ÿþOTL logfile created on: 24/12/2016 12:38:06 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eu\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 15,95 Gb Total Physical Memory | 12,18 Gb Available Physical Memory | 76,36% Memory free 18,32 Gb Paging File | 13,87 Gb Available in Paging File | 75,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,01 Gb Total Space | 3,24 Gb Free Space | 2,92% Space Free | Partition Type: NTFS Drive D: | 443,23 Gb Total Space | 16,62 Gb Free Space | 3,75% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 7,25 Gb Free Space | 0,78% Space Free | Partition Type: NTFS Drive F: | 487,94 Gb Total Space | 12,98 Gb Free Space | 2,66% Space Free | Partition Type: NTFS Drive G: | 890,32 Gb Total Space | 106,55 Gb Free Space | 11,97% Space Free | Partition Type: NTFS Drive I: | 34,62 Gb Total Space | 0,78 Gb Free Space | 2,24% Space Free | Partition Type: NTFS Computer Name: COMP | User Name: Eu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found -- PRC - [2016/12/24 12:36:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eu\Downloads\OTL.exe PRC - [2016/12/19 23:25:40 | 002,186,528 | ---- | M] (Valve Corporation) -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe PRC - [2016/12/19 23:25:40 | 001,467,168 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2016/12/19 23:25:38 | 002,876,704 | ---- | M] (Valve Corporation) -- G:\Program Files (x86)\Steam\Steam.exe PRC - [2016/12/14 21:26:47 | 001,517,280 | ---- | M] (Microsoft Corporation) -- C:\Users\Eu\AppData\Local\Microsoft\OneDrive\OneDrive.exe PRC - [2016/12/08 04:29:38 | 000,935,768 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2016/12/07 18:41:09 | 002,180,624 | ---- | M] (Electronic Arts) -- G:\Program Files (x86)\Origin\OriginWebHelperService.exe PRC - [2016/10/20 10:35:48 | 000,036,496 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Wondershare\Dr.Fone para Android\BackupRemind.exe PRC - [2016/09/09 03:01:12 | 011,412,144 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe PRC - [2016/08/25 09:21:21 | 007,534,864 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe PRC - [2016/06/20 14:49:06 | 002,131,344 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe PRC - [2016/02/15 11:19:52 | 000,359,424 | ---- | M] (GEARMAGE, LLC) -- C:\Program Files (x86)\GearMage\Mail Attachment Downloader v3.1\MailAttachmentDownloader.exe PRC - [2016/01/08 05:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- C:\Arquivos de Programas\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe PRC - [2013/05/03 02:19:14 | 002,248,704 | ---- | M] () -- C:\Program Files (x86)\CMS\CMS.exe PRC - [2011/06/23 07:19:53 | 001,275,192 | ---- | M] (Jetico, Inc.) -- C:\Program Files (x86)\Jetico\BestCrypt\BCWipeTM.exe PRC - [2011/03/28 08:26:14 | 000,095,544 | ---- | M] (Jetico, Inc.) -- C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe PRC - [2011/02/17 02:24:44 | 000,200,704 | ---- | M] (Jetico, Inc.) -- C:\PROGRA~2\Jetico\BESTCR~1\BCResident.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2016/12/19 23:25:44 | 002,322,720 | ---- | M] () -- G:\Program Files (x86)\Steam\video.dll MOD - [2016/12/19 23:25:40 | 000,838,944 | ---- | M] () -- G:\Program Files (x86)\Steam\bin\chromehtml.dll MOD - [2016/12/19 23:25:38 | 000,388,384 | ---- | M] () -- G:\Program Files (x86)\Steam\Steam.dll MOD - [2016/12/14 21:26:47 | 001,244,376 | ---- | M] () -- C:\Users\Eu\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll MOD - [2016/12/08 12:13:58 | 000,656,160 | ---- | M] () -- G:\Program Files (x86)\Steam\SDL2.dll MOD - [2016/12/08 04:29:44 | 001,829,208 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll MOD - [2016/12/08 04:29:43 | 000,085,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll MOD - [2016/12/05 13:21:16 | 067,304,736 | ---- | M] () -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll MOD - [2016/10/26 01:04:44 | 000,258,064 | ---- | M] () -- C:\Windows\SysWOW64\GameManager32.dll MOD - [2016/09/09 03:22:34 | 004,730,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SLocales.dll MOD - [2016/09/09 03:19:48 | 000,853,680 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SCommon.dll MOD - [2016/09/09 03:17:08 | 002,661,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\NativeSideSyncFramework.dll MOD - [2016/09/09 03:01:12 | 011,412,144 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe MOD - [2016/08/31 22:02:12 | 004,969,248 | ---- | M] () -- G:\Program Files (x86)\Steam\v8.dll MOD - [2016/08/31 22:02:06 | 001,563,936 | ---- | M] () -- G:\Program Files (x86)\Steam\icui18n.dll MOD - [2016/08/31 22:02:06 | 001,195,296 | ---- | M] () -- G:\Program Files (x86)\Steam\icuuc.dll MOD - [2016/07/04 19:17:58 | 000,266,560 | ---- | M] () -- G:\Program Files (x86)\Steam\openvr_api.dll MOD - [2016/06/20 14:48:20 | 001,506,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll MOD - [2016/05/04 06:15:40 | 001,289,216 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\cairo.dll MOD - [2016/05/04 06:15:40 | 000,230,529 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\libpng14-14.dll MOD - [2016/05/04 06:15:40 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\zlib1.dll MOD - [2016/05/04 06:15:40 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\ThoughtWorks.QRCode.dll MOD - [2016/01/27 04:49:46 | 002,549,760 | ---- | M] () -- G:\Program Files (x86)\Steam\libavcodec-56.dll MOD - [2016/01/27 04:49:46 | 000,491,008 | ---- | M] () -- G:\Program Files (x86)\Steam\libavformat-56.dll MOD - [2016/01/27 04:49:46 | 000,485,888 | ---- | M] () -- G:\Program Files (x86)\Steam\libswscale-3.dll MOD - [2016/01/27 04:49:46 | 000,442,880 | ---- | M] () -- G:\Program Files (x86)\Steam\libavutil-54.dll MOD - [2016/01/27 04:49:46 | 000,332,800 | ---- | M] () -- G:\Program Files (x86)\Steam\libavresample-2.dll MOD - [2015/09/24 20:52:04 | 000,119,208 | ---- | M] () -- G:\Program Files (x86)\Steam\winh264.dll MOD - [2014/05/19 17:19:02 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll MOD - [2013/05/03 02:19:14 | 002,248,704 | ---- | M] () -- C:\Program Files (x86)\CMS\CMS.exe MOD - [2013/05/03 02:15:01 | 001,355,776 | ---- | M] () -- C:\Program Files (x86)\CMS\ConfigModule.dll MOD - [2013/05/03 02:14:18 | 000,446,464 | ---- | M] () -- C:\Program Files (x86)\CMS\LocalRecord.dll MOD - [2013/05/03 02:11:39 | 000,643,072 | ---- | M] () -- C:\Program Files (x86)\CMS\PlayBack.dll MOD - [2013/05/02 04:47:50 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\CMS\NetSDK.dll MOD - [2013/04/27 00:36:39 | 000,311,360 | ---- | M] () -- C:\Program Files (x86)\CMS\H264Play.dll