~ ZHPDiag v2015.7.14.89 Por Nicolas Coolman (2015/07/14)
~ iniciado por User (Administrator)  (2015/07/15 10:37:51)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão:  Version OK
~ Modo: Scanner
~ Relatório: D:\User\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\User\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Inicialização do sistema: Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\ Navegadores Internet (4) - 0s
GCIE: Google Chrome v43.0.2357.134
MFIE: Mozilla Firefox 33.1.1 (x86 pt-BR) v33.1.1
OPIE: Opera 26.0.1656.60 v26.0.1656.60
MSIE: Internet Explorer v11.0.9600.17728

---\\ Informações sobre os produtos Windows (3) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema (1) - 1s
Avast Free Antivirus v10.2.2218

---\\ Softwares de proteçao do sistema (Supérfluo) (1) - 1s
McAfee Security Scan Plus v3.8.150.1

---\\ Monitoramento dos softwares (1) - 1s
Adobe Reader XI

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 4138364
~ System Restore: Activé (Enable)
~ System drive C: has 23 GB free of 99 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: USUARIO-PC
~ User Name: User
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (2) - 0s
~ Drive C: has 23 GB free of 99 GB  (System)
~ Drive D: has 746 GB free of 853 GB

---\\ Pesquisa particular de ficheiros genéricos (23) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.77B35D0FC22A2D2EAC8D07C3F9784DBF] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2358784]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [296320]

---\\ Processos lançados (15) - 1s
[MD5.10C232F6CFFD51D2332898AE7AE0FF23] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [884512] [PID.788]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.812]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1180]
[MD5.39EF7D1A9A3954D66B907C5CB5E20E64] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1134880] [PID.1216]
[MD5.10C232F6CFFD51D2332898AE7AE0FF23] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [884512] [PID.1224]
[MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.992]
[MD5.ACEA78ABA8B7E84D53EB4C3F8672FB09] - (.QNT - app.) -- C:\Windows\SysWOW64\NetService\netservice.exe [226888] [PID.1908]
[MD5.89139EF17DF2596303FC1A2F28440EB3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1712992] [PID.2156]
[MD5.6C112DA6C86DB7FB2C50522EFDDA706A] - (.arvato digital services llc - PsiService PsiService.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776] [PID.2252]
[MD5.3D6737ADDB9B1DF81605C442ED6D2D90] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040] [PID.2376]
[MD5.43412F74D9516EF87988F2397A9B8E78] - (.VIA Technologies, Inc. - Service binary.) -- C:\Windows\system32\viakaraokesrv.exe [27760] [PID.2756]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5515496] [PID.2780]
[MD5.12DDA5DE47461555B28954C6711399B4] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240] [PID.2808]
[MD5.59893040D368399B8420D7089A560642] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2450208] [PID.3436]
[MD5.4789E020D2617046862D1790FC235FF6] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1260320] [PID.2668]

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2 (1) - 0s
G2 - GCE: Extension [User Data\Default] [hhifmddpoonjpdmidgblijdaleiffhpi] Plain Savings

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) (22) - 1s
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\buscape.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mercadolivre.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\search_the_web.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-br.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-br.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [@g2.com/iggweb3dupdater] - (.IGG.com.) -- C:\Users\User\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll
P2 - FPN: [HKCU] [@g2.com/joyconnectshell] - (.IGG.com.) -- C:\Users\User\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS.) -- C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia.) -- C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (.Ubisoft.) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.40.2] - (.Oracle Corporation.) -- C:\Windows\SysWOW64\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.40.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks Inc..) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.8] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

---\\ Opera, Plugins,Arranque,Pesquisa (B0,B1,B2) (3) - 0s
B2 - EXT: [bhcjclaangpnjgfllaoodflclpdfcegb] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bhcjclaangpnjgfllaoodflclpdfcegb
B2 - EXT: [Plain Savings] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\hhifmddpoonjpdmidgblijdaleiffhpi
B2 - EXT: [CinemaPlus_1.3dV05.07] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Main,Start Page = www.qqovd.com?oem=sv1&uid=JP2940HD194AXC_HitachiHDS721010CLA332&tm=1434575525
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://br.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestão do Proxy (R5) (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Redireção do ficheiro Hosts (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Objects do navegador (O2) (3) - 0s
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}  (Orphean)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9}  (Orphean)

---\\ Aplicações iniciadas por registo & pastas (O4) (15) - 1s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [AdobeBridge]  (Orphean)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_br_128]  (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3426834465-1603984521-3710654205-1000\..\Run: [AdobeBridge]  (Orphean)
O4 - HKUS\S-1-5-21-3426834465-1603984521-3710654205-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe

---\\ Atalhos globais Startup (O4G) (5) - 2s
O4 - GS\Quicklaunch [Administrador]: Dll-Files Fixer.lnk . (.Dll-FIles.Com - DLL-Files Fixer.) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O4 - GS\Quicklaunch [Convidado]: Dll-Files Fixer.lnk . (.Dll-FIles.Com - DLL-Files Fixer.) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O4 - GS\Quicklaunch [UpdatusUser]: Dll-Files Fixer.lnk . (.Dll-FIles.Com - DLL-Files Fixer.) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O4 - GS\Quicklaunch [User]: Dll-Files Fixer.lnk . (.Dll-FIles.Com - DLL-Files Fixer.) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O4 - GS\CommonDesktop [Public]: Dll-Files Fixer.lnk . (.Dll-FIles.Com - DLL-Files Fixer.) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer

