&tm=1450364729 R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Gestão do Proxy (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Redireção do ficheiro Hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (27) ---\\ Browser Helper Objects do navegador (6) - 0s O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Orphean) O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL =>.Microsoft Corporation® O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean) ---\\ Aplicações iniciadas por registo & pastas (17) - 1s O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe =>.VIA Technologies Inc.® O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation® O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation® O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation® O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated® O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Cicero Batista\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - HKCU\..\Run: [AdobeBridge] (Orphean) O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Cicero Batista\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKCU\..\Run: [SmartRAM] C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe =>.VIA Technologies Inc.® O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Company® O4 - HKUS\S-1-5-21-3639917159-2842605812-3518661766-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Cicero Batista\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-3639917159-2842605812-3518661766-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - HKUS\S-1-5-21-3639917159-2842605812-3518661766-1001\..\Run: [AdobeBridge] (Orphean) O4 - HKUS\S-1-5-21-3639917159-2842605812-3518661766-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Cicero Batista\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKUS\S-1-5-21-3639917159-2842605812-3518661766-1001\..\Run: [SmartRAM] C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe (.not file.) ---\\ Atalhos globais Startup (43) - 15s O4 - GS\Desktop [Administrador]: CINEMA 4D 64 Bit.exe - Atalho.lnk . (.MAXON Computer GmbH - .) C:\Program Files (x86)\Cinema 4D R14 Portable ZikaMerMoO\CINEMA 4D 64 Bit.exe =>.MAXON Computer GmbH O4 - GS\Desktop [Administrador]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Desktop [Administrador]: SpyHunter.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Cicero Batista\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Administrador]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrador]: Chromium.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Startup [Administrador]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Startup [Administrador]: Game Assistant.lnk . (...) C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe O4 - GS\Desktop [Cicero Batista]: CINEMA 4D 64 Bit.exe - Atalho.lnk . (.MAXON Computer GmbH - .) C:\Program Files (x86)\Cinema 4D R14 Portable ZikaMerMoO\CINEMA 4D 64 Bit.exe =>.MAXON Computer GmbH O4 - GS\Desktop [Cicero Batista]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Desktop [Cicero Batista]: SpyHunter.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. O4 - GS\Desktop [Cicero Batista]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Cicero Batista\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Cicero Batista]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Cicero Batista]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Cicero Batista]: Chromium.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Startup [Cicero Batista]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Startup [Cicero Batista]: Game Assistant.lnk . (...) C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe O4 - GS\Desktop [Convidado]: CINEMA 4D 64 Bit.exe - Atalho.lnk . (.MAXON Computer GmbH - .) C:\Program Files (x86)\Cinema 4D R14 Portable ZikaMerMoO\CINEMA 4D 64 Bit.exe =>.MAXON Computer GmbH O4 - GS\Desktop [Convidado]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Desktop [Convidado]: SpyHunter.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. O4 - GS\Desktop [Convidado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Cicero Batista\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Convidado]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Convidado]: Chromium.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Startup [Convidado]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Startup [Convidado]: Game Assistant.lnk . (...) C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe O4 - GS\Desktop [gabriel]: CINEMA 4D 64 Bit.exe - Atalho.lnk . (.MAXON Computer GmbH - .) C:\Program Files (x86)\Cinema 4D R14 Portable ZikaMerMoO\CINEMA 4D 64 Bit.exe =>.MAXON Computer GmbH O4 - GS\Desktop [gabriel]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Desktop [gabriel]: SpyHunter.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe {1C6A8D41C04792FBEEDF142C7A79B1CA} =>.Enigma Software Group USA, LLC. O4 - GS\Desktop [gabriel]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Cicero Batista\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [gabriel]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [gabriel]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [gabriel]: Chromium.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Startup [gabriel]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Startup [gabriel]: Game Assistant.lnk . (...) C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe O4 - GS\CommonDesktop [Public]: Battle.net.lnk . (.Blizzard Entertainment - Battle.net Launcher.) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.® O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\CommonDesktop [Public]: Unity 5.0.0f4 (64-bit).lnk . (.Unity Technologies ApS - Unity Editor.) C:\Program Files\Unity\Editor\Unity.exe =>.Unity Technologies SF® O4 - GS\CommonDesktop [Public]: ZBrush 4R7 64-bit.lnk . (.Pixologic, Inc. - ZBrush Executable.) C:\Program Files (x86)\Pixologic\ZBrush 4R7\ZBrush64.exe =>.Pixologic Inc® O4 - GS\CommonDesktop [Public]: ZBrush 4R7.lnk . (.Pixologic, Inc. - ZBrush Executable.) C:\Program Files (x86)\Pixologic\ZBrush 4R7\ZBrush.exe =>.Pixologic Inc® O4 - GS\Programs [Public]: Curse.lnk . (.Curse, Inc - Curse.) C:\Users\Cicero Batista\AppData\Roaming\Curse Client\Bin\Curse.exe =>.Curse, Inc.® O4 - GS\Programs [Public]: Xamarin Studio.lnk . (...) C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Installer\{52F6B397-899C-4A37-9ADC-2E379BA32626}\XamarinStudio.exe ---\\ Alteração Dominio/Clientes DNS (1) - 0s O17 - HKLM\System\CCS\Services\Tcpip\..\{C9E1367D-11FB-477A-BAB9-4D9EC51658A9}: DhcpNameServer = 192.168.0.1 ---\\ Protocolo adicional (23) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation® O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software instalados (113) - 64s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Professional CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BD5669B5-49FF-4490-B956-E9D7CB9B0ADC} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated O42 - Logiciel: Arquivo do WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Audacity 2.0.3 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 =>.Audacity Team O42 - Logiciel: Bandisoft MPEG-1 Decoder - (.Bandisoft.com.) [HKLM][64Bits] -- BandiMPEG1 =>.Bandisoft.com O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Blend for Visual Studio SDK for .NET 4.