MOD - [2013/04/27 00:36:39 | 000,027,136 | ---- | M] () -- C:\Program Files (x86)\CMS\DllDeinterlace.dll MOD - [2013/03/14 23:12:11 | 000,643,072 | ---- | M] () -- C:\PROGRA~2\CMS\MapCtrl.ocx MOD - [2013/01/08 07:34:06 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\CMS\HookOperate.dll MOD - [2012/12/16 22:47:21 | 000,626,753 | ---- | M] () -- C:\Program Files (x86)\CMS\HH5PlayerSDK.dll MOD - [2012/12/16 22:47:21 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\CMS\HHNetClient.dll MOD - [2012/12/16 22:47:21 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\CMS\HHReadWriterSDK.dll MOD - [2012/12/10 05:01:57 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\CMS\Password.dll MOD - [2012/03/16 23:32:47 | 000,055,808 | ---- | M] () -- C:\PROGRA~2\Player\WNDMAN~1.OCX MOD - [2011/08/03 22:28:18 | 000,864,347 | ---- | M] () -- C:\Program Files (x86)\CMS\HCNetSDK.dll MOD - [2011/08/03 22:28:16 | 001,101,917 | ---- | M] () -- C:\Program Files (x86)\CMS\PlayCtrl.dll MOD - [2011/08/03 22:28:16 | 000,151,607 | ---- | M] () -- C:\Program Files (x86)\CMS\hpr.dll MOD - [2011/01/31 04:19:17 | 000,070,968 | ---- | M] () -- C:\PROGRA~2\Jetico\BESTCR~1\dismount.dll MOD - [2010/12/28 05:15:24 | 000,466,944 | ---- | M] () -- C:\Program Files (x86)\CMS\dhplay.dll MOD - [2010/12/28 02:45:30 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\CMS\dhnetsdk.dll MOD - [2010/12/28 02:41:12 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\CMS\dhdvr.dll MOD - [2010/12/22 06:04:26 | 000,339,968 | ---- | M] () -- c:\program files (x86)\cms\dllh264.dll MOD - [2010/07/20 00:18:20 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\CMS\AmrDll.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2016/12/09 07:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:[b]64bit:[/b] - [2016/12/09 06:24:21 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2016/11/11 06:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:[b]64bit:[/b] - [2016/11/11 06:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc) SRV:[b]64bit:[/b] - [2016/11/11 06:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:[b]64bit:[/b] - [2016/11/11 06:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:[b]64bit:[/b] - [2016/11/11 06:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:[b]64bit:[/b] - [2016/11/11 06:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2016/11/11 06:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2016/11/11 06:11:57 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2016/11/11 06:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:[b]64bit:[/b] - [2016/11/11 06:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:[b]64bit:[/b] - [2016/11/11 06:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2016/11/11 06:04:03 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:[b]64bit:[/b] - [2016/11/02 07:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc) SRV:[b]64bit:[/b] - [2016/11/02 07:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer) SRV:[b]64bit:[/b] - [2016/11/02 07:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:[b]64bit:[/b] - [2016/11/02 07:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2016/11/01 23:05:26 | 000,373,744 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0) SRV:[b]64bit:[/b] - [2016/10/26 01:04:40 | 000,305,168 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2016/10/15 00:42:44 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:[b]64bit:[/b] - [2016/10/15 00:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:[b]64bit:[/b] - [2016/10/05 06:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:[b]64bit:[/b] - [2016/09/15 14:29:55 | 000,823,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient) SRV:[b]64bit:[/b] - [2016/09/15 13:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc) SRV:[b]64bit:[/b] - [2016/09/15 13:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:[b]64bit:[/b] - [2016/09/15 13:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2016/09/15 13:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2016/09/15 13:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2016/09/15 13:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:[b]64bit:[/b] - [2016/09/15 13:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:[b]64bit:[/b] - [2016/09/07 01:59:55 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:[b]64bit:[/b] - [2016/09/07 01:55:30 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:[b]64bit:[/b] - [2016/09/07 01:40:44 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:[b]64bit:[/b] - [2016/08/20 02:17:48 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:[b]64bit:[/b] - [2016/08/06 00:36:20 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2016/08/06 00:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2016/07/16 20:15:50 | 001,227,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService) SRV:[b]64bit:[/b] - [2016/07/16 20:15:42 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2016/07/16 08:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2016/07/16 08:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:[b]64bit:[/b] - [2016/07/16 08:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2016/07/16 08:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2016/07/16 08:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_58782) SRV:[b]64bit:[/b] - [2016/07/16 08:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2016/07/16 08:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2016/07/16 08:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:[b]64bit:[/b] - [2016/07/16 08:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:[b]64bit:[/b] - [2016/07/16 08:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2016/07/16 08:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:[b]64bit:[/b] - [2016/07/16 08:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:[b]64bit:[/b] - [2016/07/16 08:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:[b]64bit:[/b] - [2016/07/16 08:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:[b]64bit:[/b] - [2016/07/16 08:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:[b]64bit:[/b] - [2016/07/16 08:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:[b]64bit:[/b] - [2016/07/16 08:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost) SRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV - [2016/12/19 23:25:40 | 001,467,168 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2016/12/16 21:12:53 | 000,198,088 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2016/12/09 05:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2016/12/07 