---\\ Alteração Dominio/Clientes DNS (017) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20) (1) - 0s
O20 - AppInit_DLLs: . (.Autores - .) - C:\Windows\System32\ 

---\\ Lista dos serviços NT não Microsoft e não desativados (023) (18) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Net.Tcp Service Handler (MyLocalService) . (...) - C:\Windows\System32\NetService\netservice.exe (.not file.)
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) . (.arvato digital services llc - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Plain Savings (Update Plain Savings) . (...) - C:\Program Files (x86)\Plain Savings\updatePlainSavings.exe (.not file.)  =>PUP.Optional.PlainSavings
O23 - Service: Util Plain Savings (Util Plain Savings) . (...) - C:\Program Files (x86)\Plain Savings\bin\utilPlainSavings.exe (.not file.)  =>PUP.Optional.PlainSavings
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\system32\viakaraokesrv.exe

---\\ Listagem dos dados do BootExecute (Bex) (034) (1) - 0s
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found

---\\ Tarefas planificadas automaticamente (039) (16) - 0s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\AutoKMS.job   [198]  =>HackTool.AutoKMS
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job   [274]  =>PUP.Optional.DllFilesFixer
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job   [290]  =>PUP.Optional.DllFilesFixer
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1066]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1070]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Opera_helper.job   [234]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task   [3886]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update   [3924]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY   [3012]  =>PUP.Optional.DllFilesFixer
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates   [3026]  =>PUP.Optional.DllFilesFixer
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [3814]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [4066]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422028186   [3822]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Opera_helper   [3170]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{1ECCB760-D261-4DCB-BF9E-01D7DCE7209F}   [3150]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{88F58F28-3493-4EE3-9691-D4EC6C008ED3}   [3152]

---\\ Software instalados (042) (73) - 6s
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: WinRAR 4.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- _{4DC318F5-1640-4417-A218-912ED9905FAA}
O42 - Logiciel: CorelDRAW Graphics Suite X7 (64-Bit) - (.Corel Corporation.) [HKLM][64Bits] -- _{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}
O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM T (x64) - (.Corel Corporation.) [HKLM][64Bits] -- {13179AB2-69FD-459B-800F-81865A501AD4}
O42 - Logiciel: Corel Graphics - Windows Shell Extension 32 Bit - (.Corel Corporation.) [HKLM][64Bits] -- {3B4AE1A9-C026-4D08-8004-DA9A85A411A4}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {4046F74A-28F8-48C6-A5D3-2AFC472574C1}
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- {4DC318F5-1640-4417-A218-912ED9905FAA}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9}
O42 - Logiciel: NVIDIA Driver do 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Driver de gráficos 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Atualizações da NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: CorelDRAW Graphics Suite X7 - Writing Tools (x64) - (. Corel Corporation.) [HKLM][64Bits] -- {D63404AC-C2F1-4B3D-96EA-9727AC9D994C}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM Content (x64) - (.Corel Corporation.) [HKLM][64Bits] -- {EF44BCCD-13F9-4974-862C-CCFAF43EE082}
O42 - Logiciel: HP Deskjet 2050 J510 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {F2C07BE3-0F88-4D0C-957B-3557699981E9}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: CinemaPlus_1.3dV05.07 - (.CinemaPlus_1.3dV05.07.) [HKLM][64Bits] -- CinemaPlus_1.3dV05.07
O42 - Logiciel: Dll-Files Fixer - (.Dll-Files.com.) [HKLM][64Bits] -- Dll-Files Fixer_is1  =>PUP.Optional.DllFilesFixer
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: FLV to AVI MPEG WMV 3GP MP4 iPod Converter 6.1.0830 - (.Aone Software.) [HKLM][64Bits] -- FLV to AVI MPEG WMV 3GP MP4 iPod Converter_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: VIA Gerenciador de dispositivo de plataforma - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2015
O42 - Logiciel: Mozilla Firefox 33.1.1 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.1.1 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: Opera Stable 26.0.1656.60 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 26.0.1656.60
O42 - Logiciel: Metro: Last Light (c) Deep Silver version 1 - (...) [HKLM][64Bits] -- TWV0cm9MYXN0TGlnaHQ=_is1
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay
O42 - Logiciel: VLC media player 2.0.8 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: XP Codec Pack - (.XP Codec Pack team.) [HKLM][64Bits] -- XP Codec Pack
O42 - Logiciel: Java 7 Update 40 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217040FF}
O42 - Logiciel: Adobe After Effects CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4817D846-700B-474E-A31B-80892B3E92E3}
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM][64Bits] -- {66EBD70F-A42C-475F-AEDF-277378151046}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Prezi Desktop - (.Prezi.com.) [HKLM][64Bits] -- {7FAE73A4-F0BC-4B65-81CF-52C417383407}
O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA}
O42 - Logiciel: Módulo de Proteção - Banco Santander (Brasil) S.A. - (...) [HKLM][64Bits] -- {83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: Galeria de Fotos - (.Microsoft Corporation.) [HKLM][64Bits] -- {9EE1AE8B-4872-41CA-8C9A-C33D899523E0}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824144531}
O42 - Logiciel: Adobe Reader XI (11.0.11) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001}
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1}
O42 - Logiciel: Intel(R) C++ Redistributables for Windows* on Intel(R) 64 - (.Intel Corporation.) [HKLM][64Bits] -- {D2437C5C-2D8C-40D2-8059-689AD7239FA3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Far Cry 3 - (.Ubisoft.) [HKLM][64Bits] -- {E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: Hao123-Client - (.Baidu Online Network Technology (Beijing) Co., Ltd..) [HKCU][64Bits] -- hao123desk-br
O42 - Logiciel: IGG Web3D Player version 1.0.0.38 - (.IGG, Inc..) [HKCU][64Bits] -- IGG Web3D Player_is1
O42 - Logiciel: Opera_helper - (.Opera_helper.) [HKCU][64Bits] -- Opera_helper
O42 - Logiciel: DC Universe Online - (.Sony Online Entertainment.) [HKCU][64Bits] -- SOE-DC Universe Online
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys (133) - 6s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Ahead
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\aTube Catcher
HKLM\SOFTWARE\Wow6432Node\Audible
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\CinemaPlus_1.3dV05.07
HKLM\SOFTWARE\Wow6432Node\CinemaPlus_1.3dV05.07-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus_1.3dV05.07-nv-ie  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.6  =>PUP.Optional.ClickCaption
HKLM\SOFTWARE\Wow6432Node\CloudOpt
HKLM\SOFTWARE\Wow6432Node\Corel
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\dll-files.com  =>PUP.Optional.DllFilesFixer
HKLM\SOFTWARE\Wow6432Node\EVP
HKLM\SOFTWARE\Wow6432Node\Gabest
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Linden Research, Inc.
HKLM\SOFTWARE\Wow6432Node\LM Service
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\NetTcpHandler
HKLM\SOFTWARE\Wow6432Node\NLOmniture
HKLM\SOFTWARE\Wow6432Node\NtSvcHandler
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Pando Networks
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Riot Games
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKLM\SOFTWARE\Wow6432Node\Sakura
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\TCTS
HKLM\SOFTWARE\Wow6432Node\Ubisoft
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VIA Technologies, Inc
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\2K Sports
HKCU\SOFTWARE\4A-Games
HKCU\SOFTWARE\4shared
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ASUS
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Baixaki
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Browser  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Bugsplat
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaPlus_1.3dV05.07
HKCU\SOFTWARE\CinemaPlus_1.3dV05.07-nv  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus_1.3dV05.07-nv-ie  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ClassesB
HKCU\SOFTWARE\CoreAAC
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\Crystal Dynamics
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\dll-files.com  =>PUP.Optional.DllFilesFixer
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GbAs
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\GoldenGate
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IGG
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Ligos
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Pando Networks
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\teras games
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VIA
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\WSSE
HKCU\SOFTWARE\XP Codec Pack
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Unity

