Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Relatório do ZHPDiag v2015.4.6.36 - Nicolas Coolman (29/03/2015)
~ Iniciado por exame (21/06/2017 11:04:07)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Endereço do Webforum : http://forum.nicolascoolman.fr
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.18697
GCIE: Google Chrome v59.0.3071.104 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 26 ActiveX
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3493 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 191 GB (70%) free of 270 GB
---\\ Modo de conexão ao sistema
~ Computer Name: EXAME-PC
~ User Name: exame
~ All Users Names: HomeGroupUser$, exame, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\exame\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\exame\AppData\Roaming\
~ %Desktop% : C:\Users\exame\Desktop\
~ %Favorites% : C:\Users\exame\Favorites\
~ %LocalAppData% : C:\Users\exame\AppData\Local\
~ %StartMenu% : C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 191 Go of 270 Go)
D: Hard drive, Flash drive, Thumb drive (Free 193 Go of 195 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
F: Hard drive, Flash drive, Thumb drive (Free 613 Go of 931 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 47 Scanned in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - (.Microsoft Corporation - Windows Explorer.) (.29/08/2016 - 11:55:07.) -- C:\Windows\Explorer.exe [2972672]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.9B934764D5320F5F2FC0C3CB663F7A3E] - (.Microsoft Corporation - Internet Extensions para Win32.) (.14/05/2017 - 15:15:06.) -- C:\Windows\System32\wininet.dll [2767872]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 22:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 03:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F582FC7976F1248AC5FBD6875C626B41] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/04/2017 - 11:52:22.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 23:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.08/09/2016 - 11:49:56.) -- C:\Windows\system32\Drivers\DfsC.sys [81408]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 00:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.D071B9246BFD1575D72BD88B66F6FB87] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/05/2017 - 00:42:53.) -- C:\Windows\system32\Drivers\MRxSmb.sys [124416]
[MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - (.Microsoft Corporation - MBT Transport driver.) (.11/05/2016 - 11:52:27.) -- C:\Windows\system32\Drivers\netBT.sys [188928]
[MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/01/2016 - 15:54:03.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 01:24:48.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.01743A8A62F2C0488F9C4F6D25C21B2C] - (.Microsoft Corporation - TDI Translation Driver.) (.10/05/2017 - 11:47:49.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 03:30:18.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/20
~ Mes musiques (My Musics) : 1/48
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/131
~ Mon Bureau (My Desktop) : 1/10852
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 11s
---\\ Processos lançados
[MD5.C0885F17C4F55F9DAC1C8BA2C78C736D] - (.Scopus Soluções em TI Ltda - Módulo de Interação do Componente de Segura.) -- C:\Program Files\scpbrad\scpbradguard.exe [2908160] [PID.3428]
[MD5.2A14140B95890D182B79ED6FC192623D] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [559448] [PID.3508]
[MD5.AEF91EEA30E103E4403733A030A99EA4] - (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [490656] [PID.3516]
[MD5.087505693E59774560320B0687ED8B96] - (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [302240] [PID.3524]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.3572]
[MD5.A2066594AE0D747FF12B9D94BB592B1D] - (...) -- C:\Users\exame\AppData\Roaming\Java\SYSEXAME-PC.exe [95047680] [PID.3596]
[MD5.00A9DFC5EF873004F0851D3C234E4801] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [3405168] [PID.3616]
[MD5.76D8232F015BC1D9B08319F86732E523] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [145464] [PID.3652]
[MD5.533C7343CA6E5B10DD77BCF56DE2E540] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [180792] [PID.3676]
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [96056] [PID.3708]
[MD5.4ABA86D5B0D440F33BDBDBDAEA065C42] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1065024] [PID.3780]
[MD5.395CB6E8C67BFB1063AD86987909C184] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288] [PID.3828]
[MD5.BE0AFA9112B26F183053EA236342CA81] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [964912] [PID.3840]
[MD5.8D92D0B56C19819A99312C3FD25788A0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [29538432] [PID.3872]
[MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\exame\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3888]
[MD5.E24219B8B865828FB37B3BAD5A4AFA6E] - (.ShenZhen Enode Techology co,.Ltd - Windows weather tool.) -- C:\Program Files\WeatherTool\2.0.1.11389\weather.exe [1282160] [PID.3948]
[MD5.EF17CD62EEDF0BD53270E8F900D79F5B] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_TATIN8E.exe [262208] [PID.4028]
[MD5.2AA1DDE4CE26F216347FD9057B61BB5F] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe [2144448] [PID.2080] =>P2P.BitTorrent
[MD5.EAA666E9DD8DCDA6E075087091CB85EE] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [275072] [PID.2764]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.224]
[MD5.618C007ED5A0F27AF7C9E80E0065E70B] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\exame\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe [396992] [PID.4136] =>P2P.BitTorrent
[MD5.4DB8C3E9A5D6EB99F21B199C28EDE8D1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [173696] [PID.4336]
[MD5.469533CC7F16566BE9D3436860E12013] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [563840] [PID.4396]
[MD5.66BB5B07696219FA334452D6F51FD648] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [366720] [PID.4428]
[MD5.12183679CA18F2C725E8E72EE922DDA3] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [58160] [PID.4728]
[MD5.7A42A8E161DC32C5A40C5813ED64DF03] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [54744] [PID.4752]
[MD5.DFC8186972EB21F75E5B532194AF4C3A] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [54640] [PID.4760]
[MD5.33CA2F7FA1D265C84086B5913F000646] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1027928] [PID.4692]
[MD5.7AFD03A53C1FE02E04974C9D99B1CF67] - (.Adobe Systems Incorporated - Adobe RdrCEF.) -- C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [1920592] [PID.1404]
[MD5.E96DD1ABAC2BE889CF521EA2192BFD1D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8196608] [PID.1964]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Pasta de extensão do Google Chrome