18:41:09 | 002,180,624 | ---- | M] (Electronic Arts) [Auto | Running] -- G:\Program Files (x86)\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service) SRV - [2016/12/07 18:41:09 | 002,119,688 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- G:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service) SRV - [2016/11/24 13:02:26 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Windows\KMS-R@1n.exe -- (KMS-R@1n) SRV - [2016/11/11 04:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2016/11/11 04:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2016/11/01 23:05:26 | 000,301,552 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2016/10/20 10:36:00 | 000,115,856 | ---- | M] (Wondershare) [On_Demand | Stopped] -- C:\Program Files (x86)\Wondershare\Dr.Fone para Android\DriverInstall.exe -- (WsDrvInst) SRV - [2016/10/10 09:51:48 | 000,437,392 | ---- | M] (Wondershare) [Auto | Running] -- C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe -- (WsAppService) SRV - [2016/09/16 15:38:00 | 000,155,016 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe -- (AdaptiveSleepService) SRV - [2016/08/25 09:21:21 | 007,534,864 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer) SRV - [2016/08/06 00:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2016/07/16 08:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2016/03/29 00:03:50 | 000,137,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service) SRV - [2016/03/22 22:22:16 | 000,056,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Arquivos de Programas (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe -- (VSStandardCollectorService140) SRV - [2016/02/27 19:26:48 | 000,131,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2016/01/08 05:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Arquivos de Programas\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service) SRV - [2014/08/05 22:04:22 | 001,441,792 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Everything\Everything.exe -- (Everything) SRV - [2014/04/30 16:33:52 | 000,337,776 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Arquivos de Programas\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64) SRV - [2013/07/18 16:39:40 | 000,762,192 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011/03/28 08:26:14 | 000,095,544 | ---- | M] (Jetico, Inc.) [Auto | Running] -- C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe -- (BCWipeSvc) SRV - [2008/07/10 09:31:06 | 057,820,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER) SRV - [2008/07/10 09:31:00 | 000,430,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE -- (SQLSERVERAGENT) SRV - [2008/07/10 09:31:00 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100) SRV - [2008/07/10 04:40:50 | 000,214,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe -- (MsDtsServer100) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2016/12/09 07:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2016/11/27 19:20:31 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2016/11/11 07:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2016/11/11 06:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:[b]64bit:[/b] - [2016/11/02 07:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate) DRV:[b]64bit:[/b] - [2016/11/01 23:05:26 | 007,966,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2016/10/26 01:04:48 | 026,568,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2016/10/26 01:04:40 | 000,536,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2016/10/15 01:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2016/10/15 01:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2016/10/15 00:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2016/10/05 07:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2016/10/05 07:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i) DRV:[b]64bit:[/b] - [2016/09/15 14:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2016/09/15 14:29:52 | 000,127,328 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm) DRV:[b]64bit:[/b] - [2016/09/15 14:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2016/09/15 14:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2016/09/15 14:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs) DRV:[b]64bit:[/b] - [2016/09/15 13:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:[b]64bit:[/b] - [2016/09/10 10:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:[b]64bit:[/b] - [2016/09/07 02:29:32 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2016/09/05 05:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2016/09/05 05:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2016/08/20 03:06:57 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2016/08/20 02:20:50 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:[b]64bit:[/b] - [2016/08/06 01:16:50 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice) DRV:[b]64bit:[/b] - [2016/07/16 20:16:02 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2016/07/16 20:15:55 | 000,179,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt) DRV:[b]64bit:[/b] - [2016/07/16 20:15:50 | 000,040,288 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver) DRV:[b]64bit:[/b] - [2016/07/16 20:15:42 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2016/07/16 20:15:39 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2016/07/16 20:15:37 | 000,157,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr) DRV:[b]64bit:[/b] - [2016/07/16 20:15:37 | 000,141,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs) DRV:[b]64bit:[/b] - [2016/07/16 08:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2016/07/16 08:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2016/07/16 08:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2016/07/16 08:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr) DRV:[b]64bit:[/b] - [2016/07/16 08:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:[b]64bit:[/b] - [2016/07/16 08:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:[b]64bit:[/b] - [2016/07/16 08:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2016/07/16 08:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:[b]64bit:[/b] - [2016/07/16 08:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:[b]64bit:[/b] - [2016/07/16 08:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2016/07/16 08:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:[b]64bit:[/b] - [2016/07/16 08:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg) DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid) DRV:[b]64bit:[/b] - [2016/05/12 