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) (227) - 5s
O43 - CFD: 2015/07/06 19:14:42 - [0] D -- C:\Program Files (x86)\ActSys
O43 - CFD: 2015/07/08 11:01:26 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/07/08 11:01:26 - [] D -- C:\Program Files (x86)\b49bfec9-946a-43a5-b140-4aa634a0d2d5  =>PUP.Optional.CrossRider
O43 - CFD: 2013/07/25 10:20:45 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/07/14 15:32:10 - [] D -- C:\Program Files (x86)\CalendarTool
O43 - CFD: 2015/06/20 19:38:50 - [] D -- C:\Program Files (x86)\CCTV View
O43 - CFD: 2015/07/14 21:45:44 - [] D -- C:\Program Files (x86)\CinemaPlus_1.3dV05.07
O43 - CFD: 2015/07/14 17:12:28 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/06/20 19:31:45 - [0] D -- C:\Program Files (x86)\DesProtetor
O43 - CFD: 2013/10/15 21:34:35 - [] D -- C:\Program Files (x86)\Dll-Files.com Fixer  =>PUP.Optional.DllFilesFixer
O43 - CFD: 2013/08/05 08:42:05 - [] D -- C:\Program Files (x86)\Driver LM
O43 - CFD: 2014/07/11 11:00:41 - [] D -- C:\Program Files (x86)\DsNET Corp
O43 - CFD: 2015/07/04 09:47:24 - [] D -- C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
O43 - CFD: 2014/07/28 23:42:29 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2013/05/14 22:09:24 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 2015/04/04 11:54:19 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 2013/10/24 18:45:46 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/05/06 17:50:25 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/06/22 21:14:47 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/07/14 17:33:21 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2013/09/25 14:09:14 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2013/10/19 16:11:53 - [] D -- C:\Program Files (x86)\Metro Last Light
O43 - CFD: 2014/07/26 10:11:23 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2014/07/26 23:31:26 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/07/26 10:11:20 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2013/05/07 09:24:18 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/07/26 10:11:43 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/05/07 11:33:36 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/14 17:12:30 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/14 17:12:30 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/07/26 10:11:29 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/05/07 09:19:20 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2014/07/16 16:21:32 - [] D -- C:\Program Files (x86)\Norton PC Checkup 3.0
O43 - CFD: 2013/10/16 23:19:16 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/06/20 20:35:52 - [0] D -- C:\Program Files (x86)\Plain Savings
O43 - CFD: 2015/06/20 10:00:02 - [] D -- C:\Program Files (x86)\Prezi Desktop 4
O43 - CFD: 2015/04/04 11:53:27 - [] D -- C:\Program Files (x86)\Programas RFB
O43 - CFD: 2013/05/06 17:49:03 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2009/07/14 02:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/07/14 17:12:30 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/07/14 17:12:26 - [0] D -- C:\Program Files (x86)\ToolsUpdatePlatform
O43 - CFD: 2013/10/24 19:01:52 - [] D -- C:\Program Files (x86)\Ubisoft
O43 - CFD: 2009/07/14 01:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2013/05/06 17:48:19 - [] D -- C:\Program Files (x86)\VIA
O43 - CFD: 2013/07/19 08:41:16 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/06/22 21:14:18 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/03/12 17:58:37 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 2010/11/21 06:37:34 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/22 21:14:48 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 02:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2010/11/21 06:37:34 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 00:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2010/11/21 06:37:34 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/14 17:12:32 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/07/06 19:17:20 - [] D -- C:\Program Files (x86)\WNet
O43 - CFD: 2015/06/20 19:29:20 - [] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 2013/05/07 09:11:48 - [] D -- C:\Program Files (x86)\XP Codec Pack
O43 - CFD: 2015/06/22 21:22:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/05/06 16:28:15 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/07/11 11:00:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
O43 - CFD: 2015/07/14 17:16:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2014/07/26 10:43:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Android Store
O43 - CFD: 2015/07/13 12:22:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
O43 - CFD: 2015/07/04 09:42:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
O43 - CFD: 2015/06/29 17:34:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2013/05/14 22:09:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2015/07/14 17:33:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/07/14 17:12:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2009/07/14 01:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/05/29 13:48:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2014/07/26 23:40:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2013/05/07 09:21:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
O43 - CFD: 2013/05/07 11:04:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2015/04/04 11:53:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