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {37E53780-3944-4A6A-842F-727128E8616E} =>.Microsoft Corporation O42 - Logiciel: bnains version 1.0 - (...) [HKLM][64Bits] -- {305B36CF-E7A6-4ACC-9207-9BE09314259C}_is1 O42 - Logiciel: bnains version 1.0 - (...) [HKLM][64Bits] -- {B552B283-6EBC-457E-8187-01682C83F26C}_is1 O42 - Logiciel: Brawlhalla - (.Blue Mammoth Games.) [HKLM][64Bits] -- Steam App 291550 =>.Valve® O42 - Logiciel: Curse - (.Curse.) [HKLM][64Bits] -- {A20BFF62-AE3C-42BD-9C52-841CAB96BC49} =>.Curse O42 - Logiciel: Estudo de aprimoramento de produto para HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {4F985052-FE19-4E21-9333-D847BCD06C0E} =>.Hewlett-Packard Co. O42 - Logiciel: Fraps (remove only) - (...) [HKLM][64Bits] -- Fraps O42 - Logiciel: Ghostscript GPL 8.64 (Msi Setup) - (.Corel Corporation.) [HKLM][64Bits] -- _{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} =>.Corel Corporation® O42 - Logiciel: Ghostscript GPL 8.64 (Msi Setup) - (.Corel Corporation.) [HKLM][64Bits] -- {06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} =>.Corel Corporation O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect O42 - Logiciel: Gtk# for .Net 2.12.26 - (.Xamarin, Inc..) [HKLM][64Bits] -- {BC25B808-A11C-4C9F-9C0A-6682E47AAB83} =>.Xamarin, Inc. O42 - Logiciel: HP Deskjet 1510 series Ajuda - (.Hewlett Packard.) [HKLM][64Bits] -- {6DFDA448-D4A1-49DB-9217-1501D24861F5} =>.Hewlett Packard O42 - Logiciel: HP Deskjet 1510 series Software básico do dispositivo - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {649F7314-489F-4E1D-877B-EAE9CB34D7AA} =>.Hewlett-Packard Co. O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5} =>.Hewlett-Packard O42 - Logiciel: IIS 10.0 Express - (.Microsoft Corporation.) [HKLM][64Bits] -- {7A28A2B0-458B-4A58-84AC-C90D2D4B79FB} =>.Microsoft Corporation O42 - Logiciel: IIS Express Application Compatibility Database for x64 - (...) [HKLM][64Bits] -- {08274920-8908-45c2-9258-8ad67ff77b09}.sdb O42 - Logiciel: IIS Express Application Compatibility Database for x86 - (...) [HKLM][64Bits] -- {ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb O42 - Logiciel: Intel(R) C++ Redistributables for Windows* on Intel(R) 64 - (.Intel Corporation.) [HKLM][64Bits] -- {D2437C5C-2D8C-40D2-8059-689AD7239FA3} =>.Intel Corporation O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {A6C48A9F-694A-4234-B3AA-62590B668927} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation® O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.Intel Corporation® O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} =>.Intel Corporation O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} =>.Intel Corporation O42 - Logiciel: Java 7 Update 80 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417080FF} =>.Oracle O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] -- {BA231EA1-6EC5-45B7-BEEE-71EE36CC9651} =>.LogMeIn, Inc. O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] -- LogMeIn Hamachi =>.LogMeIn, Inc. O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Blend for Visual Studio 2015 - (.Microsoft Corporation.) [HKLM][64Bits] -- {18073ADD-8C90-3AB7-8B87-BD3B10F3232B} =>.Microsoft Corporation O42 - Logiciel: Microsoft Blend for Visual Studio 2015 - ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {0000C224-8949-3AFE-A2D5-BE392DD04546} =>.Microsoft Corporation O42 - Logiciel: Microsoft Build Tools 14.0 (amd64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {7F017105-282F-4091-B16A-F8B8A69B0325} =>.Microsoft Corporation O42 - Logiciel: Microsoft Build Tools 14.0 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] -- {DF27D91D-516E-4DA1-92AC-7D7D59B2D99E} =>.Microsoft Corporation O42 - Logiciel: Microsoft Build Tools Language Resources 14.0 (amd64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {388D7468-1CCA-40C8-9F08-4C20E972E922} =>.Microsoft Corporation O42 - Logiciel: Microsoft Build Tools Language Resources 14.0 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CBE7F62C-646C-46C3-9AB4-A3F71E5A68CC} =>.Microsoft Corporation O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Portable Library Multi-Targeting Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {1634C655-2398-35C0-89BE-291449A72F88} =>.Microsoft Corporation O42 - Logiciel: Microsoft Portable Library Multi-Targeting Pack Language Pack - enu - (.Microsoft Corporation.) [HKLM][64Bits] -- {C0626FD4-C98A-33C9-97A8-5FF35AC92F34} =>.Microsoft Corporation O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Web Deploy 3.6 - (.Microsoft Corporation.) [HKLM][64Bits] -- {94E1227C-08A9-4962-B388-1F05D89AEA75} =>.Microsoft Corporation O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {80E64FDE-029B-11E2-A955-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {B8D84F70-0296-11E2-8DF5-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D10D0851-CCC6-11E3-9ED2-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: Multi-Device Hybrid Apps using C# - Templates - ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {12D99739-FFD3-3761-8AA6-F929E0FE407E} =>.Microsoft Corporation O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} =>.NVIDIA Corporation O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated O42 - Logiciel: Platform - (.VIA Technologies, Inc..) [HKLM][64Bits] -- {20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc. O42 - Logiciel: Pokémon Trading Card Game Online - (.The Pokémon Company International.) [HKLM][64Bits] -- {59BA693A-B503-4523-B30F-2A4BEFD97B52} =>.The Pokémon Company International O42 - Logiciel: Prerequisites for SSDT - (.Microsoft Corporation.) [HKLM][64Bits] -- {21373064-AD95-48DB-A32E-0D9E08EF7355} =>.Microsoft Corporation O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: Remote Desktop Access (VuuPC) - (.CMI Limited.) [HKLM][64Bits] -- VOPackage =>PUP.Optional.Downware O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC} O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 7.24 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A. O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter {1C6A8D41C04792FBEEDF142C7A79B1CA} O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve® O42 - Logiciel: Unity - (.Unity Technologies ApS.) [HKLM][64Bits] -- Unity =>.Unity Technologies SF® O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS O42 - Logiciel: Update for (KB2504637) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637 =>.Microsoft Corporation O42 - Logiciel: Vegas Pro 13.0 (64-bit) - (.Sony.) [HKLM][64Bits] -- {D0360940-CCC6-11E3-B9C6-F04DA23A5C58} =>.Sony O42 - Logiciel: VIA Gerenciador de dispositivo de plataforma - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc. O42 - Logiciel: Visual C++ Compiler/Tools X86 Base Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {99C9FABF-C085-38C9-B2DA-7E4943471D31} =>.Microsoft Corporation O42 - Logiciel: Visual C++ Compiler/Tools X86 Base Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5E71A84-9BAB-3A96-A5F8-62AD16E09E56} =>.Microsoft Corporation O42 - Logiciel: Visual C++ Compiler/Tools X86 Base Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {56FCBA2A-90E5-3D4B-8254-67684E869852} =>.Microsoft Corporation O42 - Logiciel: Visual C++ Compiler/Tools X86 Base Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {803CBFA1-EF27-3E84-8A7D-6109392623A4} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Base Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {ECC8F805-E519-3314-8C79-DC6CAC3E64DC} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Base Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {2B0558EA-15B0-3F0F-9F3A-5BAB288CD8C1} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Base Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {E6D09370-D4B1-3421-A0F6-45DF6999EBED} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Common Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {E57E4E87-61B6-3FDC-A4D3-BAE317678B74} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Common Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {78768181-0C6B-3703-9228-C8D5B12B4D68} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Core Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {AB3903D7-8CC4-3708-9558-93F68CED88C5} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Core Professional Plus Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {D84B1C7A-7C28-3133-AA25-2D36763182AD} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Debugger Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {5A870F8C-02A8-3F36-9D62-99BCFE8D77AF} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Debugger Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {C26829A1-4763-3A23-9522-5B9F16221712} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE Professional Core Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {3101E866-DD09-3926-8929-C6B580B951C5} =>.Microsoft Corporation O42 - Logiciel: Visual C++ IDE x64 Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {3E62C619-F43D-396C-B266-FA472CFE0B4B} =>.Microsoft Corporation O42 - Logiciel: Visual C++ Library PGO X86 Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {2E6C63B5-A075-3591-96CA-F7FEA8226482} =>.Microsoft Corporation O42 - Logiciel: Visual C++ MSBuild ARM Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {030702BF-6F52-356B-A223-F9CA15B465DA} =>.Microsoft Corporation O42 - Logiciel: Visual C++ MSBuild Base Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {A563F0A7-CF99-37E6-A917-CD6A2509F79C} =>.Microsoft Corporation O42 - Logiciel: Visual C++ MSBuild Base Resource Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {6BDAD106-13C8-3EA8-9683-1DD6E89C8179} =>.Microsoft Corporation O42 - Logiciel: Visual C++ MSBuild X64 Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {2AA9034E-6735-30BD-92A4-A18791D1616F} =>.Microsoft Corporation O42 - Logiciel: Visual C++ MSBuild X86 Package - (.Microsoft Corporation.) [HKLM][64Bits] -- {ADB88179-BECB-3FA3-AB20-9362E8A2626C} =>.Microsoft