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [__MSG_web2pdfExtnName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [__MSG_extName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [Chrome Media Router]
~ Google Lines Browser: 16 Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [exame - 4o34ihj2.default] http://br.hao123.com
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.2.4.194.) -- C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.121.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.121.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.121.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.50907.0.) -- c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.2] - (.VideoLAN - VLC media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.4] - (.VideoLAN - VLC media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 17.9.20044.) -- C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
~ Firefox Browser: 10 Scanned in 00mn 01s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nuesearch.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mylucky123.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuesearch.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nuesearch.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mylucky123.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuesearch.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 17.9.20044.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 12 Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;http://localhost:8092;192.168.*.*;
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:45222 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: (no name) - {451C804F-C205-4F03-B48E-537EC94937BF} Chave orfã
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: 16 Scanned in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Resumir Reimage Repair Instalação.lnk . (.Reimage - Reimage Downloader.) -- C:\Users\exame\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4LZ0SRC\ReimageRepair.exe =>Rogue.ReimageRepair
O4 - GS\Desktop [exame]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Scanned in 00mn 06s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Java7 Update] . (...) -- C:\Users\exame\AppData\Roaming\Java\SYSEXAME-PC.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\exame\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIN8E.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\exame\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIN8E.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F75B2E1-D4AD-4DA4-B178-308CC0B2AD8F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C3C7AC4-E91A-426A-8D98-CE5312FDF23D}: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F75B2E1-D4AD-4DA4-B178-308CC0B2AD8F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C3C7AC4-E91A-426A-8D98-CE5312FDF23D}: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F75B2E1-D4AD-4DA4-B178-308CC0B2AD8F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6C3C7AC4-E91A-426A-8D98-CE5312FDF23D}: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: WSWSVCUchrome - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: COM+ Leg Service (COMLegService) . (...) - C:\Program Files\Legendas-3.5\srvlegendas.exe
O23 - Service: DbxSvc (DbxSvc) . (.Windows (R) Win 7 DDK provider - Dropbox Service.) - C:\Windows\System32\DbxSvc.exe
O23 - Service: EpsonCustomerResearchParticipation (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION - Epson Customer Research Participation.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (32bit).) - C:\Windows\system32\EscSvc.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Componente de Segurança Bradesco (scpbradserv) . (.Scopus Soluções em TI Ltda - Componente de Segurança Bradesco.) - C:\Program Files\scpbrad\scpbradserv.exe
O23 - Service: The Desktop Weather Service (TheDesktopWeatherService) . (.No owner - The Desktop Weather Service.) - C:\Program Files\WeatherTool\2.0.1.11389\WeatherService.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 16 Scanned in 00mn 03s
---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
[MD5.AFC094098B6D856151002051E31867D8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1162360]
[MD5.7DE8B8AC559E16AEB388E7D098E7C288] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384]
[MD5.00000000000000000000000000000000] [APT] [ASC8_PerformanceMonitor] (...) -- C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ASC8_SkipUac_exame] (...) -- C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe (.not file.) [0]
[MD5.26502493132A7924466D091C540584F0] [APT] [EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478}] (.SEIKO EPSON CORPORATION.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSN8E.exe [690536]
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [154440]
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [154440]
[MD5.3ECAF01F5F4BFBEBBA31596DB0FC471B] [APT] [HPCeeScheduleForexame] (.HP Development Company, L.P..) -- C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [99392]
[MD5.7A44FC5E70C4D1B4002E75039A04F0B7] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176]
[MD5.7A44FC5E70C4D1B4002E75039A04F0B7] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176]
[MD5.31E3E8785182DEB239A9DB6CCCC56265] [APT] [Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}] (...) -- C:\Program Files\tools\update\tools_update.exe [1093736]
[MD5.00000000000000000000000000000000] [APT] [Uninstaller_SkipUac_exame] (...) -- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe (.not file.) [0]
[MD5.33CA2F7FA1D265C84086B5913F000646] [APT] [{20084F90-0189-40E8-8191-7872175A0B9F}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [1027928]
[MD5.00000000000000000000000000000000] [APT] [{36C01001-AFBA-492B-AC51-010B2FB19624}] (...) -- C:\Users\exame\Downloads\dotnetfx35.exe (.not file.) [0]
[MD5.33CA2F7FA1D265C84086B5913F000646] [APT] [{3910BBA3-96DB-4330-9D75-F77DC66CE2BA}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [1027928]
[MD5.00000000000000000000000000000000] [APT] [{63B546AA-FB21-4AE3-B5F5-5BEB316444D8}] (...) -- C:\Users\exame\Downloads\HPSupportSolutionsFramework-12.5.26.37 (2).exe (.not file.) [0]
[MD5.4B8AB9C3C1B1B2091D4C7C50895AB06C] [APT] [{6FF17A9B-915D-46F7-A69C-7CA9EC82F167}] (.Oracle Corporation.) -- C:\Users\exame\AppData\Local\Temp\jre-8u131-windows-au.exe [739904]
[MD5.00000000000000000000000000000000] [APT] [{C6B5865B-E9A2-4F36-A597-1C79FCE29464}] (...) -- C:\Users\exame\Downloads\chromeinstall-8u101.exe (.not file.) [0]
[MD5.95696F6683CF86C8DE65F52F4891306F] [APT] [{D4D740EA-BB79-4651-ADFC-0306947EEA0E}] (...) -- C:\Arquivos de Programas RFB\IRPF2017\IRPF2017.exe [32256]