05:32:26 | 000,481,768 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2016/04/10 17:57:49 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus) DRV:[b]64bit:[/b] - [2016/04/10 17:57:45 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus) DRV:[b]64bit:[/b] - [2016/03/28 01:37:10 | 003,495,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\glavcam.sys -- (glavcam) DRV:[b]64bit:[/b] - [2015/10/07 15:55:08 | 002,241,848 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2015/07/21 20:42:04 | 000,102,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2015/06/17 17:04:24 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2015/06/03 10:35:36 | 000,031,992 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd) DRV:[b]64bit:[/b] - [2015/02/17 13:40:24 | 000,073,856 | ---- | M] (Identiv) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64) DRV:[b]64bit:[/b] - [2014/05/08 18:52:14 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetbus64.sys -- (AndnetBus) DRV:[b]64bit:[/b] - [2014/03/28 15:25:16 | 000,028,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetgps64.sys -- (AndNetGps) DRV:[b]64bit:[/b] - [2014/03/28 15:25:14 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag264.sys -- (AndNetDiag2) DRV:[b]64bit:[/b] - [2014/01/22 08:52:10 | 000,036,608 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudcdf.sys -- (ssudcdf) DRV:[b]64bit:[/b] - [2014/01/12 06:05:46 | 000,086,016 | ---- | M] (Nuvoton Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvserial.sys -- (Serial) DRV:[b]64bit:[/b] - [2014/01/12 06:05:46 | 000,023,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvserenum.sys -- (Serenum) DRV:[b]64bit:[/b] - [2013/10/11 14:03:00 | 000,083,224 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2013/07/30 04:54:39 | 000,080,064 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bcbus.sys -- (bcbus) DRV:[b]64bit:[/b] - [2013/06/04 11:37:50 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:[b]64bit:[/b] - [2013/06/04 11:37:50 | 000,029,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv) DRV:[b]64bit:[/b] - [2013/04/30 05:25:00 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2013/04/24 10:15:28 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:[b]64bit:[/b] - [2013/04/24 10:15:28 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64gps.sys -- (UsbGps) DRV:[b]64bit:[/b] - [2013/04/24 10:15:26 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:[b]64bit:[/b] - [2013/01/23 11:57:32 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2013/01/23 11:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2012/05/02 15:39:34 | 000,345,720 | ---- | M] (GetData Pty Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MIPFSv5.sys -- (MIPFSv5) DRV:[b]64bit:[/b] - [2012/04/27 11:56:46 | 000,065,144 | ---- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPDISKv564.sys -- (MIPDISKv564) DRV:[b]64bit:[/b] - [2012/03/20 08:59:42 | 000,197,752 | ---- | M] (GetData Pty Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MIPDISKPNPv5.sys -- (MIPDISKPNPv5) DRV:[b]64bit:[/b] - [2012/03/02 09:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag) DRV:[b]64bit:[/b] - [2012/03/02 09:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps) DRV:[b]64bit:[/b] - [2012/03/02 09:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus) DRV:[b]64bit:[/b] - [2011/05/13 07:02:51 | 000,058,432 | ---- | M] (Jetico, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\fsh.sys -- (fsh) DRV:[b]64bit:[/b] - [2011/01/24 10:38:21 | 000,187,456 | ---- | M] (Jetico, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\bcfnt.sys -- (bcfnt) DRV:[b]64bit:[/b] - [2010/07/17 01:02:40 | 000,013,376 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\moh.sys -- (moh) DRV:[b]64bit:[/b] - [2010/07/17 01:02:18 | 000,017,472 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mhk.sys -- (mhk) DRV:[b]64bit:[/b] - [2010/05/18 01:05:47 | 000,033,856 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_des.sys -- (BC_DES) DRV:[b]64bit:[/b] - [2010/05/18 01:01:40 | 000,034,368 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_3des.sys -- (BC_3DES) DRV:[b]64bit:[/b] - [2010/03/12 18:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl) DRV:[b]64bit:[/b] - [2010/03/05 20:41:05 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews) DRV:[b]64bit:[/b] - [2009/12/22 10:56:50 | 000,034,368 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_tfish.sys -- (BC_TFISH) DRV:[b]64bit:[/b] - [2009/12/22 10:56:42 | 000,036,928 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_serp.sys -- (BC_SERP) DRV:[b]64bit:[/b] - [2009/12/22 10:56:33 | 000,051,264 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_rijn.sys -- (BC_RIJN) DRV:[b]64bit:[/b] - [2009/12/22 10:56:24 | 000,030,272 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_rc6.sys -- (BC_RC6) DRV:[b]64bit:[/b] - [2009/12/22 10:56:16 | 000,027,712 | ---- | M] (Iarsn) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_idea.sys -- (BC_IDEA) DRV:[b]64bit:[/b] - [2009/12/22 10:56:08 | 000,025,664 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_gost.sys -- (BC_Gost) DRV:[b]64bit:[/b] - [2009/12/22 10:55:44 | 000,037,440 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_cast.sys -- (BC_CAST) DRV:[b]64bit:[/b] - [2009/12/22 10:55:36 | 000,030,272 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_bfish.sys -- (BC_BFish) DRV:[b]64bit:[/b] - [2009/12/22 10:55:27 | 000,030,784 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_bf448.sys -- (BC_BF448) DRV:[b]64bit:[/b] - [2009/12/22 10:55:19 | 000,030,784 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_bf128.sys -- (BC_BF128) DRV:[b]64bit:[/b] - [2008/07/10 05:25:42 | 000,314,904 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0102.sys -- (RsFx0102) DRV - [2016/12/24 12:18:54 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | On_Demand | Running] -- C:\Users\Eu\AppData\Local\Temp\HWiNFO64A.SYS -- (HWiNFO32) DRV - [2016/10/26 01:04:48 | 026,568,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys -- (amdkmdag) DRV - [2016/10/26 01:04:40 | 000,536,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys -- (amdkmdap) DRV - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes] IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes] IE - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR,pt;q=0.5 IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 C4 5B 4F A6 5B D2 01 [binary data] IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 58 79 A4 06 03 B5 D1 01 [binary data] IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 