Corporation O42 - Logiciel: Visual Studio 2015 Prerequisites - (.Microsoft Corporation.) [HKLM][64Bits] -- {DF32E41C-24AD-4A87-B43A-B38553B1806E} =>.Microsoft Corporation O42 - Logiciel: Visual Studio 2015 Prerequisites - ENU Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {83B181F2-20B8-4F00-8E71-C66E951A8D4F} =>.Microsoft Corporation O42 - Logiciel: WampServer 2.5 - (.Hervé Leclerc (HeL).) [HKLM][64Bits] -- WampServer 2_is1 =>.Hervé Leclerc (HeL) O42 - Logiciel: Windows Phone SDK 8.0 Assemblies for Visual Studio 2015 - (.Microsoft Corporation.) [HKLM][64Bits] -- {44474AE7-7770-3676-AC63-C9DDD15011FF} =>.Microsoft Corporation O42 - Logiciel: Xamarin Studio 5.0.1 - (.Xamarin.) [HKLM][64Bits] -- {52F6B397-899C-4A37-9ADC-2E379BA32626} O42 - Logiciel: ZBrush 4R7 - (.Pixologic.) [HKLM][64Bits] -- ZBrush 4R7 4R7 =>.Pixologic ---\\ HKCU & HKLM Software Keys (196) - 65s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\Ahead HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Audible HKLM\SOFTWARE\Wow6432Node\BandiMPEG1 HKLM\SOFTWARE\Wow6432Node\BANDISOFT HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment HKLM\SOFTWARE\Wow6432Node\CDDB HKLM\SOFTWARE\Wow6432Node\Corel HKLM\SOFTWARE\Wow6432Node\EasyAntiCheat HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes HKLM\SOFTWARE\Wow6432Node\Engine001 HKLM\SOFTWARE\Wow6432Node\FLEXlm License Manager HKLM\SOFTWARE\Wow6432Node\Fraps HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\GPL Ghostscript HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\IObit HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KnightOnlineUS HKLM\SOFTWARE\Wow6432Node\Lavasoft HKLM\SOFTWARE\Wow6432Node\Lenovo HKLM\SOFTWARE\Wow6432Node\LogMeIn Hamachi HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Macrovision HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\NetTcpHandler =>PUP.Optional.NetService HKLM\SOFTWARE\Wow6432Node\NtSvcHandler =>PUP.Optional.NetService HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware =>PUP.Optional.OurSurfing HKLM\SOFTWARE\Wow6432Node\Overwolf HKLM\SOFTWARE\Wow6432Node\Pixologic HKLM\SOFTWARE\Wow6432Node\PowerPivot HKLM\SOFTWARE\Wow6432Node\raidcall HKLM\SOFTWARE\Wow6432Node\Razer HKLM\SOFTWARE\Wow6432Node\re-logic HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Riot Games HKLM\SOFTWARE\Wow6432Node\Sakura =>PUP.Optional.GameGogle HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SkypeUpdateEx HKLM\SOFTWARE\Wow6432Node\SlySoft HKLM\SOFTWARE\Wow6432Node\Sony Creative Software HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect =>PUP.Optional.WpManager HKLM\SOFTWARE\Wow6432Node\TechSmith HKLM\SOFTWARE\Wow6432Node\Trolltech HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\Unwinder HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VIA Technologies, Inc HKLM\SOFTWARE\Wow6432Node\Visan HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WinNetSvc HKLM\SOFTWARE\Wow6432Node\WiseCleaner HKLM\SOFTWARE\Wow6432Node\WMPNetworkAcSvc HKLM\SOFTWARE\Wow6432Node\wtu HKLM\SOFTWARE\Wow6432Node\Xamarin HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp. HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo! HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\1e2891ef07b2b7b86b2568872920fb22 =>PUP.Optional.CrossRider HKCU\SOFTWARE\@_@ HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Ahead HKCU\SOFTWARE\AhnLab HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Audacity HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Avg Secure Update HKCU\SOFTWARE\Awesome Games Studio HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\Baidu Security HKCU\SOFTWARE\Baixaki HKCU\SOFTWARE\BandiMPEG1 HKCU\SOFTWARE\BANDISOFT HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Blizzard Entertainment HKCU\SOFTWARE\Caphyon HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Corel HKCU\SOFTWARE\csastats HKCU\SOFTWARE\Curse HKCU\SOFTWARE\DefaultCompany HKCU\SOFTWARE\DirectShow HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\Drivers HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\Dry Cactus HKCU\SOFTWARE\ej-technologies HKCU\SOFTWARE\Emulators HKCU\SOFTWARE\Eric Haines HKCU\SOFTWARE\EXE Games HKCU\SOFTWARE\FLEXlm License Manager HKCU\SOFTWARE\Format Factory HKCU\SOFTWARE\Fraps3 HKCU\SOFTWARE\Freejam HKCU\SOFTWARE\FreeReign HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\Gerador De Cash [Youtube] HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HEX Entertainment HKCU\SOFTWARE\HP HKCU\SOFTWARE\ICSW1.18 =>Adware.InstallCore HKCU\SOFTWARE\ilrQzVxYJS5d HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Install HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Lenovo HKCU\SOFTWARE\Logitech HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mail.Ru HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MC4D HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\Mirillis HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Mz Ultimate Tools HKCU\SOFTWARE\Ndemic Creations HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nexon HKCU\SOFTWARE\NLDT HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\PCSX2 HKCU\SOFTWARE\PlayfulCorp HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\ProgSense =>PUP.Optional.ProgSense HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\r9cxjgX HKCU\SOFTWARE\RAnwpmaBECLU HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\ROBLOX Corporation HKCU\SOFTWARE\SAMP HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SlySoft HKCU\SOFTWARE\Smartly Dressed Games HKCU\SOFTWARE\Solveig Multimedia HKCU\SOFTWARE\Sony Creative Software HKCU\SOFTWARE\Spiderling Games HKCU\SOFTWARE\Sven Co-op Team HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\System32 HKCU\SOFTWARE\SYSTEMAX Software Development HKCU\SOFTWARE\Tamarin Studios HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\Terraria HKCU\SOFTWARE\The Pokémon Company International HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\Unity HKCU\SOFTWARE\Unity Technologies HKCU\SOFTWARE\Unwinder HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VIA HKCU\SOFTWARE\Visan HKCU\SOFTWARE\vítima HKCU\SOFTWARE\WebApp =>.Superfluous.Downloader HKCU\SOFTWARE\Win HKCU\SOFTWARE\wincy HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\Xamarin HKCU\SOFTWARE\Xatoku Productions HKCU\SOFTWARE\XtremeRAT HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Unity ---\\ Conteúdo das pastas Programs (367) - 145s O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 04/03/2015 - [0] SHD -- C:\Program Files\Arquivos Comuns O43 - CFD: 25/05/2016 - [] D -- C:\Program Files\Cinema 4D R14 Portable ZikaMerMoO =>.MAXON Computer GmbH® O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 09/09/2015 - [0] D -- C:\Program Files\Easeware O43 - CFD: 31/05/2016 - [] D -- C:\Program Files\Enigma Software Group {1C6A8D41C04792FBEEDF142C7A79B1CA} O43 - CFD: 29/10/2015 - [] D -- C:\Program Files\HP =>.Hewlett Packard® O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\IIS {330000006388FE1E38F872BA27000000000063} O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\IIS Express =>.Microsoft Corporation® O43 - CFD: 18/05/2015 - [] D -- C:\Program Files\Intel =>.Intel® Upgrade Service® O43 - CFD: 11/09/2015 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 22/04/2016 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 03/09/2015 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico O43 - CFD: 05/03/2015 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 05/03/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 05/03/2015 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation® O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\Microsoft Visual Studio 12.0 O43 - CFD: 05/03/2015 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 12/04/2015 - [] D -- C:\Program Files\MSBuild O43 - CFD: 12/04/2015 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Sony O43 - CFD: 25/05/2016 - [0] D -- C:\Program Files\TeamSpeak 3 Client O43 - CFD: 26/07/2012 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\Unity O43 - CFD: 07/04/2015 - [] D -- C:\Program Files\VIA =>.VIA Technologies Inc.® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Windows® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 04/03/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 26/07/2012 - [] SHD -- C:\Program Files\Windows Sidebar O43 - CFD: 14/05/2016 - [] HD -- C:\Program Files\WindowsApps {6105495500000000000B} O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\001 =>Heuristic.Suspect O43 - CFD: 19/05/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 14/04/2016 - [0] D -- C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 09/01/2016 - [] D -- C:\Program Files (x86)\Audacity O43 - CFD: 31/12/2015 - [] D -- C:\Program Files (x86)\BandiMPEG1 O43 - CFD: 02/06/2016 - [] D -- C:\Program Files (x86)\Battle.net =>.Blizzard Entertainment, Inc.