O43 - CFD: 2015/07/14 17:12:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/06/20 15:34:20 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2010/11/21 06:47:55 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/14 17:12:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/14 17:33:17 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 2015/07/04 08:47:25 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/05/07 09:20:26 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 2015/07/14 17:30:22 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2013/07/25 10:21:23 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/07/26 10:37:02 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2014/07/26 10:32:08 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/07/14 23:03:21 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 2014/03/25 16:22:14 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2015/07/13 12:25:57 - [] D -- C:\ProgramData\Corel
O43 - CFD: 2015/07/13 12:23:47 - [0] D -- C:\ProgramData\CorelDRAW Graphics Suite X7 x64
O43 - CFD: 2013/05/06 16:30:32 - [0] SHD -- C:\ProgramData\Dados de aplicativos
O43 - CFD: 2013/08/25 19:15:05 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/05/06 16:30:32 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2013/05/06 16:30:32 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 2014/12/24 09:05:12 - [] D -- C:\ProgramData\GAS Tecnologia
O43 - CFD: 2013/05/14 22:10:32 - [] D -- C:\ProgramData\HP
O43 - CFD: 2013/05/06 17:50:30 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2014/06/04 11:51:45 - [] D -- C:\ProgramData\Log
O43 - CFD: 2013/05/08 11:32:05 - [] D -- C:\ProgramData\Logs
O43 - CFD: 2015/02/11 16:49:12 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/05/29 13:48:46 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2013/05/06 16:30:32 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2015/06/22 21:14:36 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/04/29 23:39:06 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/05/16 09:44:09 - [0] D -- C:\ProgramData\mmjkdaehbdhgefahojmkhodbmhkeemcj
O43 - CFD: 2013/05/06 16:30:32 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2013/05/07 09:16:43 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/05/07 09:19:20 - [] D -- C:\ProgramData\Nero
O43 - CFD: 2015/07/15 10:26:05 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2013/05/07 10:23:58 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/05/20 18:32:10 - [] D -- C:\ProgramData\Onwafreravo
O43 - CFD: 2013/09/25 14:09:43 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2013/10/24 19:18:48 - [] D -- C:\ProgramData\Orbit
O43 - CFD: 2015/07/13 12:18:34 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/07/13 12:25:53 - [] D -- C:\ProgramData\Protexis64
O43 - CFD: 2015/07/04 08:47:24 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2013/10/19 16:12:10 - [] D -- C:\ProgramData\RELOADED
O43 - CFD: 2015/07/14 17:12:33 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/10/16 23:19:21 - [] D -- C:\ProgramData\Solid State Networks
O43 - CFD: 2014/07/11 10:18:36 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/09/25 14:09:35 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/05/26 11:29:18 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 2015/04/07 07:48:20 - [0] D -- C:\ProgramData\T122078ED
O43 - CFD: 2013/05/08 11:32:04 - [] D -- C:\ProgramData\TEMP
O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/14 17:12:33 - [] D -- C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 2015/03/12 14:28:59 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 2015/07/04 08:46:06 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/07/14 17:11:51 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2013/05/07 09:20:17 - [] D -- C:\Program Files (x86)\Common Files\Ahead
O43 - CFD: 2015/07/14 17:33:17 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2013/05/07 09:25:21 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2013/05/06 17:47:37 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/07/13 12:20:09 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/07/14 17:11:51 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/07/26 23:31:26 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2013/05/06 17:50:06 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2009/07/14 00:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/07/14 17:12:28 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 00:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2013/07/28 00:16:22 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2014/07/26 10:09:41 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2014/02/14 12:24:37 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2015/03/12 14:28:46 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 2013/05/09 18:12:09 - [] D -- C:\Users\User\AppData\Roaming\2K Sports
O43 - CFD: 2015/07/04 08:51:55 - [] D -- C:\Users\User\AppData\Roaming\Adobe
O43 - CFD: 2013/06/07 17:49:13 - [] D -- C:\Users\User\AppData\Roaming\Ahead
O43 - CFD: 2015/03/11 14:04:35 - [] D -- C:\Users\User\AppData\Roaming\Apple Computer
O43 - CFD: 2014/07/26 11:05:24 - [] D -- C:\Users\User\AppData\Roaming\AVAST Software
O43 - CFD: 2015/01/23 09:44:29 - [] D -- C:\Users\User\AppData\Roaming\baidu
O43 - CFD: 2014/06/04 16:22:56 - [] D -- C:\Users\User\AppData\Roaming\Baidu Security
O43 - CFD: 2015/07/14 15:32:19 - [] D -- C:\Users\User\AppData\Roaming\CalendarTool
O43 - CFD: 2014/09/27 18:08:12 - [] D -- C:\Users\User\AppData\Roaming\com.prezi.PreziDesktop
O43 - CFD: 2015/07/13 12:23:53 - [] D -- C:\Users\User\AppData\Roaming\Corel