1E AE 0E 38 01 F8 E0 38 B2 F2 C0 27 44 08 AA E5 21 EA 1A C1 92 3B 89 C3 AF D7 71 B2 39 D3 26 9D C8 86 23 94 FE D2 5D E5 3E 32 C6 8C EE E0 14 53 7B 06 0B 02 00 00 00 0E 00 00 00 53 4C 75 6D 32 35 34 77 38 57 4D 25 33 64 [binary data] IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "BR" FF - prefs.js..browser.search.region: "BR" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016/05/24 09:39:32 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\NativeMessagingHosts\com.scytl.icpbravoaccess\\: C:\Users\Eu\AppData\Local\Scytl\ICPBravoAccess.Extension\com.scytl.icpbravoaccess.firefox.json [2016/09/23 19:04:58 | 000,000,259 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016/10/31 19:23:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\Extensions [2016/12/20 21:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\Firefox\Profiles\qmfm2inz.default\extensions [2016/10/31 19:34:23 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\firefox\profiles\qmfm2inz.default\extensions\firefox-hotfix@mozilla.org.xpi [2016/11/02 13:26:41 | 000,025,218 | ---- | M] () (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\firefox\profiles\qmfm2inz.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016/11/02 13:26:28 | 000,734,889 | ---- | M] () (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\firefox\profiles\qmfm2inz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.2_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\ CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmndhfiofdlcgahoinehedbincopilm\0.9_0\ O1 HOSTS File: ([2016/05/20 09:17:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Microsoft Web Test Recorder 14.0 Helper) - {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} - D:\Arquivos de Programas (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [StartCN] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BCWipeTM Startup] C:\Program Files (x86)\Jetico\BestCrypt\BCWipeTM.exe (Jetico, Inc.) O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare) O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [EADM] G:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [OneDrive] C:\Users\Eu\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe (SHARMAQ) O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [SideSync] C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe () O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [Steam] g:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O8:[b]64bit:[/b] - Extra context menu item: Ligar para este número pelo SideSync - C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll (Samsung Electronics Co., Ltd.) O8 - Extra context menu item: Ligar para este número pelo SideSync - C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll (Samsung Electronics Co., Ltd.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab (QuickTime Plugin Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1aeed6ac-2130-4620-93fd-0e797acd98f4}: DhcpNameServer = 4.2.2.2 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{459fd37a-8b4a-442e-b24f-562072b80727}: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:[b]64bit:[/b] - HKLM IFEO\OSppSvc.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe () O27:[b]64bit:[/b] - HKLM IFEO\SppExtComObj.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe () O27 - HKLM IFEO\OSppSvc.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe () O27 - HKLM IFEO\SppExtComObj.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014/07/22 12:45:32 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2014/07/22 12:46:28 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2016/12/24 11:38:34 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2016/12/23 17:18:54 | 000,042,168 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\SysNative\drivers\PROCEXP152.SYS [2016/12/21 12:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\wsr [2016/12/21 12:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS MobiSaver for Android [2016/12/21 12:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS [2016/12/21 11:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina [2016/12/21 11:11:39 | 001,553,408 | ---- | C] (Osen Kusnadi) -- C:\WINDOWS\SysWow64\osenxpsuite2010.ocx [2016/12/21 11:11:39 | 000,363,656 | ---- | C] (AdminSystem Software Limited) -- C:\WINDOWS\SysWow64\AOSMTP.dll [2016/12/21 11:11:39 | 000,335,360 | ---- | C] (Osen Kusnadi) -- C:\WINDOWS\SysWow64\osenxpsuite2010.dll [2016/12/21 11:11:39 | 000,062,600 | ---- | C] (NeoText Software) -- C:\WINDOWS\SysWow64\ftpclient.dll [2016/12/21 11:11:39 | 000,042,120 | ---- | C] (SHARMAQ) -- C:\WINDOWS\SysWow64\shbarras.dll [2016/12/21 11:11:38 | 000,103,560 | ---- | C] (WinResources Computing, Inc.) -- C:\WINDOWS\SysWow64\vertmenu.ocx [2016/12/21 09:40:30 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realterm [2016/12/21 09:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2016/12/20 21:09:20 | 000,000,000 | ---D | C] -- C:\Downloads [2016/12/18 15:19:08 | 000,000,000 | ---D | C] -- C:\Users\Eu\dwhelper [2016/12/18 14:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2016/12/18 14:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt [2016/12/17 12:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2016/12/17 12:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2016/12/16 22:06:29 | 000,000,000 | ---D | C] -- C:\ESD [2016/12/14 20:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Measurement [2016/12/14 20:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Measurement [2016/12/13 23:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2016/12/13 22:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2016/12/13 22:08:30 | 000,000,000 | -HSD | C] -- C:\Users\Eu\IntelGraphicsProfiles [2016/12/13 22:08:29 | 000,000,000 | ---D | C] -- C:\Intel [2016/12/13 22:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2016/12/13 21:30:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2016/12/12 18:28:17 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Chromium [2016/12/02 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\4kdownload.com [2016/12/02 20:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download [2016/12/02 20:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4KDownload [2016/12/02 09:22:43 | 000,000,000 | ---D | C] -- C:\temp [2016/12/02 09:22:41 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Scytl [2016/11/30 18:16:53 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Deployment [2016/11/28 20:20:31 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\uTorrent [2016/11/28 19:14:44 | 000,064,352 | ---- | C] (Avago Technologies) -- C:\WINDOWS\SysNative\drivers\MegaSas2i.sys [2016/11/28 19:14:16 | 000,204,288 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\DscCoreConfProv.dll [2016/11/28 19:14:16 | 000,141,824 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysWow64\DscCoreConfProv.dll [2016/11/27 19:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive [2016/11/27 19:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared [2016/11/27 19:42:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\Music [2016/11/27 19:41:41 | 000,000,000 | -HSD | C] -- C:\Recovery [2016/11/27 19:41:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2016/11/27 19:25:05 | 000,000,000 | --SD | C] -- C:\Users\Eu\AppData\Roaming\Microsoft [2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\AppData\Local\Temporary Internet Files [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\SendTo [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Recent [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Modelos [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Documents\Minhas Músicas [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Documents\Minhas Imagens [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Documents\Meus Vídeos [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Meus Documentos [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Menu Iniciar [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\AppData\Local\Histórico [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Dados de Aplicativos [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\AppData\Local\Dados de Aplicativos [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Cookies [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Configurações Locais [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Ambiente de Rede [2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Ambiente de Impressão [2016/11/27 19:25:05 | 000,000,000 | -H-D | C] -- C:\Users\Eu\AppData [2016/11/27 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Temp [2016/11/27 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Microsoft [2016/11/27 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2016/11/27 19:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings [2016/11/27 19:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2016/11/27 19:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD [2016/11/27 19:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2016/11/27 19:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2016/11/27 19:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2016/11/27 19:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2016/11/27 19:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2016/11/27 19:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2016/11/27 19:23:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy [2016/11/27 19:23:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2016/11/27 19:21:42 | 000,376,320 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\DXCpl.exe [2016/11/27 19:21:42 | 000,355,840 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysWow64\DXCpl.exe [2016/11/27 19:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles [2016/11/27 19:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft [2016/11/27 19:20:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2016/11/27 11:01:27 | 000,000,000 | -H-D | C] -- C:\$GetCurrent [2016/11/25 20:57:23 | 000,000,000 | ---D | C] -- C:\Users\Eu\Documents\CPY_SAVES [2016/11/25 20:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inside [2016/11/25 18:44:28 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\SmartSteamEmu [2016/11/25 18:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCOLAST [2016/11/25 10:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rene.E Laboratory [2015/12/22 12:14:10 | 000,057,344 | ---- | C] (DBA Engenharia de Sistemas) -- C:\Users\Eu\signver1.dll [6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ] [11 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2016/12/24 12:18:04 | 002,786,940 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2016/12/24 12:18:04 | 001,132,660 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2016/12/24 12:18:04 | 000,791,782 | ---- | M] () -- C:\WINDOWS\SysNative\prfh0416.dat [2016/12/24 12:18:04 | 000,442,874 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2016/12/24 12:18:04 | 000,367,458 | ---- | M] () -- C:\WINDOWS\SysNative\prfc0416.dat [2016/12/24 12:13:59 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2016/12/24 12:12:08 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2016/12/24 12:11:52 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2016/12/24 12:11:46 | 2553,757,695 | -HS- | M] () -- C:\hiberfil.sys [2016/12/23 18:58:38 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin [2016/12/23 17:18:54 | 000,042,168 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\SysNative\drivers\PROCEXP152.SYS [2016/12/21 13:38:14 | 000,001,398 | ---- | M] () -- C:\Users\Eu\Desktop\ShowMyPC.lnk [2016/12/21 12:48:11 | 000,001,448 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS MobiSaver for Android.lnk [2016/12/21 12:34:27 | 000,002,273 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk [2016/12/21 12:34:27 | 000,001,362 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2016/12/21 11:21:24 | 000,001,174 | ---- | M] () -- C:\Users\Eu\Desktop\Realterm.lnk [2016/12/21 11:11:40 | 000,000,786 | ---- | M] () -- C:\Users\Eu\Desktop\SHOficina5.lnk [2016/12/21 11:11:40 | 000,000,769 | ---- | M] () -- C:\Users\Eu\Desktop\SHVendas.lnk [2016/12/21 09:39:13 | 000,001,213 | ---- | M] () -- C:\Users\Public\Desktop\SideSync.lnk [2016/12/18 14:33:10 | 000,439,859 | ---- | M] () -- C:\Users\Eu\Desktop\Contr. Suel 10-2016.pdf [2016/12/18 14:32:33 | 000,130,324 | ---- | M] () -- C:\Users\Eu\Desktop\Contr. Suel 11-2016.pdf [2016/12/18 14:01:13 | 000,001,337 | ---- | M] () -- C:\Users\Eu\Desktop\4K Video Downloader.lnk [2016/12/18 14:01:13 | 000,001,278 | ---- | M] () -- C:\Users\Eu\Desktop\Uplay.lnk [2016/12/18 14:01:13 | 000,001,137 | ---- | M] () -- C:\Users\Eu\Desktop\Conectividade Social.lnk [2016/12/16 23:18:44 | 000,473,904 | ---- | M] () -- C:\Users\Eu\Documents\mateus-12-2016.pdf [2016/12/16 21:57:44 | 000,012,006 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2016/12/16 21:57:44 | 000,010,138 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2016/12/16 21:28:06 | 000,000,719 | ---- | M] () -- C:\Users\Eu\Desktop\Assistente de Atualização do Windows 