® O43 - CFD: 04/06/2016 - [] D -- C:\Program Files (x86)\bnains O43 - CFD: 25/05/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Disc Soft O43 - CFD: 31/12/2015 - [] D -- C:\Program Files (x86)\DsNET Corp =>.DS NET CORP SA DE CV® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\FormatFactory O43 - CFD: 05/03/2015 - [] D -- C:\Program Files (x86)\FreeTime O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\GG Maker O43 - CFD: 05/03/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\gs =>.Corel Corporation® O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\GtkSharp O43 - CFD: 01/06/2016 - [] D -- C:\Program Files (x86)\Hearthstone =>.Blizzard Entertainment, Inc.® O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\HP =>.Hewlett-Packard Company® O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\IIS {330000006388FE1E38F872BA27000000000063} O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\IIS Express =>.Microsoft Corporation® O43 - CFD: 25/02/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Realtek Semiconductor Corp® O43 - CFD: 09/09/2015 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 11/09/2015 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 15/04/2016 - [] D -- C:\Program Files (x86)\IObit =>.IObit Information Technology® O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Lenovo =>.LENOVO® O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\LogMeIn Hamachi =>.LogMeIn, Inc.® O43 - CFD: 05/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\Microsoft Help Viewer O43 - CFD: 05/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\Microsoft SDKs =>.Microsoft Corporation® O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 12.0 O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 14.0 =>.Microsoft Corporation® O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation® O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 15/05/2016 - [0] D -- C:\Program Files (x86)\Mirillis O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\MonoDevelop O43 - CFD: 08/02/2016 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation® O43 - CFD: 21/01/2016 - [] D -- C:\Program Files (x86)\MSI Afterburner O43 - CFD: 14/04/2016 - [] D -- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 27/11/2015 - [0] D -- C:\Program Files (x86)\Oasis Space =>PUP.Optional.OasisSpace O43 - CFD: 31/12/2015 - [] D -- C:\Program Files (x86)\OBS O43 - CFD: 27/06/2015 - [] D -- C:\Program Files (x86)\Opera O43 - CFD: 17/11/2015 - [] D -- C:\Program Files (x86)\oPryzeLP O43 - CFD: 25/05/2016 - [] D -- C:\Program Files (x86)\Pixologic O43 - CFD: 02/06/2015 - [] D -- C:\Program Files (x86)\PRiiceMinus =>PUP.Optional.PriceMinus O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\Real O43 - CFD: 25/02/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 12/04/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 21/01/2016 - [] D -- C:\Program Files (x86)\RivaTuner Statistics Server O43 - CFD: 28/01/2016 - [] D -- C:\Program Files (x86)\Rockstar Games O43 - CFD: 31/05/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\SkypeUpdateEx {4AABE7C4E55AE3765929658935834CFD} O43 - CFD: 29/10/2015 - [0] D -- C:\Program Files (x86)\SlySoft O43 - CFD: 01/01/2016 - [] D -- C:\Program Files (x86)\Sony O43 - CFD: 04/06/2016 - [] D -- C:\Program Files (x86)\Steam =>.Valve® O43 - CFD: 02/03/2016 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 16/03/2016 - [] D -- C:\Program Files (x86)\Toon Boom Animation O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\VIA =>.SRS Labs, Inc® O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\VIA HD Audio UAA Driver Setup Program =>.Microsoft Corporation® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\Windows Kits O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/07/2012 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 20/03/2015 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\Xamarin Studio O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 19/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net O43 - CFD: 31/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps O43 - CFD: 05/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 08/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 09/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 11/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi O43 - CFD: 26/07/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 05/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 O43 - CFD: 15/05/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy O43 - CFD: 25/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic O43 - CFD: 15/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall O43 - CFD: 20/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 01/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 09/02/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 23/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 26/07/2012 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.0f4 (64-bit) O43 - CFD: 07/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer O43 - CFD: 04/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 13/06/2015 - [] D -- C:\ProgramData\.mono O43 - CFD: 02/06/2015 - [] D -- C:\ProgramData\7457467069539217055 O43 - CFD: 20/05/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 05/03/2015 - [] D -- C:\ProgramData\Ahead O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 31/05/2016 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 20/03/2015 - [] D -- C:\ProgramData\AVG Security Toolbar O43 - CFD: 20/08/2015 - [] D -- C:\ProgramData\AVG2015 O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Battle.net O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Blizzard Entertainment O43 - CFD: 03/05/2016 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 05/03/2015 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Corel O43 - CFD: 04/03/2015 - [0] SHD -- C:\ProgramData\Dados de Aplicativos O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 11/06/2015 - [] D -- C:\ProgramData\DAEMON Tools Ultra O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 04/03/2015 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 16/03/2016 - [] D -- C:\ProgramData\FLEXnet O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\HP O43 - CFD: 12/05/2016 - [] D -- C:\ProgramData\Intel O43 - CFD: 15/04/2016 - [] D -- C:\ProgramData\IObit O43 - CFD: 02/06/2015 - [] D -- C:\ProgramData\laaahaoaokoabkgakcgdjcidmhpcbmfg O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\LogMeIn O43 - CFD: 16/03/2016 - [] D -- C:\ProgramData\Macrovision O43 - CFD: 26/06/2015 - [] D -- C:\ProgramData\McAfee O43 - CFD: 04/03/2015 - [0] SHD -- C:\ProgramData\Menu Iniciar O43 - CFD: 20/08/2015 - [] D -- C:\ProgramData\MFAData O43 - CFD: 31/05/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Microsoft DNX O43 - CFD: 05/03/2015 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Mirillis O43 - CFD: 04/03/2015 - [0] SHD -- C:\ProgramData\Modelos O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Nexon O43 - CFD: 04/03/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 04/03/2015 - [] D -- C:\ProgramData\PRICache O43 - CFD: 15/04/2016 - [0] D -- C:\ProgramData\ProductData O43 - CFD: 25/09/2015 - [] D -- C:\ProgramData\Razer O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Real O43 - CFD: 19/05/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 19/05/2016 - [] D -- C:\ProgramData\Riot Games O43 - CFD: 31/05/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 27/10/2015 - [] D -- C:\ProgramData\SlySoft O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Sony O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 11/06/2015 - [] D -- C:\ProgramData\Steam O43 - CFD: 08/04/2015 - [] D -- C:\ProgramData\SYSTEMAX Software Development O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 03/09/2015 - [] D -- C:\ProgramData\ToolsUpdatePlatform O43 - CFD: 30/04/2016 - [] D -- C:\ProgramData\UniqueId O43 - CFD: 25/05/2016 - [] D -- C:\ProgramData\Unity O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Visan O43 - CFD: 06/02/2016 - [] D -- C:\ProgramData\VsTelemetry O43 - CFD: 31/05/2016 - [] D -- C:\ProgramData\Windows Security O43 - CFD: 27/06/2015 - [] D -- C:\ProgramData\WindowsMangerProtect =>PUP.Optional.WpManager O43 - CFD: 04/06/2015 - [] D -- C:\ProgramData\{391242d5-8297-0678-3912-242d58290b56} O43 - CFD: 15/04/2016 - [0] D -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} O43 - CFD: 19/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 19/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Common Files\AV O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\Common Files\Designer O43 - CFD: 07/04/2015 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 16/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared O43 - CFD: 06/02/2016 - [0] D -- C:\Program Files (x86)\Common Files\Merge Modules O43 - CFD: 17/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 05/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 03/08/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\.atlauncher O43 - CFD: 26/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\.minecraft O43 - CFD: 13/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\.mono O43 - CFD: 09/07/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\03000200-1435364175-0500-0006-000700080009 O43 - CFD: 24/03/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\abgx360 O43 - CFD: 23/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Adobe O43 - CFD: 11/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Ahead O43 - CFD: 15/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Apple Computer O43 - CFD: 02/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Audacity O43 - CFD: 31/12/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\BANDISOFT O43 - CFD: 14/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Battle.net O43 - CFD: 07/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Blender Foundation O43 - CFD: 17/11/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Bowdoin College O43 - CFD: 23/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\BrawlhallaAir O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Code O43 - CFD: 08/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\com.adobe.ExMan O43 - CFD: 09/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\com.freakinware.mitosis O43 - CFD: 12/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\com.freakinware.wormis O43 - CFD: 04/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Corel O43 - CFD: 20/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Curse O43 - CFD: 22/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Curse Client O43 - CFD: 07/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Easeware O43 - CFD: 31/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Enigma Software Group O43 - CFD: 31/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\excdir O43 - CFD: 09/12/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Google O43 - CFD: 12/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\HpUpdate O43 - CFD: 25/11/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Identities O43 - CFD: 20/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\InstallShield O43 - CFD: 15/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\IObit O43 - CFD: 13/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\java O43 - CFD: 19/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\LolClient O43 - CFD: 04/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Macromedia O43 - CFD: 25/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\MAXON O43 - CFD: 17/05/2016 - [] SD -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft O43 - CFD: 25/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Mirillis O43 - CFD: 17/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\MMFApplications O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\MonoDevelop-Unity-4.0 O43 - CFD: 13/09/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\MotioninJoy O43 - CFD: 31/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Mozilla O43 - CFD: 20/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\MPC-HC O43 - CFD: 26/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\NetService =>PUP.Optional.NetService O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\NuGet O43 - CFD: 31/12/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\OBS O43 - CFD: 27/06/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Opera Software O43 - CFD: 07/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Orbit O43 - CFD: 11/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\PokemonTradingCardGameOnline O43 - CFD: 02/03/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\PriceFountainUpdateVer =>PUP.Optional.PriceFountain O43 - CFD: 15/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\ProductData O43 - CFD: 07/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\ProgSense =>PUP.Optional.ProgSense O43 - CFD: 12/04/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Publish Providers O43 - CFD: 23/07/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\raidcall O43 - CFD: 09/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Real O43 - CFD: 11/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\RHEng =>.Superfluous.Conduit O43 - CFD: 23/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Riot Games O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\RunDir =>PUP.Optional.NetService O43 - CFD: 06/02/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\RunTime001 O43 - CFD: 14/05/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\sc O43 - CFD: 02/06/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\SendSpace O43 - CFD: 15/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\shortCutStore O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Skype O43 - CFD: 28/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\skyz O43 - CFD: 01/01/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Solveig Multimedia O43 - CFD: 01/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Sony O43 - CFD: 16/10/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Sony Creative Software Inc O43 - CFD: 14/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Steam O43 - CFD: 02/07/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\stetic O43 - CFD: 08/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Subversion O43 - CFD: 30/09/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Sun O43 - CFD: 21/03/2006 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\System32 O43 - CFD: 08/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\SYSTEMAX Software Development O43 - CFD: 01/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\TechSmith O43 - CFD: 17/03/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Toon Boom Animation O43 - CFD: 10/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Trine1 O43 - CFD: 28/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Trove O43 - CFD: 05/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\TuneUp Software O43 - CFD: 18/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Unity O43 - CFD: 26/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\uTorrent O43 - CFD: 26/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\VOPackage =>PUP.Optional.Downware O43 - CFD: 15/05/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\WarThunder O43 - CFD: 26/06/2015 - [0] RSHD -- C:\Users\Cicero Batista\AppData\Roaming\Windows O43 - CFD: 02/07/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Wings3D O43 - CFD: 17/12/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\WinNetSvc O43 - CFD: 15/04/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Wise Care 365 O43 - CFD: 14/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\WizardWars O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\WMPNetworkAcSvc O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\XamarinStudio-5.0 O43 - CFD: 05/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Zbshareware Lab O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\ZHP O43 - CFD: 26/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F} O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Adobe O43 - CFD: 05/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Ahead O43 - CFD: 02/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Battle.net O43 - CFD: 14/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Blizzard O43 - CFD: 14/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Blizzard Entertainment O43 - CFD: 03/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\BlueStacks O43 - CFD: 23/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\CEF O43 - CFD: 09/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\CrashDumps O43 - CFD: 25/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 26/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\CSO O43 - CFD: 04/03/2015 - [0] SHD -- C:\Users\Cicero Batista\AppData\Local\Dados de Aplicativos O43 - CFD: 