O43 - CFD: 2013/11/13 17:29:06 - [] D -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2013/05/09 13:42:29 - [] D -- C:\Users\User\AppData\Roaming\dll-files.com  =>PUP.Optional.DllFilesFixer
O43 - CFD: 2015/05/11 13:10:51 - [] D -- C:\Users\User\AppData\Roaming\Dropbox
O43 - CFD: 2013/07/18 20:18:42 - [] D -- C:\Users\User\AppData\Roaming\GetRightToGo
O43 - CFD: 2015/01/23 18:51:46 - [] HD -- C:\Users\User\AppData\Roaming\GoldenGate
O43 - CFD: 2015/03/12 14:28:57 - [] D -- C:\Users\User\AppData\Roaming\HYXDevPsnList
O43 - CFD: 2013/05/06 16:30:54 - [] D -- C:\Users\User\AppData\Roaming\Identities
O43 - CFD: 2013/05/14 13:34:01 - [] D -- C:\Users\User\AppData\Roaming\IGG
O43 - CFD: 2013/05/06 17:49:45 - [] D -- C:\Users\User\AppData\Roaming\InstallShield
O43 - CFD: 2013/05/07 11:16:30 - [] D -- C:\Users\User\AppData\Roaming\Macromedia
O43 - CFD: 2010/11/21 06:47:55 - [0] D -- C:\Users\User\AppData\Roaming\Media Center Programs
O43 - CFD: 2014/05/29 18:52:24 - [] D -- C:\Users\User\AppData\Roaming\Media Player Classic
O43 - CFD: 2015/03/29 00:05:20 - [] SD -- C:\Users\User\AppData\Roaming\Microsoft
O43 - CFD: 2013/05/07 09:17:36 - [] D -- C:\Users\User\AppData\Roaming\Mozilla
O43 - CFD: 2013/10/26 21:28:57 - [] D -- C:\Users\User\AppData\Roaming\Need for Speed World
O43 - CFD: 2014/04/11 01:13:16 - [] D -- C:\Users\User\AppData\Roaming\NVIDIA
O43 - CFD: 2015/01/23 12:49:56 - [] D -- C:\Users\User\AppData\Roaming\Opera Software
O43 - CFD: 2013/12/11 16:18:00 - [] D -- C:\Users\User\AppData\Roaming\Riot Games
O43 - CFD: 2014/04/11 01:15:08 - [] D -- C:\Users\User\AppData\Roaming\SecondLife
O43 - CFD: 2013/08/31 20:28:08 - [] D -- C:\Users\User\AppData\Roaming\Skype
O43 - CFD: 2013/05/14 15:25:53 - [] D -- C:\Users\User\AppData\Roaming\Unity
O43 - CFD: 2015/07/15 10:37:14 - [] D -- C:\Users\User\AppData\Roaming\uTorrent
O43 - CFD: 2015/07/13 12:00:15 - [] D -- C:\Users\User\AppData\Roaming\vlc
O43 - CFD: 2013/05/23 11:33:33 - [] D -- C:\Users\User\AppData\Roaming\WinRAR
O43 - CFD: 2015/06/20 19:29:12 - [0] D -- C:\Users\User\AppData\Roaming\Wondershare
O43 - CFD: 2015/07/15 10:38:03 - [] D -- C:\Users\User\AppData\Roaming\ZHP
O43 - CFD: 2013/10/19 16:12:54 - [] D -- C:\Users\User\AppData\Local\4A Games
O43 - CFD: 2015/07/04 10:53:52 - [] D -- C:\Users\User\AppData\Local\Adobe
O43 - CFD: 2013/06/07 17:48:34 - [] D -- C:\Users\User\AppData\Local\Ahead
O43 - CFD: 2013/07/25 10:21:07 - [] D -- C:\Users\User\AppData\Local\Apple
O43 - CFD: 2013/07/25 10:21:49 - [] D -- C:\Users\User\AppData\Local\Apple Computer
O43 - CFD: 2015/01/25 12:28:17 - [] D -- C:\Users\User\AppData\Local\Apps
O43 - CFD: 2013/05/06 16:30:39 - [0] SHD -- C:\Users\User\AppData\Local\Dados de aplicativos
O43 - CFD: 2013/10/21 17:57:57 - [] D -- C:\Users\User\AppData\Local\Electronic_Arts_Inc
O43 - CFD: 2015/07/08 16:02:49 - [0] D -- C:\Users\User\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/06/28 11:27:26 - [] SHD -- C:\Users\User\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/28 11:27:25 - [] SHD -- C:\Users\User\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/28 11:27:25 - [] SHD -- C:\Users\User\AppData\Local\EmieUserList
O43 - CFD: 2014/03/24 12:38:09 - [] D -- C:\Users\User\AppData\Local\GAS Tecnologia
O43 - CFD: 2014/07/28 23:42:30 - [] D -- C:\Users\User\AppData\Local\Google
O43 - CFD: 2013/05/06 16:30:39 - [0] SHD -- C:\Users\User\AppData\Local\Histórico
O43 - CFD: 2013/06/05 18:41:16 - [] D -- C:\Users\User\AppData\Local\HP
O43 - CFD: 2013/05/07 11:16:30 - [] D -- C:\Users\User\AppData\Local\Macromedia
O43 - CFD: 2015/06/22 21:25:08 - [] D -- C:\Users\User\AppData\Local\Microsoft
O43 - CFD: 2013/09/01 15:24:23 - [] D -- C:\Users\User\AppData\Local\Microsoft Games
O43 - CFD: 2013/05/07 09:23:38 - [0] D -- C:\Users\User\AppData\Local\Microsoft Help
O43 - CFD: 2014/03/24 12:37:41 - [] D -- C:\Users\User\AppData\Local\Mozilla
O43 - CFD: 2015/01/23 12:49:56 - [] D -- C:\Users\User\AppData\Local\Opera Software
O43 - CFD: 2013/05/25 23:53:23 - [] D -- C:\Users\User\AppData\Local\Programs
O43 - CFD: 2013/10/24 19:19:08 - [] D -- C:\Users\User\AppData\Local\PunkBuster
O43 - CFD: 2013/11/19 19:40:26 - [] D -- C:\Users\User\AppData\Local\SCE
O43 - CFD: 2014/04/11 01:29:15 - [] D -- C:\Users\User\AppData\Local\SecondLife
O43 - CFD: 2013/11/13 17:45:04 - [] D -- C:\Users\User\AppData\Local\SKIDROW
O43 - CFD: 2014/03/08 11:52:52 - [] D -- C:\Users\User\AppData\Local\Spark
O43 - CFD: 2015/07/15 10:38:13 - [] D -- C:\Users\User\AppData\Local\Temp
O43 - CFD: 2013/05/06 16:30:39 - [0] SHD -- C:\Users\User\AppData\Local\Temporary Internet Files
O43 - CFD: 2013/10/24 19:14:53 - [] D -- C:\Users\User\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 2013/05/14 14:04:25 - [] D -- C:\Users\User\AppData\Local\Unity
O43 - CFD: 2013/05/06 16:30:50 - [0] D -- C:\Users\User\AppData\Local\VirtualStore
O43 - CFD: 2015/04/12 00:13:12 - [] D -- C:\Users\User\AppData\Local\Windows Live
O43 - CFD: 2015/03/12 14:28:47 - [] D -- C:\Users\User\AppData\Local\Wondershare
O43 - CFD: 2009/07/14 01:54:32 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/22 21:25:09 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/04/23 23:15:29 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 2009/07/14 01:49:38 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/04/23 13:21:44 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
O43 - CFD: 2015/04/04 11:54:16 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015
O43 - CFD: 2015/07/02 06:06:13 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/05/07 09:11:48 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.3