[MD5.15A3BD6C514F574D3AA5458511555CC9] [APT] [HP Support Solutions Framework Report] (.HP Inc..) -- C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [106376]
[MD5.592FE7B6D1DEE178532F3BB797DEDB88] [APT] [HP Support Solutions Framework Updater] (.HP Inc..) -- C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [619656]
[MD5.592FE7B6D1DEE178532F3BB797DEDB88] [APT] [HP Support Solutions Framework Updater - Resources] (.HP Inc..) -- C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [619656]
O39 - APT: EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\Tasks\EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478}.job [919]
O39 - APT: EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\System32\Tasks\EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478} [919]
O39 - APT: HPCeeScheduleForexame - (.HP Development Company, L.P..) -- C:\Windows\Tasks\HPCeeScheduleForexame.job [320]
O39 - APT: HPCeeScheduleForexame - (.HP Development Company, L.P..) -- C:\Windows\System32\Tasks\HPCeeScheduleForexame [320]
O39 - APT: Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} - (...) -- C:\Windows\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}.job [500]
O39 - APT: Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} - (...) -- C:\Windows\System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} [500]
~ Scheduled Task: 28 Scanned in 00mn 04s
---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Enable TLS1.1 and 1.2 - {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\59.0.3071.104\Installer\chrmstp.exe
O40 - ASIC: Adobe Reader User Settings - {A6EADE66-0000-0000-484E-7E8A45000000} . (.Adobe Systems, Inc. - Acrobat Install On Demand.) -- C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 26.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_26_0_0_131.ocx
~ Active Setup: 14 Scanned in 00mn 00s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (HWiNFO32) . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) - C:\Windows\system32\drivers\HWiNFO32.sys
O41 - Driver: (IMFCameraProtect) . (.IObit.com - IMFCameraProtect.) - C:\Windows\system32\drivers\IMFCameraProtect.sys
O41 - Driver: (legendasdrv) . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\legendasdrv.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100}
O42 - Logiciel: Adobe Flash Player 26 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824225037}
O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Componente de Segurança Bradesco - (.Banco Bradesco S.A..) [HKLM] -- scpbrad
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: EPSON L375 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON L375 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: Epson Connect Printer Setup - (.Seiko Epson Corporation.) [HKLM] -- {D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}
O42 - Logiciel: Epson Customer Research Participation - (.Seiko Epson Corporation.) [HKLM] -- {B26449A6-6007-4460-B4FE-C4776115BCEA}
O42 - Logiciel: Epson Easy Photo Print 2 - (.Seiko Epson Corporation.) [HKLM] -- {922E2D91-9314-45AA-9AEF-E585F93B59A9}
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM] -- {4B22C430-7EA8-4534-8358-376FD900B953}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON Corporation.) [HKLM] -- {15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: HP Customer Experience Enhancements - (.HP Development Company, L.P..) [HKLM] -- {64228DFB-7450-49B7-935C-B97342CB6659}
O42 - Logiciel: HP Customer Participation Program 14.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 - (.HP.) [HKLM] -- {96178C0A-BAF9-4E49-A2A5-CDE76722105B}
O42 - Logiciel: HP Imaging Device Functions 14.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 14.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: IRPF2017 - (.Receita Federal do Brasil.) [HKLM] -- IRPF2017
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180121F0}
O42 - Logiciel: Legendas 3.5 - (.LegendasBrasil.org.) [HKLM] -- {461C0377-D2EC-4FB0-B038-847BC6455432}_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Manual Epson L375 versão 1.0 - (...) [HKLM] -- UsersGuideManual Epson L375_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM] -- {28DB8373-C1BB-444F-A427-A55585A12ED7}
O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM] -- {894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}
O42 - Logiciel: Motorola Mobile Drivers Installation 6.4.0 - (.Motorola Mobility LLC.) [HKLM] -- {BA562260-B4FA-4D87-ADC5-963783028C68} =>.Motorola
O42 - Logiciel: Pacote de Driver do Windows - FTDI CDM Driver Package (03/30/2010 2.06.02) - (.FTDI.) [HKLM] -- 883C04C33C70062A4AD0ED48685D05F25A854C1D
O42 - Logiciel: Pacote de Driver do Windows - FTDI CDM Driver Package (03/30/2010 2.06.02) - (.FTDI.) [HKLM] -- ABE36B9BBD00CD433A4454EBCAD52F303406A488
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) Ports (11/09/2011 - (.NEUROTEC - BRASIL.) [HKLM] -- F7C662807239D9D9F7087AEC41156F1AB6963939
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (04/05/2010 1 - (.NEUROTEC - BRASIL.) [HKLM] -- A074B5595E0921E45C48FCE17CF2904FA796114F
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (04/05/2010 1 - (.NEUROTEC - BRASIL.) [HKLM] -- E36A598F4929EFBADF0E00E5AC1CB9176952232A
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (07/14/2010 2 - (.NEUROTEC - BRASIL.) [HKLM] -- 52A6FBB9525A42424A661763290AAFC15EDC87FB
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (07/14/2010 2 - (.NEUROTEC - BRASIL.) [HKLM] -- 7D708184FCCC638488558E37A4CB6DC6A384EF0A
O42 - Logiciel: Project64 1.6 - (.Project64.) [HKLM] -- {9559F7CA-5E34-4237-A2D9-D856464AD727}
O42 - Logiciel: QuickSet32 - (.Dell Inc..) [HKLM] -- {C4972073-2BFE-475D-8441-564EA97DA161}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconduct Corp..) [HKLM] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Revo Uninstaller 2.0.0 - (.VS Revo Group, Ltd..) [HKLM] -- {A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Skype™ 7.27 - (.Skype Technologies S.A..) [HKLM] -- {FC965A47-4839-40CA-B618-18F486F042C6}
O42 - Logiciel: Software Updater - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
O42 - Logiciel: The Desktop Weather 2.0.1.11389 - (.ShenZhen Enode Techology co,.Ltd.) [HKLM] -- WeatherTool
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.31 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 38 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\Bagbin]
[HKCU\Software\Baixaki]
[HKCU\Software\Banglamp]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Carambis]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DRP]
[HKCU\Software\DownloadManager]
[HKCU\Software\DropboxUpdate]
[HKCU\Software\Epson]
[HKCU\Software\F7DC9720542D86003ED29446949A333F] =>PUP.CrossRider
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\I.R.I.S.]