15/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Daring_Development_Inc O43 - CFD: 31/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Diagnostics O43 - CFD: 11/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Disc_Soft_Ltd O43 - CFD: 26/05/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Local\ElevatedDiagnostics O43 - CFD: 02/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\firewithfire_official_overhaul_beta O43 - CFD: 25/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\FreeReign O43 - CFD: 02/08/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Gerador_de_Cash_PBBR O43 - CFD: 30/07/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Google O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\gtk-2.0 O43 - CFD: 04/03/2015 - [0] SHD -- C:\Users\Cicero Batista\AppData\Local\Histórico O43 - CFD: 29/10/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\HP O43 - CFD: 13/06/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Lenovo O43 - CFD: 22/10/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\LogMeIn O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\LogMeIn Hamachi O43 - CFD: 03/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Macromedia O43 - CFD: 01/02/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Local\Mail.Ru O43 - CFD: 07/09/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Mega Limited O43 - CFD: 05/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\MFAData O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Microsoft O43 - CFD: 05/03/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Local\Microsoft Help O43 - CFD: 31/05/2016 - [] DC -- C:\Users\Cicero Batista\AppData\Local\MigWiz O43 - CFD: 31/12/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Mirillis O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\MonoDevelop-Unity-4.0 O43 - CFD: 08/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\MonoDevelop-Unity-5.0 O43 - CFD: 31/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Mozilla O43 - CFD: 03/10/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Ndemic Creations O43 - CFD: 27/06/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Local\Opera Software O43 - CFD: 16/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Packages O43 - CFD: 21/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\PointBlank O43 - CFD: 04/03/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Programs O43 - CFD: 09/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Real O43 - CFD: 01/04/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Roblox O43 - CFD: 20/04/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Local\Skype O43 - CFD: 13/10/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\Sony O43 - CFD: 23/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Steam O43 - CFD: 04/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\TechSmith O43 - CFD: 04/06/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Temp O43 - CFD: 04/03/2015 - [0] SHD -- C:\Users\Cicero Batista\AppData\Local\Temporary Internet Files O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\Unity O43 - CFD: 08/04/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\VirtualStore O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\VSIXInstaller O43 - CFD: 17/05/2016 - [] D -- C:\Users\Cicero Batista\AppData\Local\XamarinStudio-5.0 O43 - CFD: 20/10/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\YSearchUtil O43 - CFD: 04/08/2015 - [] D -- C:\Users\Cicero Batista\AppData\Local\{C4FAF2A6-E052-9E1E-8DCA-BBF6A9A2476E} O43 - CFD: 04/03/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Local\Programs\Common O43 - CFD: 26/07/2012 - [] RD -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - [] RD -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 25/11/2015 - [] RD -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 05/02/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG Maker O43 - CFD: 26/07/2012 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 28/01/2016 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer O43 - CFD: 20/05/2016 - [] RD -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 25/01/2016 - [] D -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 26/07/2012 - [] RD -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 04/09/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>PUP.Optional.Downware O43 - CFD: 04/03/2015 - [0] D -- C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 05/03/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft O43 - CFD: 0 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Packages ---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 1s O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® ---\\ Lista dos drivers do sistema (47) - 18s O58 - SDL:2012/07/26 02:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [106736] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [492272] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [340720] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [184048] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [76016] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [258288] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26352] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [104688] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [108272] =>.Microsoft Windows® O58 - SDL:2016/02/01 21:17:14 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\aswTap.sys [44640] =>.AVAST Software a.s.® O58 - SDL:2012/07/26 02:00:49 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [539376] =>.Microsoft Windows® O58 - SDL:2016/01/28 16:58:50 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtlitescsibus.sys [30352] =>.Disc Soft Ltd® O58 - SDL:2015/06/11 18:05:12 A . (.Disc Soft Ltd - DAEMON Tools Ultra Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtultrascsibus.sys [30264] =>.Disc Soft Ltd® O58 - SDL:2015/06/11 18:05:17 A . (.Disc Soft Ltd - DAEMON Tools Ultra Virtual USB Bus Driver.) -- C:\Windows\System32\drivers\dtultrausbbus.sys [47160] =>.Disc Soft Ltd® O58 - SDL:2016/05/31 17:11:08 A . (...) -- C:\Windows\System32\drivers\EsgScanner.sys [22704] =>.Enigma Software Group USA, LLC® O58 - SDL:2012/07/26 02:00:52 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3295984] =>.Microsoft Windows® O58 - SDL:2016/05/04 13:35:10 AH . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\Windows\System32\drivers\Hamdrv.sys [45680] =>.Microsoft Windows Hardware Compatibility Publisher® O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation® O58 - SDL:2012/07/26 02:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64752] =>.Microsoft Windows® O58 - SDL:2012/07/09 13:43:12 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [645952] =>.Intel Corporation® O58 - SDL:2012/07/26 02:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [411888] =>.Microsoft Windows® O58 - SDL:2012/08/23 05:07:42 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [9000256] =>.Intel Corporation O58 - SDL:2012/07/26 02:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [45296] =>.Microsoft Windows® O58 - SDL:2012/06/18 20:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528] =>.Intel(R) Corporation O58 - SDL:2012/07/26 02:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108784] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [92400] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [116976] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [81136] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51952] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [353008] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [64240] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [52464] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150256] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168176] =>.Microsoft Windows® O58 - SDL:2012/07/30 13:04:12 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [690832] =>.Realtek Semiconductor Corp® O58 - SDL:2012/07/26 05:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2012/07/26 02:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44784] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81648] =>.Microsoft Windows® O58 - SDL:2015/12/08 03:00:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [122160] =>.DEVGURU CO LTD® O58 - SDL:2016/04/25 00:35:58 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [221824] =>.Samsung Electronics CO., LTD.® O58 - SDL:2012/07/26 02:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [30960] =>.Microsoft Windows® O58 - SDL:2012/08/14 18:03:34 A . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\viahduaa.sys [2206352] =>.VIA Technologies Inc.