---\\ Lista dos drivers do sistema (SDL) (O58) (62) - 4s
O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [491088]
O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [339536]
O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys   [182864]
O58 - SDL:2009/07/13 22:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [15440]
O58 - SDL:2011/03/11 03:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [107904]
O58 - SDL:2009/07/13 22:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [194128]
O58 - SDL:2011/03/11 03:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [27008]
O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [87632]
O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [97856]
O58 - SDL:2015/06/26 09:30:42 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\asfilterdrv.sys   [57144]
O58 - SDL:2015/07/01 12:40:08 A . (...) -- C:\Windows\System32\drivers\aswHwid.sys   [29168]
O58 - SDL:2015/07/01 12:40:08 A . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys   [89944]
O58 - SDL:2015/07/01 12:40:07 A . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys   [93528]
O58 - SDL:2015/07/01 12:40:08 A . (...) -- C:\Windows\System32\drivers\aswRvrt.sys   [65736]
O58 - SDL:2015/07/01 12:39:55 A . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys   [1047320]
O58 - SDL:2015/07/01 13:04:22 A . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys   [442264]
O58 - SDL:2015/07/01 12:40:08 A . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys   [137288]
O58 - SDL:2015/07/01 12:40:08 A . (...) -- C:\Windows\System32\drivers\aswVmm.sys   [272248]
O58 - SDL:2009/06/10 17:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys   [270848]
O58 - SDL:2014/05/27 03:19:38 A . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\drivers\Bnbasex.sys   [91616]
O58 - SDL:2014/06/12 23:11:05 A . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\drivers\Bndef.sys   [70912]
O58 - SDL:2009/06/10 17:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [18432]
O58 - SDL:2009/06/10 17:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [8704]
O58 - SDL:2009/07/13 22:19:07 A . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys   [286720]
O58 - SDL:2009/06/10 17:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [47104]
O58 - SDL:2009/06/10 17:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [14976]
O58 - SDL:2009/06/10 17:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [14720]
O58 - SDL:2009/06/10 17:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys   [468480]
O58 - SDL:2009/07/13 22:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [17488]
O58 - SDL:2015/03/03 09:28:56 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\desprotetordrv.sys   [51520]
O58 - SDL:2009/07/13 22:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [530496]
O58 - SDL:2009/06/10 17:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys   [3286016]
O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys   [33240]
O58 - SDL:2015/01/19 09:59:54 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\gosaferdrv.sys   [51504]
O58 - SDL:2009/06/10 17:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [31232]
O58 - SDL:2011/11/10 01:04:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys   [60184]
O58 - SDL:2010/11/21 00:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [78720]
O58 - SDL:2011/03/11 03:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys   [410496]
O58 - SDL:2009/07/13 22:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [44112]
O58 - SDL:2013/07/10 14:40:30 A . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\lmservicedrv.sys   [42032]
O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [114752]
O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [106560]
O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [65600]
O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [115776]
O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [35392]
O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [284736]
O58 - SDL:2009/07/13 22:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [51264]
O58 - SDL:2013/02/26 00:32:32 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys   [11036448]
O58 - SDL:2011/03/11 03:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [148352]
O58 - SDL:2011/03/11 03:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [166272]
O58 - SDL:2009/07/13 22:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1524816]
O58 - SDL:2009/07/13 22:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [128592]
O58 - SDL:2012/02/03 10:01:20 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys   [677480]
O58 - SDL:2009/06/10 17:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [23040]
O58 - SDL:2009/07/13 22:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [43584]
O58 - SDL:2009/07/13 22:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [80464]
O58 - SDL:2014/12/08 19:33:36 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\ssfilterdrv.sys   [51520]
O58 - SDL:2009/07/13 22:45:55 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [24656]
O58 - SDL:2012/12/13 13:50:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys   [54784]
O58 - SDL:2011/11/11 10:50:34 A . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\viahduaa.sys   [2182768]
O58 - SDL:2009/07/13 22:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [17488]
O58 - SDL:2009/07/13 22:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [161872]