[HKCU\Software\IM Providers]
[HKCU\Software\IObit]
[HKCU\Software\Intel]
[HKCU\Software\Iris]
[HKCU\Software\JaboSoft]
[HKCU\Software\Jamjob]
[HKCU\Software\JavaSoft]
[HKCU\Software\Karlis Blumentals]
[HKCU\Software\KasperskyLabSetup]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Policies]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\SEIKO EPSON CORPORATION]
[HKCU\Software\Skype]
[HKCU\Software\SlimWare Utilities Inc]
[HKCU\Software\TightVNC]
[HKCU\Software\Trolltech]
[HKCU\Software\VS Revo Group]
[HKCU\Software\WSVCUPlugin]
[HKCU\Software\WeatherTool]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wondershare]
[HKCU\Software\WsAudio_Device]
[HKCU\Software\Yandex]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\csastats]
[HKCU\Software\drpsu]
[HKCU\Software\profession]
[HKCU\Software\undefined]
[HKLM\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Alps]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Bagbin]
[HKLM\Software\Banglamp]
[HKLM\Software\CLSID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cypress Keyboard Filter Driver]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\Dell]
[HKLM\Software\DtsEncodeTools]
[HKLM\Software\EPSON]
[HKLM\Software\EVP]
[HKLM\Software\EpsonNet]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\I.R.I.S.]
[HKLM\Software\ICE]
[HKLM\Software\IDT]
[HKLM\Software\IGC]
[HKLM\Software\IM Providers]
[HKLM\Software\IObit]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterHop]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\Jamjob]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\LogMeInRescueCallingCard]
[HKLM\Software\Macromedia]
[HKLM\Software\Motorola Mobility]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Skype]
[HKLM\Software\SlimWare Utilities Inc]
[HKLM\Software\SlimWare Utilities, Inc.]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WafCX]
[HKLM\Software\WinRAR]
[HKLM\Software\WinSaberSvc]
[HKLM\Software\Wondershare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\drpsu]
[HKLM\Software\hdcode]
[HKLM\Software\mozilla.org]
[HKLM\Software\mylucky123Software]
[HKLM\Software\nuesearchSoftware]
[HKLM\Software\qkseeSvc]
[HKLM\Software\qonlsq]
[HKLM\Software\tools]
[HKLM\Software\vSnapshotEncodeTools]
~ Key Software: 233 Scanned in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/07/2016 - 12:37:07 - [0] ----D C:\Program Files\3vztaky0
O43 - CFD: 11/07/2016 - 07:05:09 - [] ----D C:\Program Files\Adobe
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\Program Files\Arquivos Comuns
O43 - CFD: 20/09/2016 - 06:01:28 - [] ----D C:\Program Files\Banglamp
O43 - CFD: 19/01/2017 - 12:22:48 - [0] ----D C:\Program Files\Carambis
O43 - CFD: 12/06/2017 - 18:16:58 - [] ----D C:\Program Files\Common Files
O43 - CFD: 09/08/2016 - 12:40:28 - [] ----D C:\Program Files\Dell
O43 - CFD: 27/05/2016 - 00:21:27 - [] ----D C:\Program Files\Dell Wireless
O43 - CFD: 09/08/2016 - 14:05:23 - [] ----D C:\Program Files\DellTPad
O43 - CFD: 27/05/2016 - 00:45:56 - [] ----D C:\Program Files\DIFX
O43 - CFD: 15/03/2017 - 07:04:15 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 10/01/2017 - 08:48:30 - [] ----D C:\Program Files\epson
O43 - CFD: 10/01/2017 - 08:54:45 - [] ----D C:\Program Files\EPSON Software
O43 - CFD: 10/01/2017 - 08:44:50 - [] ----D C:\Program Files\EpsonNet
O43 - CFD: 12/06/2017 - 18:16:54 - [] ----D C:\Program Files\FormatFactory
O43 - CFD: 12/06/2017 - 18:16:58 - [] ----D C:\Program Files\Google
O43 - CFD: 08/08/2016 - 12:34:18 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 21/11/2016 - 18:52:49 - [] ----D C:\Program Files\HP
O43 - CFD: 20/06/2016 - 07:52:59 - [0] ----D C:\Program Files\Htucult
O43 - CFD: 09/08/2016 - 12:36:20 - [] ----D C:\Program Files\IDT
O43 - CFD: 18/04/2017 - 11:05:11 - [] --H-D C:\Program Files\InstallJammer Registry
O43 - CFD: 05/05/2017 - 13:16:35 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 10/08/2016 - 12:09:18 - [] ----D C:\Program Files\Intel
O43 - CFD: 27/09/2016 - 15:26:22 - [] ----D C:\Program Files\Internet Download Manager
O43 - CFD: 19/06/2017 - 20:03:45 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 12/06/2017 - 20:52:35 - [] ----D C:\Program Files\IObit
O43 - CFD: 27/09/2016 - 12:57:03 - [] ----D C:\Program Files\Jamjob
O43 - CFD: 16/03/2017 - 13:39:26 - [] ----D C:\Program Files\Java
O43 - CFD: 25/07/2016 - 07:11:06 - [] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 12/06/2017 - 18:17:00 - [] ----D C:\Program Files\Legendas-3.5