10.lnk [2016/12/16 08:48:10 | 000,437,896 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2016/12/15 11:00:44 | 004,527,277 | ---- | M] () -- C:\Users\Eu\Documents\WP_20161215_10_50_51_Pro_LI.jpg [2016/12/15 11:00:43 | 004,512,020 | ---- | M] () -- C:\Users\Eu\Documents\WP_20161215_10_57_35_Pro_LI.jpg [2016/12/15 10:19:38 | 000,002,258 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/12/14 20:30:04 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Measurement.lnk [2016/12/13 22:08:29 | 000,000,200 | ---- | M] () -- C:\WINDOWS\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [2016/12/13 22:08:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin [2016/12/10 13:14:18 | 002,381,426 | ---- | M] () -- C:\Users\Eu\Documents\Malwee 11-2016.zip [2016/12/09 07:29:23 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2016/12/09 07:11:15 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/12/05 21:08:15 | 000,779,759 | ---- | M] () -- C:\Users\Eu\Documents\7 receitas paes sem gluten.pdf [2016/12/04 11:28:32 | 002,955,776 | ---- | M] () -- C:\Users\Eu\Documents\Camera_01_20161204_110328.avi [2016/12/02 14:09:34 | 000,983,417 | ---- | M] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 agua de cheiro.rar [2016/12/02 14:06:34 | 015,158,598 | ---- | M] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 brasil cacau.rar [2016/12/01 10:04:26 | 000,000,312 | ---- | M] () -- C:\Users\Eu\Documents\Limpar Cache DNS.bat [2016/11/30 09:20:54 | 000,002,244 | -H-- | M] () -- C:\Users\Eu\Documents\Default.rdp [2016/11/28 20:22:28 | 000,002,669 | ---- | M] () -- C:\Users\Eu\Desktop\µTorrent.lnk [2016/11/28 20:16:06 | 000,015,425 | ---- | M] () -- C:\WINDOWS\SysNative\OEMDefaultAssociations.xml [2016/11/27 19:40:53 | 000,023,056 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2016/11/27 19:24:55 | 001,405,922 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2016/11/27 19:23:55 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl [2016/11/27 19:23:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf [2016/11/27 19:23:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2016/11/27 18:42:31 | 000,000,036 | ---- | M] () -- C:\WINDOWS\progress.ini [2016/11/25 20:12:59 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\Inside.lnk [2016/11/25 18:37:33 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\OCOLAST.lnk [2016/11/24 13:02:26 | 000,026,112 | ---- | M] () -- C:\WINDOWS\KMS-R@1n.exe [2016/11/24 13:02:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\KMS-QADhook.dll [2016/11/24 13:02:26 | 000,004,608 | ---- | M] () -- C:\WINDOWS\KMS-R@1nhook.exe [6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ] [11 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2016/12/21 12:48:11 | 000,001,448 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS MobiSaver for Android.lnk [2016/12/21 12:34:31 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SysWow64\dllhost.exe.config [2016/12/21 12:34:27 | 000,002,273 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk [2016/12/21 12:34:27 | 000,001,362 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2016/12/21 09:40:30 | 000,001,174 | ---- | C] () -- C:\Users\Eu\Desktop\Realterm.lnk [2016/12/21 09:39:13 | 000,001,213 | ---- | C] () -- C:\Users\Public\Desktop\SideSync.lnk [2016/12/18 14:33:08 | 000,439,859 | ---- | C] () -- C:\Users\Eu\Desktop\Contr. Suel 10-2016.pdf [2016/12/18 14:32:32 | 000,130,324 | ---- | C] () -- C:\Users\Eu\Desktop\Contr. Suel 11-2016.pdf [2016/12/16 23:18:43 | 000,473,904 | ---- | C] () -- C:\Users\Eu\Documents\mateus-12-2016.pdf [2016/12/15 10:58:55 | 004,512,020 | ---- | C] () -- C:\Users\Eu\Documents\WP_20161215_10_57_35_Pro_LI.jpg [2016/12/15 10:53:12 | 004,527,277 | ---- | C] () -- C:\Users\Eu\Documents\WP_20161215_10_50_51_Pro_LI.jpg [2016/12/14 20:55:29 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2016/12/14 20:55:10 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/12/14 20:30:04 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Measurement.lnk [2016/12/13 22:08:29 | 000,000,200 | ---- | C] () -- C:\WINDOWS\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [2016/12/13 22:08:29 | 000,000,180 | ---- | C] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2016/12/13 22:08:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin [2016/12/10 13:14:17 | 002,381,426 | ---- | C] () -- C:\Users\Eu\Documents\Malwee 11-2016.zip [2016/12/06 10:55:20 | 000,001,398 | ---- | C] () -- C:\Users\Eu\Desktop\ShowMyPC.lnk [2016/12/05 21:08:14 | 000,779,759 | ---- | C] () -- C:\Users\Eu\Documents\7 receitas paes sem gluten.pdf [2016/12/04 11:28:31 | 002,955,776 | ---- | C] () -- C:\Users\Eu\Documents\Camera_01_20161204_110328.avi [2016/12/02 20:22:59 | 000,001,337 | ---- | C] () -- C:\Users\Eu\Desktop\4K Video Downloader.lnk [2016/12/02 14:09:27 | 000,983,417 | ---- | C] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 agua de cheiro.rar [2016/12/02 14:05:36 | 015,158,598 | ---- | C] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 brasil cacau.rar [2016/12/01 10:04:26 | 000,000,312 | ---- | C] () -- C:\Users\Eu\Documents\Limpar Cache DNS.bat [2016/11/28 20:22:28 | 000,002,669 | ---- | C] () -- C:\Users\Eu\Desktop\µTorrent.lnk [2016/11/28 19:17:26 | 000,446,896 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2016/11/28 19:15:52 | 000,418,304 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Perception.Stub.dll [2016/11/28 19:15:01 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2016/11/27 19:41:07 | 000,012,006 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2016/11/27 19:41:07 | 000,010,138 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2016/11/27 19:39:38 | 2553,757,695 | -HS- | C] () -- C:\hiberfil.sys [2016/11/27 19:39:06 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2016/11/27 19:24:56 | 002,786,940 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2016/11/27 19:24:55 | 001,405,922 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2016/11/27 19:24:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysNative\spu_storage.bin [2016/11/27 19:24:08 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2016/11/27 19:23:55 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2016/11/27 19:23:52 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf [2016/11/27 19:23:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2016/11/27 19:23:24 | 000,437,896 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2016/11/27 19:23:19 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys [2016/11/27 19:22:57 | 000,000,727 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf [2016/11/27 19:22:57 | 000,000,727 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf [2016/11/27 18:41:19 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini [2016/11/27 11:01:15 | 000,000,731 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk [2016/11/27 11:01:15 | 000,000,719 | ---- | C] () -- C:\Users\Eu\Desktop\Assistente de Atualização do Windows 10.lnk [2016/11/25 20:12:59 | 000,000,836 | ---- | C] () -- C:\Users\Public\Desktop\Inside.lnk [2016/11/25 18:37:33 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\OCOLAST.lnk [2016/10/27 16:49:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\SysWow64\base64.dll [2016/10/27 16:41:19 | 002,256,384 | ---- | C] () -- C:\WINDOWS\SysWow64\Prx.dll [2016/10/27 16:41:19 | 000,371,200 | ---- | C] () -- C:\WINDOWS\SysWow64\Prox.dll [2016/10/27 16:41:19 | 000,218,112 | ---- | C] () -- C:\WINDOWS\SysWow64\Hl_med32.dll [2016/10/27 16:41:19 | 000,167,936 | ---- | C] () -- C:\WINDOWS\SysWow64\Hlsoft32.dll [2016/10/27 16:41:19 | 000,051,712 | ---- | C] () -- C:\WINDOWS\SysWow64\Rsa_w32.dll [2016/10/27 16:41:19 | 000,031,744 | ---- | C] () -- C:\WINDOWS\SysWow64\Hl_pub32.dll [2016/10/27 16:41:19 | 000,000,148 | ---- | C] () -- C:\WINDOWS\SysWow64\tcpconf.dat [2016/10/27 16:41:13 | 000,435,200 | ---- | C] () -- C:\WINDOWS\SysWow64\cnsHTTP.dll [2016/10/27 16:41:13 | 000,333,312 | ---- | C] () -- C:\WINDOWS\SysWow64\simplezip.dll [2016/10/27 16:41:13 | 000,130,560 | ---- | C] () -- C:\WINDOWS\SysWow64\ZipDll.dll [2016/10/27 16:41:13 | 000,125,440 | ---- | C] () -- C:\WINDOWS\SysWow64\UnzDll.dll [2016/10/26 01:04:46 | 000,251,416 | ---- | C] () -- C:\WINDOWS\SysWow64\hsa-thunk.dll [2016/10/26 01:04:44 | 000,258,064 | ---- | C] () -- C:\WINDOWS\SysWow64\GameManager32.dll [2016/10/26 01:04:38 | 000,226,328 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe [2016/10/26 01:04:24 | 000,239,120 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll [2016/10/18 20:07:51 | 000,026,112 | ---- | C] () -- C:\WINDOWS\KMS-R@1n.exe [2016/10/18 20:07:51 | 000,007,168 | ---- | C] () -- C:\WINDOWS\KMS-QADhook.dll [2016/10/18 20:07:51 | 000,004,608 | ---- | C] () -- C:\WINDOWS\KMS-R@1nhook.exe [2016/09/16 14:57:24 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat [2016/09/16 14:57:24 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat [2016/07/16 08:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2016/07/16 08:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2016/07/16 08:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2016/07/16 08:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2016/07/16 08:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 08:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2016/07/16 08:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2016/07/16 08:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2016/07/16 08:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2016/07/16 08:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2016/07/13 16:09:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2016/05/21 20:18:02 | 000,650,752 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2016/05/21 20:18:02 | 000,243,200 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll [2016/05/21 20:18:02 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll [2016/05/21 20:18:01 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll [2016/05/21 20:17:59 | 000,079,872 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll [2016/03/28 01:37:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\SysWow64\gluninstall.dll [2015/11/24 20:56:05 | 000,000,600 | ---- | C] () -- C:\Users\Eu\PUTTY.RND [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 07:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 04:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 08:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 08:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 08:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2016/05/20 18:22:38 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\BSplayer [2016/05/20 17:22:16 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\BSplayer Pro [2016/06/29 13:19:47 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\DMCache [2016/12/23 18:58:25 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Everything [2016/10/07 20:47:25 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\HMYGSetting [2016/07/15 12:41:13 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\IDM [2016/05/21 19:23:49 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\MAD [2016/11/20 12:01:57 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Notepad++ [2016/05/20 21:30:28 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\NuGet [2016/11/21 18:31:31 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Origin [2016/10/16 22:21:39 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Samsung [2016/11/25 18:44:29 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\SmartSteamEmu [2016/11/26 12:53:15 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\TeamViewer [2016/05/28 18:45:01 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\TeraCopy [2016/11/10 20:42:51 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\TightVNC [2016/05/21 21:24:47 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Ubisoft [2016/05/21 21:35:41 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\uplay [2016/12/24 12:03:24 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\uTorrent [2016/10/07 20:44:54 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Wondershare [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %APPDATA%\* >[/color] [color=#A23BEC]< %ProgramFiles%\* >[/color] [2016/05/20 17:32:05 | 000,038,600 | ---- | M] () -- C:\Program Files (x86)\CMS Setup Log.txt [2016/07/16 08:45:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [2016/05/20 17:32:13 | 000,006,866 | ---- | M] () -- C:\Program Files (x86)\DeviceManage Setup Log.txt [2016/05/20 17:33:05 | 000,010,875 | ---- | M] () -- C:\Program Files (x86)\Player Setup Log.txt [color=#A23BEC]< %SystemDrive%\* >[/color] [2015/12/07 21:16:00 | 000,000,040 | -H-- | M] () -- C:\16CF24FF6BF6 [2013/08/22 02:31:45 | 000,427,680 | RHS- | M] () -- C:\bootmgr [2016/05/23 21:29:36 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2016/12/24 12:11:46 | 2553,757,695 | -HS- | M] () -- C:\hiberfil.sys [2016/12/24 12:11:51 | 2550,136,832 | -HS- | M] () -- C:\pagefile.sys [2016/12/24 12:11:52 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [11 C:\*.tmp files -> C:\*.tmp -> ] < End of report >