---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) (7) - 56s
O61 - LFC: 2015/07/09 21:23:38 A . (.BitTorrent Inc..) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe   [1712992]
O61 - LFC: 2015/07/09 19:57:41 A . (.BitTorrent Inc..) -- C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.0_30345.exe   [1284944]
O61 - LFC: 2015/07/09 20:04:09 A . (.BitTorrent Inc..) -- C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.3_40580.exe   [1709920]
O61 - LFC: 2015/07/09 21:23:38 A . (.BitTorrent Inc..) -- C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.4_40733.exe   [1712992]
O61 - LFC: 2015/07/15 10:29:07 A . (..) -- C:\Users\User\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [1113849]
O61 - LFC: 2015/07/13 10:14:22 A . (..) -- C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll   [16307888]
O61 - LFC: 2015/07/08 11:05:24 A . (..) -- C:\Users\User\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin   [129766]

---\\ Associações Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de inicialização Internet (068) (20) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe 
O68 - StartMenuInternet: <Spark> <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe 
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: <Spark> <>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: <Spark> <>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: <Spark> <>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069) (19) - 4s
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.ClearSearchHistoryOnClose", "false");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.CurrentLanguageSelection", "English");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.CurrentNavigationSelection", "Current window");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.DisplayRecentSearches", "true");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.ShowButtonText2", "true");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.UpdateTime", "1405351081596");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.setupExtension", "true");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.userEnable", true);  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("HomeTab_18194.global.userID", "bf279aec56602148ebcc8773641d960c");  =>PUP.Optional.CertifiedToolbar
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("extensions.dealply.channel", "_iron9as");  =>PUP.Optional.Dealply
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("extensions.dealply.installId", "_v24870284431568234424452013071823201313");  =>PUP.Optional.Dealply
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("extensions.dealply.installIdSource", "_inst");  =>PUP.Optional.Dealply
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("extensions.dealply.lastHeartBitDate", "2014_6_16");  =>PUP.Optional.Dealply
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("extensions.dealply.partner", "_iron");  =>PUP.Optional.Dealply
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("extensions.dealply.sampleGroup", "3");  =>PUP.Optional.Dealply
O69 - SBI: prefs.js [User - 7n4ki27s.default] user_pref("wtbg.global.storedbrowserversion", "30.0");  =>PUP.Optional.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {7F87A145-4DFC-8427-D3BE-345DC833855E} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://search.certified-toolbar.com?si=77324&st=bs&tid=18194&ver=6.4&ts=1.000000&tguid=77324-18194-1402317690844-BAC4C5A980332144227B6AA3E023E2B2&q={searchTerms}  =>PUP.Optional.CertifiedToolbar