O43 - CFD: 03/08/2016 - 16:05:51 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 19/06/2017 - 00:27:48 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 17/06/2016 - 08:13:47 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 17/06/2016 - 08:10:55 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 18/06/2016 - 14:57:30 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 17/06/2016 - 08:13:34 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 25/04/2017 - 13:07:20 - [] ----D C:\Program Files\Motorola
O43 - CFD: 25/04/2017 - 13:07:26 - [] ----D C:\Program Files\Motorola Mobility
O43 - CFD: 17/06/2016 - 08:13:56 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 25/04/2017 - 13:07:09 - [] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 21/06/2016 - 13:07:21 - [0] ----D C:\Program Files\Phakichreenash
O43 - CFD: 12/06/2017 - 18:17:04 - [] ----D C:\Program Files\Pherdpy
O43 - CFD: 31/05/2017 - 14:16:23 - [] ----D C:\Program Files\Project64 1.6
O43 - CFD: 27/05/2016 - 00:12:18 - [] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 01:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 05/06/2017 - 15:23:07 - [] ----D C:\Program Files\Reimage =>Rogue.ReimageRepair
O43 - CFD: 20/06/2016 - 19:45:03 - [0] ----D C:\Program Files\Rouythobsh
O43 - CFD: 12/06/2017 - 18:18:37 - [] ----D C:\Program Files\scpbrad
O43 - CFD: 12/06/2017 - 18:17:05 - [] R---D C:\Program Files\Skype
O43 - CFD: 10/08/2016 - 07:09:18 - [0] ----D C:\Program Files\SlimDrivers
O43 - CFD: 24/02/2017 - 15:26:55 - [] ----D C:\Program Files\Tools
O43 - CFD: 14/07/2009 - 01:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/06/2016 - 07:48:47 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 29/05/2017 - 18:37:18 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 19/06/2016 - 06:59:05 - [] ----D C:\Program Files\Vupiyntaied
O43 - CFD: 10/07/2016 - 07:58:41 - [] ----D C:\Program Files\WeatherTool
O43 - CFD: 05/06/2016 - 17:42:07 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 04/02/2011 - 14:53:46 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/10/2016 - 06:00:52 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/05/2016 - 23:42:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 04/02/2011 - 14:53:45 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 04/02/2011 - 14:53:45 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 04/02/2011 - 14:53:45 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 22/08/2016 - 20:35:58 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 26/12/2016 - 19:20:41 - [0] ----D C:\Program Files\Wondershare
O43 - CFD: 21/06/2017 - 11:02:35 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 11/07/2016 - 07:05:10 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 12/06/2017 - 18:12:52 - [] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 27/05/2016 - 00:17:51 - [] ----D C:\Program Files\Common Files\Atheros
O43 - CFD: 21/06/2016 - 22:57:44 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/01/2017 - 08:50:45 - [] ----D C:\Program Files\Common Files\EPSON
O43 - CFD: 17/06/2016 - 07:51:46 - [] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 13/07/2016 - 17:18:51 - [] ----D C:\Program Files\Common Files\IObit
O43 - CFD: 16/03/2017 - 13:41:42 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 18/06/2016 - 22:41:08 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 25/04/2017 - 13:06:14 - [] ----D C:\Program Files\Common Files\Motorola Shared
O43 - CFD: 25/04/2017 - 13:07:20 - [] ----D C:\Program Files\Common Files\MSSoap
O43 - CFD: 27/05/2016 - 00:13:39 - [] ----D C:\Program Files\Common Files\postureAgent
O43 - CFD: 13/07/2009 - 23:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\Program Files\Common Files\Sistema
O43 - CFD: 12/06/2017 - 18:16:58 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 13/07/2009 - 23:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/06/2016 - 22:54:33 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 11/07/2016 - 07:05:02 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 12/06/2017 - 18:17:05 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 05/06/2017 - 15:59:34 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 11/10/2016 - 18:26:35 - [0] ----D C:\ProgramData\Banglamp
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Dados de aplicativos
O43 - CFD: 09/08/2016 - 12:40:33 - [] ----D C:\ProgramData\Dell