® O58 - SDL:2012/07/26 02:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19184] =>.Microsoft Windows® O58 - SDL:2009/07/31 11:40:34 A . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\Windows\System32\drivers\VMfilt64.sys [25600] =>.Creative Technology Ltd. O58 - SDL:2012/07/26 02:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [164080] =>.Microsoft Windows® O58 - SDL:2012/07/26 02:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [322800] =>.Microsoft Windows® O58 - SDL:2015/11/25 11:32:38 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{3017beda-3a20-4072-bf32-afc5993ff422}Gw64.sys [48744] =>PUP.Optional.LinkiDoo ---\\ Últimos ficheiros alterados ou criados (Utilizador) (3) - 94s O61 - LFC: 2016/06/02 16:18:16 A . (..) -- C:\Users\Cicero Batista\Desktop\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.133\deploy\riotlauncher.dll [1440768] O61 - LFC: 2016/06/02 16:18:16 A . (..) -- C:\Users\Cicero Batista\Desktop\League of Legends\RADS\projects\lol_game_client\releases\0.0.1.74\deploy\riotlauncher.dll [1440768] O61 - LFC: 2016/05/31 14:30:30 A . (..) -- C:\Users\Cicero Batista\AppData\Roaming\excdir\bnin.exe [671080] {656CF9AA808463BE052C4831A4711D41} ---\\ Associações Shell Spawning (9) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de inicialização Internet (4) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.123rede.com?oem=mbtkv5&uid=WD-WCC2EV819898_WDCWD5000AAKX-00U6AA0&tm=1435364141 O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. ---\\ Pesquisa de infeção nos navegadores da Internet (6) - 9s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://www.globasearch.com/ =>PUP.Optional.IMBooster O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {5CA75DB5-FAEC-454F-B1FC-78CDC4298978} - (Yahoo) - http://br.search.yahoo.com/ =>.Yahoo Search O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com/ =>PUP.Optional.MyWebSearch O69 - SBI: SearchScopes [HKCU] {C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Yahoo!) - http://br.search.yahoo.com/ =>.Yahoo Search O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.globasearch.com/ =>PUP.Optional.IMBooster ---\\ Listagem dos serviços iniciados pelo Svchost (35) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [190976] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [149504] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [149504] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [309248] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1366016] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1071104] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [99840] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [358400] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [107520] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\sens.dll [62976] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [438784] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [305664] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3286528] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\Windows\System32\qmgr.dll [826368] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [565760] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [894464] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [151552] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [105472] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1282560] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [219648] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [291328] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84992] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [190464] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1968128] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [47104] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\Windows\System32\ncasvc.dll [161792] =>.Microsoft Corporation O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Agente de Eventos do Sistema.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [178176] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [187392] =>.Microsoft Corporation ---\\ Lista das exceções do FireWall (FirewallRules) (49) - 18s O87 - FAEL: "{C1D4F735-763A-490B-A125-3DB0565786CA}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\TEG2H39.exe =>HackTool.KMSpico O87 - FAEL: "{458A5FDC-3CF1-44A9-A046-68E32EB50915}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\TEG2H39.exe =>HackTool.KMSpico O87 - FAEL: "{ABB3F0C8-39F3-4278-8C47-853BD3464012}" [In-None-P6-TRUE] .(...) -- C:\ongame\Pointblank\PointBlank.exe (.not file.) O87 - FAEL: "{F90BC7A6-BBB8-4463-BD0D-EFDB1CDC0826}" [In-None-P17-TRUE] .(...) -- C:\ongame\Pointblank\PointBlank.exe (.not file.) O87 - FAEL: "TCP Query User{A0F3DA47-E52C-42E4-B8D1-CC71AE2A00FC}C:\users\cicero batista\desktop\pokémon generation\pokémon generations ver. 1.9 xatoku production\pokegen.exe" [In-None-P6-TRUE] .(...) -- C:\users\cicero batista\desktop\pokémon generation\pokémon generations ver. 1.9 xatoku production\pokegen.exe (.not file.) O87 - FAEL: "UDP Query User{A1138E24-7063-4871-827A-A6757B6248AB}C:\users\cicero batista\desktop\pokémon generation\pokémon generations ver. 1.9 xatoku production\pokegen.exe" [In-None-P17-TRUE] .(...) -- C:\users\cicero batista\desktop\pokémon generation\pokémon generations ver. 1.9 xatoku production\pokegen.exe (.not file.) O87 - FAEL: "{65AF81D0-C4CC-4287-81D0-54FDDEA629FA}" [In-None-P17-TRUE] .(...) -- C:\users\cicero batista\desktop\pokémon generation\pokémon generations ver. 1.9 xatoku production\pokegen.exe (.not file.) O87 - FAEL: "{0FB115F4-652A-4E4B-89D4-C831FCC20AD4}" [In-None-P6-TRUE] .(...) -- C:\users\cicero batista\desktop\pokémon generation\pokémon generations ver. 1.9 xatoku production\pokegen.exe (.not file.) O87 - FAEL: "{5C58ACEC-5614-436D-8D2E-E11B8B6EDD3C}" [In-None-P6-TRUE] .(...) -- C:\ongame\Pointblank\PointBlank.exe (.not file.) O87 - FAEL: "{D1E02D2B-DF51-41DA-9FC9-AE3C6408F258}" [In-None-P17-TRUE] .(...) -- C:\ongame\Pointblank\PointBlank.exe (.not file.) O87 - FAEL: "{8F8DE545-83DA-433E-ACD9-EC046A709A9E}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe =>.Steam SteamApps Games O87 - FAEL: "{578F8C89-2628-4DBE-9994-74D5E714DBEF}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{6DAA049E-9EA6-49DF-BD5E-8664DF10B752}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{8A509200-A6F2-4330-A302-392967891208}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{7E630CF2-A25A-49D3-A7DA-CE16E7B45AB2}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{602F73A9-32A5-4F93-99AF-02F5CB9CB207}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{03A1CA1E-9F60-4360-9009-1A0164F12C48}" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{5525927B-F5BB-4B67-A1F2-AC4D4A3745E8}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{07F8CBCA-A02C-4021-844A-6087DC05EE59}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{1BF655DE-5660-4CE6-830E-78BC92768055}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{3DCFD9FE-8005-4E41-8D00-705DB9CD166A}C:\users\cicero batista\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe" [In-None-P6-TRUE] .(...) -- C:\users\cicero batista\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "UDP Query User{568EAE72-96E8-4791-BD49-39C1EFAD09D1}C:\users\cicero batista\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe" [In-None-P17-TRUE] .(...) -- C:\users\cicero batista\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "{2449D353-C8F5-44F7-B2B9-4D886A15FC97}" [In-None-P17-TRUE] .(...) -- C:\users\cicero batista\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "{7260AF06-58E6-4A76-B060-35FBF1A5347F}" [In-None-P6-TRUE] .(...) -- C:\users\cicero batista\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "TCP Query User{0EAB42A6-D276-4BF8-B705-EA4A524A9AB6}C:\users\cicero batista\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe" [In-None-P6-TRUE] .(...) -- C:\users\cicero batista\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe (.not file.) O87 - FAEL: "UDP Query User{3F49AA4F-F6A2-4531-82D2-32C2EA8BD4AF}C:\users\cicero batista\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe" [In-None-P17-TRUE] .(...) -- C:\users\cicero batista\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe (.not file.) O87 - FAEL: "TCP Query User{76319EFF-932A-43F9-ACA7-816A99B00688}C:\program files\unity\monodevelop\bin\monodevelop.exe" [In-None-P6-TRUE] .(.(c) 2004 MonoDevelop Team and Mike Krueger 2000-2003 - MonoDevelop.) -- C:\program files\unity\monodevelop\bin\monodevelop.exe O87 - FAEL: "UDP Query User{F10B764E-745B-4656-9487-F39270C793C7}C:\program files\unity\monodevelop\bin\monodevelop.exe" [In-None-P17-TRUE] .