---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll   [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll   [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\Sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor.) -- C:\Windows\System32\termsrv.dll   [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll   [2553856]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de pla.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll   [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll   [193536]

---\\ Lista das exceções do FireWall (FirewallRules) (O87) (33) - 1s
O87 - FAEL: "{4253D457-4161-44AE-9BB4-286FE8D54E05}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{4ACE6632-92A8-4281-9480-E59ED84E9599}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{0BF4D1F5-C37D-483D-8359-6FC754927D0C}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{ABCA940C-1910-49F3-84D2-B82ED14E631A}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{1AE7717F-4F1D-4D61-94BE-9A2C3B657E2A}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{49B4157C-4DE7-45BF-ABC9-BC5AB900C130}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{4810F516-F191-455F-BF0E-8B74FD65885A}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{7E7AABA9-8869-44ED-BF29-1D695D49E8E0}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{7FB0786C-EBEC-410B-B0E1-2B772AE3E0CF}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{FDA8D7C9-10D4-4A87-8C0B-790F3F43C83F}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{C205CF12-DE3C-4F10-8AFD-AB7998FE19F5}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{5E3B03B9-26FD-44C2-A27D-6FAC60C02E94}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{F375F341-B773-4F7D-A510-9B1E263152A1}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{B765DEBF-CF7E-44BF-8078-7E0279D9AD76}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{F9CAFE4D-B3A9-423B-905F-52090C55BD52}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{167A0D86-9D92-46B9-9AD3-4F0FF027E923}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{BBEA024D-91B8-4881-8FA2-9EE7D41306E0}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "TCP Query User{FC693D82-2A3E-4551-9D83-B6E7EA579611}C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe" [In-None-P6-TRUE] .(.Ubisoft Entertainment - Far Cry 3.) -- C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe
O87 - FAEL: "UDP Query User{AC5963C1-72A6-4690-AFBB-F8ECCEA5CF4A}C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe" [In-None-P17-TRUE] .(.Ubisoft Entertainment - Far Cry 3.) -- C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe
O87 - FAEL: "TCP Query User{DA9BF431-BF17-45FE-AE6E-CDEEB2D2FC23}C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe" [In-None-P6-TRUE] .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe
O87 - FAEL: "UDP Query User{416DCAC7-0BA0-4B2A-8835-B4754633C172}C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe" [In-None-P17-TRUE] .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\launch4j-tmp\irpf2015.exe
O87 - FAEL: "{647E42DD-969C-44E2-BA4F-F0AF1F10E675}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{92C5BE47-ACCB-4E7C-8B66-440C067FBF13}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{87B45848-8373-4722-8152-8097CA6CFB77}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{1E69317A-42C1-44AA-80B5-913F5DD0DC3F}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{265E4B93-BAB2-49B7-9FF4-01E5F5D83780}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{1975E5C7-3573-453A-8A8C-181E5ED96EAC}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{AE9B0E55-28EF-420B-B930-02AB7C24D02B}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{5476F8FF-B39E-4D6A-86F0-9C356A036C3B}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{3A1CC25B-6FAF-4258-B055-764B6802D06C}" [Out-None-P6-TRUE] .(.Dll-FIles.Com - DLL-Files Fixer.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{4CBEF5C4-1F58-4023-863F-F1AC4E369369}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{0BFEC03B-DF39-4CBB-A79E-FE80B3CA55DB}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{A194840D-9997-4B04-86B0-4C1B1A662D24}" [In-None-P6-TRUE] .(.Corel Corporation - CorelDRAW X7 (64-Bit).) -- c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) (21) - 10s
SR - Auto   [2015/06/12 09:25:00] [   82112]  Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - Auto   [2015/05/29 18:51:26] [   77128]  Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - Auto   [2015/07/01 12:40:02] [  343336]  Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - Auto   [2011/08/30 23:05:32] [  462184]  Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Auto   [2014/07/16 16:30:06] [  116648]  Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Demand [2014/07/16 16:30:06] [  116648]  Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - Auto   [2012/04/20 14:16:12] [  635104]  Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - Demand [2015/06/29 17:13:36] [  644904]  iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - Auto   [2012/05/10 15:20:34] [  165144]  Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto   [2012/05/15 15:17:22] [  277784]  Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - Demand [2014/04/09 10:13:48] [  289256]  McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - Demand [2014/11/18 08:05:36] [  114288]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - Demand [2007/04/13 21:09:56] [  792112]  NBService (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - Demand [2007/06/01 10:21:30] [  271920]  NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SR - Auto   [// ::] [  884512]  NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - Auto   [2013/02/26 00:32:22] [ 1260320]  NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - Auto   [2014/04/30 16:33:52] [  337776]  Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SS - Auto   [2013/02/28 18:45:16] [  161384]  Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - Auto   [2013/01/18 08:14:20] [  383264]  NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - Auto   [2012/05/15 15:17:26] [  363800]  Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - Auto   [// ::] [   27760]  VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\system32\viakaraokesrv.exe

---\\ Scâner Aditional (088) (20) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Update Plain Savings  =>PUP.Optional.PlainSavings
HKLM\SYSTEM\CurrentControlSet\Services\Util Plain Savings  =>PUP.Optional.PlainSavings
C:\Windows\Tasks\AutoKMS.job  =>HackTool.AutoKMS
C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job  =>PUP.Optional.DllFilesFixer
C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job  =>PUP.Optional.DllFilesFixer
C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY  =>PUP.Optional.DllFilesFixer
C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates  =>PUP.Optional.DllFilesFixer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dll-Files Fixer_is1  =>PUP.Optional.DllFilesFixer
HKLM\SOFTWARE\Wow6432Node\CinemaPlus_1.3dV05.07-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus_1.3dV05.07-nv-ie  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.6  =>PUP.Optional.ClickCaption
HKLM\SOFTWARE\Wow6432Node\dll-files.com  =>PUP.Optional.DllFilesFixer
HKCU\SOFTWARE\Browser  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus_1.3dV05.07-nv  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus_1.3dV05.07-nv-ie  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\dll-files.com  =>PUP.Optional.DllFilesFixer
C:\Program Files (x86)\b49bfec9-946a-43a5-b140-4aa634a0d2d5  =>PUP.Optional.CrossRider
C:\Program Files (x86)\Dll-Files.com Fixer  =>PUP.Optional.DllFilesFixer
C:\Users\User\AppData\Roaming\dll-files.com  =>PUP.Optional.DllFilesFixer
C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe  =>PUP.Optional.DllFilesFixer

---\\ Resumo dos elementos encontrados na sua estação de trabalho (7) - 0s
http://www.nicolascoolman.fr/blog  =>PUP.Optional.DllFilesFixer
http://www.nicolascoolman.fr/blog  =>PUP.Optional.PlainSavings
http://www.nicolascoolman.fr/trojan-autokms/  =>HackTool.AutoKMS
http://www.nicolascoolman.fr/pup-crossrider/  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog  =>PUP.Optional.ClickCaption
http://www.nicolascoolman.fr/pup-certifiedtoolbar/  =>PUP.Optional.CertifiedToolbar
http://www.nicolascoolman.fr/pup-dealply/  =>PUP.Optional.Dealply

~ End of the scan, 58604 items in 107 seconds (876)(0)()