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 10/01/2017 - 08:51:41 - [] ----D C:\ProgramData\EPSON
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 08/08/2016 - 19:12:43 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 21/11/2016 - 18:52:07 - [] ----D C:\ProgramData\HP
O43 - CFD: 21/11/2016 - 18:51:56 - [] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 17/09/2016 - 07:06:12 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 27/05/2016 - 00:27:01 - [] ----D C:\ProgramData\Intel
O43 - CFD: 12/06/2017 - 20:01:05 - [] ----D C:\ProgramData\IObit
O43 - CFD: 06/11/2016 - 14:30:37 - [0] ----D C:\ProgramData\Jamjob
O43 - CFD: 02/10/2016 - 15:03:36 - [] ----D C:\ProgramData\jwinpj
O43 - CFD: 26/07/2016 - 06:43:26 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 31/05/2017 - 14:13:31 - [] ----D C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 23/05/2017 - 18:30:38 - [] ----D C:\ProgramData\Legendas
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Menu Iniciar
O43 - CFD: 15/08/2016 - 12:33:49 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 19/06/2017 - 00:38:57 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Modelos
O43 - CFD: 25/04/2017 - 13:10:30 - [] ----D C:\ProgramData\Motorola
O43 - CFD: 16/03/2017 - 13:41:39 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 05/06/2017 - 14:10:34 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 26/05/2017 - 12:10:57 - [] ----D C:\ProgramData\Pianosoft
O43 - CFD: 15/06/2017 - 05:00:30 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 15/07/2016 - 09:43:30 - [] ----D C:\ProgramData\PwinpP
O43 - CFD: 01/06/2017 - 07:58:01 - [] ----D C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair
O43 - CFD: 12/06/2017 - 18:18:56 - [] ----D C:\ProgramData\scpbrad
O43 - CFD: 20/09/2016 - 05:31:09 - [] ----D C:\ProgramData\Skype
O43 - CFD: 09/08/2016 - 12:21:01 - [] ----D C:\ProgramData\SlimWare Utilities, Inc
O43 - CFD: 10/01/2017 - 08:47:50 - [] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 20/09/2016 - 06:01:28 - [] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 24/02/2017 - 15:26:55 - [] ----D C:\ProgramData\tools
O43 - CFD: 20/07/2016 - 07:47:55 - [0] ----D C:\ProgramData\uckt
O43 - CFD: 10/01/2017 - 08:48:13 - [] ----D C:\ProgramData\UDL
O43 - CFD: 17/06/2016 - 08:05:56 - [] ----D C:\ProgramData\WEBREG
O43 - CFD: 26/12/2016 - 19:20:30 - [] ----D C:\ProgramData\Wondershare
O43 - CFD: 26/12/2016 - 19:18:45 - [] ----D C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 16/01/2017 - 20:25:30 - [0] ----D C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
O43 - CFD: 04/11/2016 - 19:12:33 - [0] ----D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
O43 - CFD: 12/06/2017 - 12:38:05 - [] ----D C:\ProgramData\{99605C03-1322-D6C5-95E4-48870FA6C349}
O43 - CFD: 19/06/2016 - 08:08:49 - [0] ----D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
O43 - CFD: 19/06/2016 - 08:13:55 - [0] ----D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
O43 - CFD: 13/07/2016 - 08:46:50 - [0] ----D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 15/08/2016 - 13:01:32 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 10/08/2016 - 12:20:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/05/2016 - 00:18:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
O43 - CFD: 12/06/2017 - 18:17:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
O43 - CFD: 10/01/2017 - 08:54:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 10/01/2017 - 08:48:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
O43 - CFD: 05/02/2011 - 14:51:29 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 21/11/2016 - 18:52:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 16/03/2017 - 13:40:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/07/2009 - 01:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17/06/2016 - 08:15:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 19/06/2017 - 00:28:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 25/04/2017 - 13:07:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
O43 - CFD: 18/04/2017 - 11:05:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
O43 - CFD: 12/06/2017 - 19:58:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 12/06/2017 - 18:17:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 21/11/2016 - 19:08:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 17/06/2016 - 07:49:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 22/08/2016 - 20:35:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 21/06/2017 - 11:02:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 05/06/2017 - 14:46:03 - [] ----D C:\Users\exame\AppData\Roaming\71BC229B-5EC9-B8AF-82B8-3CF96B29EAE0