(.(c) 2004 MonoDevelop Team and Mike Krueger 2000-2003 - MonoDevelop.) -- C:\program files\unity\monodevelop\bin\monodevelop.exe O87 - FAEL: "{82F05D84-B790-4BBA-8F19-B2CBBD820193}" [In-None-P17-TRUE] .(.(c) 2004 MonoDevelop Team and Mike Krueger 2000-2003 - MonoDevelop.) -- C:\program files\unity\monodevelop\bin\monodevelop.exe O87 - FAEL: "{D139A08B-6AC8-4452-BEA8-819C088485AB}" [In-None-P6-TRUE] .(.(c) 2004 MonoDevelop Team and Mike Krueger 2000-2003 - MonoDevelop.) -- C:\program files\unity\monodevelop\bin\monodevelop.exe O87 - FAEL: "TCP Query User{7BFBB2E5-E045-4CA3-8981-5FEFCA1F0B2B}C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{23ECACF4-F701-4C1F-B1F4-8DF704809D20}C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{D79CBCDD-713E-4FCA-BCD8-6123D8F11253}" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{205928CC-EC57-4426-B047-9AC851CDD26F}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{3B57811B-B7B9-47E3-AFB9-9BC13065BE42}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (.not file.) O87 - FAEL: "{D2E6323F-6116-4F6D-A148-28A338D3DBD9}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\FormatFactory\FormatFactory.exe (.not file.) O87 - FAEL: "{C35ED11F-F3C3-464A-8CF2-B3B9554B67D8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\FormatFactory\FormatFactory.exe (.not file.) O87 - FAEL: "{EFFF81AC-706C-433A-8EBD-40A69FA6F65B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (.not file.) O87 - FAEL: "{99DF24D2-ADB9-4C8F-AD08-F3077AADDE03}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{739E2AA0-2461-4748-BB54-A852CA5F7F2D}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{D33ED35F-A7DE-4321-94AE-704D610BD252}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{88CEFE59-0384-4718-8110-8A3FC3B0F5EB}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{FDCA34D5-0FA0-49DE-B084-BF0A47B53D92}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{2631ABB5-FBD2-4571-AA60-247D414C9FEA}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{16D7B09D-3E1D-468D-8569-3D4E306E314A}C:\program files (x86)\steam\steamapps\common\metal assault\_mas.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\metal assault\_mas.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{0A6EAD4C-8481-47EC-BB40-42AD15EE1772}C:\program files (x86)\steam\steamapps\common\metal assault\_mas.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\metal assault\_mas.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{26AD03DF-FF0D-45F0-ADD8-C11980565292}" [In-None-P6-TRUE] .(...) -- C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe (.not file.) O87 - FAEL: "{0F03F229-31C3-4A23-BFA6-FB297990632D}" [Out-None-P6-TRUE] .(...) -- C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe (.not file.) O87 - FAEL: "{E16EB209-88A4-4D6F-95EF-348CEB53647B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.) ---\\ Claves Tracing (8) - 12s HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteFence HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteFence HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torch Levers Mod Installer 1_RASAPI32 =>.Superfluous.Torch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torch Levers Mod Installer 1_RASMANCS =>.Superfluous.Torch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateOasisSpace_RASAPI32 =>PUP.Optional.OasisSpace HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateOasisSpace_RASMANCS =>PUP.Optional.OasisSpace HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilOasisSpace_RASAPI32 =>PUP.Optional.OasisSpace HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilOasisSpace_RASMANCS =>PUP.Optional.OasisSpace ---\\ Scâner Aditional (51) - 0s HKLM\SYSTEM\CurrentControlSet\Services\NetTcpHandler =>PUP.Optional.NetService C:\Users\Cicero Batista\AppData\Roaming\NetService\netservice.exe =>PUP.Optional.NetService C:\Program Files (x86)\Oasis Space =>PUP.Optional.OasisSpace HKLM\SYSTEM\CurrentControlSet\Services\Update Oasis Space =>PUP.Optional.OasisSpace C:\Windows\Tasks\Bidaily Synchronize Task[973b].job =>PUP.Optional.BidailySync C:\Windows\Tasks\PriceFountainUpdateVer.job =>PUP.Optional.PriceFountain C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] =>PUP.Optional.BidailySync C:\Windows\System32\Tasks\PriceFountainUpdateVer =>PUP.Optional.PriceFountain HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage =>PUP.Optional.Downware HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage =>PUP.Optional.Downware HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\NetTcpHandler =>PUP.Optional.NetService HKLM\SOFTWARE\Wow6432Node\NtSvcHandler =>PUP.Optional.NetService HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware =>PUP.Optional.OurSurfing HKLM\SOFTWARE\Wow6432Node\Sakura =>PUP.Optional.GameGogle HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect =>PUP.Optional.WpManager HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\1e2891ef07b2b7b86b2568872920fb22 =>PUP.Optional.CrossRider HKCU\SOFTWARE\ICSW1.18 =>Adware.InstallCore HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\ProgSense =>PUP.Optional.ProgSense HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\WebApp =>.Superfluous.Downloader C:\Program Files\KMSpico =>HackTool.KMSpico C:\Program Files (x86)\001 =>Heuristic.Suspect C:\Program Files (x86)\PRiiceMinus =>PUP.Optional.PriceMinus C:\ProgramData\WindowsMangerProtect =>PUP.Optional.WpManager C:\Users\Cicero Batista\AppData\Roaming\NetService =>PUP.Optional.NetService C:\Users\Cicero Batista\AppData\Roaming\PriceFountainUpdateVer =>PUP.Optional.PriceFountain C:\Users\Cicero Batista\AppData\Roaming\ProgSense =>PUP.Optional.ProgSense C:\Users\Cicero Batista\AppData\Roaming\RHEng =>.Superfluous.Conduit C:\Users\Cicero Batista\AppData\Roaming\RunDir =>PUP.Optional.NetService C:\Users\Cicero Batista\AppData\Roaming\VOPackage =>PUP.Optional.Downware C:\Users\Cicero Batista\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\Users\Cicero Batista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>PUP.Optional.Downware HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} =>PUP.Optional.IMBooster HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} =>PUP.Optional.MyWebSearch HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} =>PUP.Optional.IMBooster C:\Program Files\KMSpico\TEG2H39.exe =>HackTool.KMSpico HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteFence HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteFence HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torch Levers Mod Installer 1_RASAPI32 =>.Superfluous.Torch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torch Levers Mod Installer 1_RASMANCS =>.Superfluous.Torch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateOasisSpace_RASAPI32 =>PUP.Optional.OasisSpace HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateOasisSpace_RASMANCS =>PUP.Optional.OasisSpace HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilOasisSpace_RASAPI32 =>PUP.Optional.OasisSpace HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilOasisSpace_RASMANCS =>PUP.Optional.OasisSpace ---\\ Resumo dos elementos encontrados na sua estação de trabalho (25) - 0s http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.NetService http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OasisSpace http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BidailySync http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PriceFountain http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OurSurfing http://www.nicolascoolman.fr/?p=224 =>PUP.Optional.IMBooster http://www.nicolascoolman.fr/?p=401 =>PUP.Optional.Downware http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DesktopPlay https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.GameGogle http://www.nicolascoolman.fr/?p=173 =>PUP.Optional.WpManager http://www.nicolascoolman.fr/?p=122 =>PUP.Optional.AgenceExclusive https://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider https://www.nicolascoolman.info/2016/04/22/adware-installcore/ =>Adware.InstallCore http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.ProgSense http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PriceMinus http://www.nicolascoolman.fr/?p=210 =>.Superfluous.Conduit http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports http://www.nicolascoolman.fr/?p=62 =>PUP.Optional.LinkiDoo http://www.nicolascoolman.fr/?p=220 =>PUP.Optional.MyWebSearch https://www.nicolascoolman.info/2016/04/29/superfluous-bytefence/ =>.Superfluous.ByteFence http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Torch ~ End of the scan, 47313 items in 00h11mn37s (1226)(0)