O43 - CFD: 20/06/2016 - 10:07:09 - [] ----D C:\Users\exame\AppData\Roaming\Adobe
O43 - CFD: 19/06/2016 - 08:08:45 - [] ----D C:\Users\exame\AppData\Roaming\Apple Computer
O43 - CFD: 22/08/2016 - 20:37:28 - [] ----D C:\Users\exame\AppData\Roaming\Carambis
O43 - CFD: 27/09/2016 - 07:38:05 - [] ----D C:\Users\exame\AppData\Roaming\DMCache
O43 - CFD: 09/08/2016 - 12:27:03 - [] ----D C:\Users\exame\AppData\Roaming\DRPSu
O43 - CFD: 31/05/2017 - 14:16:26 - [] ----D C:\Users\exame\AppData\Roaming\dvdcss
O43 - CFD: 11/08/2016 - 08:17:00 - [] ----D C:\Users\exame\AppData\Roaming\Easeware
O43 - CFD: 12/01/2017 - 12:55:09 - [] ----D C:\Users\exame\AppData\Roaming\Epson
O43 - CFD: 26/07/2016 - 19:04:04 - [] ----D C:\Users\exame\AppData\Roaming\Hewlett-Packard
O43 - CFD: 29/06/2016 - 07:07:47 - [] ----D C:\Users\exame\AppData\Roaming\HP
O43 - CFD: 26/07/2016 - 18:56:48 - [] ----D C:\Users\exame\AppData\Roaming\hpqLog
O43 - CFD: 21/11/2016 - 18:57:54 - [] ----D C:\Users\exame\AppData\Roaming\HpUpdate
O43 - CFD: 26/05/2016 - 23:44:22 - [] ----D C:\Users\exame\AppData\Roaming\Identities
O43 - CFD: 25/09/2016 - 06:51:21 - [] ----D C:\Users\exame\AppData\Roaming\IDM
O43 - CFD: 27/05/2016 - 00:13:31 - [] ----D C:\Users\exame\AppData\Roaming\InstallShield
O43 - CFD: 12/06/2017 - 20:02:22 - [] ----D C:\Users\exame\AppData\Roaming\IObit
O43 - CFD: 21/06/2017 - 10:08:42 - [] ----D C:\Users\exame\AppData\Roaming\Java
O43 - CFD: 10/01/2017 - 08:53:49 - [] ----D C:\Users\exame\AppData\Roaming\Leadertech
O43 - CFD: 19/06/2016 - 08:25:30 - [] ----D C:\Users\exame\AppData\Roaming\Macromedia
O43 - CFD: 05/02/2011 - 14:50:11 - [0] ----D C:\Users\exame\AppData\Roaming\Media Center Programs
O43 - CFD: 12/06/2017 - 18:13:47 - [] -S--D C:\Users\exame\AppData\Roaming\Microsoft
O43 - CFD: 25/04/2017 - 13:05:45 - [] ----D C:\Users\exame\AppData\Roaming\Motorola
O43 - CFD: 25/04/2017 - 13:07:30 - [] ----D C:\Users\exame\AppData\Roaming\Motorola Mobility
O43 - CFD: 12/06/2017 - 18:17:08 - [] ----D C:\Users\exame\AppData\Roaming\Mozilla
O43 - CFD: 09/08/2016 - 12:34:19 - [] ----D C:\Users\exame\AppData\Roaming\Opera Software
O43 - CFD: 06/06/2017 - 22:19:54 - [0] ----D C:\Users\exame\AppData\Roaming\PeerNetworking
O43 - CFD: 12/06/2017 - 18:17:08 - [] ----D C:\Users\exame\AppData\Roaming\ProductData
O43 - CFD: 11/07/2016 - 18:36:01 - [] ----D C:\Users\exame\AppData\Roaming\Profiles
O43 - CFD: 21/06/2017 - 10:07:43 - [] ----D C:\Users\exame\AppData\Roaming\Skype
O43 - CFD: 12/08/2016 - 08:29:12 - [0] ----D C:\Users\exame\AppData\Roaming\Solvusoft
O43 - CFD: 16/03/2017 - 13:40:16 - [] ----D C:\Users\exame\AppData\Roaming\Sun
O43 - CFD: 24/02/2017 - 15:26:55 - [] ----D C:\Users\exame\AppData\Roaming\Tools
O43 - CFD: 21/06/2017 - 11:04:20 - [] ----D C:\Users\exame\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 15/06/2017 - 05:12:05 - [] ----D C:\Users\exame\AppData\Roaming\vlc
O43 - CFD: 21/06/2017 - 10:23:53 - [] ----D C:\Users\exame\AppData\Roaming\WeatherTool
O43 - CFD: 22/08/2016 - 20:36:17 - [] ----D C:\Users\exame\AppData\Roaming\WinRAR
O43 - CFD: 26/12/2016 - 19:15:10 - [0] ----D C:\Users\exame\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 21/06/2017 - 11:04:56 - [] ----D C:\Users\exame\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 26/12/2016 - 19:15:14 - [0] ----D C:\Users\exame\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 21/06/2016 - 11:45:36 - [] ----D C:\Users\exame\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
O43 - CFD: 11/07/2016 - 07:53:19 - [] ----D C:\Users\exame\AppData\Local\Adobe
O43 - CFD: 27/05/2016 - 00:17:23 - [] ----D C:\Users\exame\AppData\Local\Apps
O43 - CFD: 22/08/2016 - 10:41:02 - [] ----D C:\Users\exame\AppData\Local\Bagbin
O43 - CFD: 20/09/2016 - 06:01:34 - [] ----D C:\Users\exame\AppData\Local\Banglamp
O43 - CFD: 27/05/2016 - 01:21:33 - [] ----D C:\Users\exame\AppData\Local\BMExplorer
O43 - CFD: 11/07/2016 - 07:53:20 - [] ----D C:\Users\exame\AppData\Local\CEF
O43 - CFD: 05/06/2017 - 15:49:29 - [] ----D C:\Users\exame\AppData\Local\CrashDumps
O43 - CFD: 26/05/2016 - 23:44:10 - [] -SH-D C:\Users\exame\AppData\Local\Dados de aplicativos
O43 - CFD: 25/05/2017 - 13:58:50 - [0] ----D C:\Users\exame\AppData\Local\Deployment
O43 - CFD: 20/06/2017 - 21:19:40 - [] ----D C:\Users\exame\AppData\Local\Diagnostics
O43 - CFD: 21/05/2017 - 10:08:01 - [] ----D C:\Users\exame\AppData\Local\ElevatedDiagnostics
O43 - CFD: 12/06/2017 - 18:17:07 - [] ----D C:\Users\exame\AppData\Local\Google
O43 - CFD: 18/06/2016 - 14:16:55 - [] ----D C:\Users\exame\AppData\Local\GWX
O43 - CFD: 08/08/2016 - 12:04:31 - [] ----D C:\Users\exame\AppData\Local\Hewlett-Packard
O43 - CFD: 26/05/2016 - 23:44:10 - [] -SH-D C:\Users\exame\AppData\Local\Histórico
O43 - CFD: 29/06/2016 - 07:07:46 - [] ----D C:\Users\exame\AppData\Local\HP
O43 - CFD: 27/07/2016 - 09:23:43 - [] ----D C:\Users\exame\AppData\Local\HP_Development_Company,_L
O43 - CFD: 16/01/2017 - 20:25:17 - [] ----D C:\Users\exame\AppData\Local\IIIQF
O43 - CFD: 27/09/2016 - 12:57:12 - [] ----D C:\Users\exame\AppData\Local\Jamjob
O43 - CFD: 23/04/2017 - 22:47:04 - [] ----D C:\Users\exame\AppData\Local\Microsoft
O43 - CFD: 08/01/2017 - 15:41:37 - [] ----D C:\Users\exame\AppData\Local\Microsoft Help
O43 - CFD: 04/06/2016 - 19:43:20 - [] ----D C:\Users\exame\AppData\Local\NFS Underground 2
O43 - CFD: 10/07/2016 - 15:56:32 - [] ----D C:\Users\exame\AppData\Local\niughfujuiedghergadom
O43 - CFD: 09/08/2016 - 12:34:20 - [] ----D C:\Users\exame\AppData\Local\Opera Software
O43 - CFD: 19/06/2016 - 08:08:24 - [] ----D C:\Users\exame\AppData\Local\Programs
O43 - CFD: 10/08/2016 - 07:07:52 - [] ----D C:\Users\exame\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 21/06/2017 - 11:02:38 - [] ----D C:\Users\exame\AppData\Local\Temp
O43 - CFD: 26/05/2016 - 23:44:10 - [] -SH-D C:\Users\exame\AppData\Local\Temporary Internet Files
O43 - CFD: 11/07/2016 - 18:36:47 - [] ----D C:\Users\exame\AppData\Local\thudephwutisnimge
O43 - CFD: 04/06/2016 - 20:31:36 - [] ----D C:\Users\exame\AppData\Local\VirtualStore
O43 - CFD: 26/12/2016 - 19:14:59 - [] ----D C:\Users\exame\AppData\Local\Wondershare
O43 - CFD: 14/07/2009 - 01:42:04 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 19/06/2017 - 20:07:48 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/06/2016 - 17:16:04 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
O43 - CFD: 04/06/2016 - 19:42:08 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 01:37:42 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/04/2017 - 11:05:08 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
O43 - CFD: 12/06/2017 - 18:17:08 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
O43 - CFD: 19/06/2017 - 20:07:48 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/08/2016 - 20:35:58 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 238 Scanned in 00mn 01s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/06/2017 - 12:56:34 ---A- . (...) -- C:\History [0]
O44 - LFC:[MD5.76A347BD0A6C60389E9069E504629440] - 12/06/2017 - 20:36:43 ---A- . (...) -- C:\Windows\Reimage.ini [99] =>Rogue.ReimageRepair
O44 - LFC:[MD5.BDA7ADB2AF8C7B007355B3E9FEBF77AB] - 12/06/2017 - 20:52:35 ---A- . (...) -- C:\Windows\PFRO.log [7276]
O44 - LFC:[MD5.E5E675AEC355298CA882C08F912600EA] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - DLL de eventos de auditoria de segurança.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.432FFE3F8F7848CE7C3B324322445F24] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - DLL do Esquema de auditoria de segurança.) -- C:\Windows\System32\adtschema.dll [690688]
O44 - LFC:[MD5.4CB4C43E561E0478EA8C3FDEF5CB7647] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.FDC07CA8F3D7A6B0FD9940C493FD93BB] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.B69C93680FA50E980C3876A9B5676C5A] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - Nomes de auditoria dos objetos do sistema.) -- C:\Windows\System32\msobjs.dll [60416]
O44 - LFC:[MD5.2D9C5440622FC24B954DA6D17C64DF55] - 18/06/2017 - 17:03:38 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.C3B4631AEA2EE375796FE15818A0F6F8] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - API do Cliente do Windows Update.) -- C:\Windows\System32\wuapi.dll [573440]
O44 - LFC:[MD5.C4B23D2CF32765F1E2B7671B27C5E331] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656]
O44 - LFC:[MD5.63EF04F2497DBD7408598F2EBBA9BC58] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - AppID Certificate Store Verification Task.) -- C:\Windows\System32\appidcertstorecheck.exe [16896]
O44 - LFC:[MD5.20ED6F310B7C56389D97B3BC435A466D] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\Drivers\appid.sys [50688]
O44 - LFC:[MD5.B008EC0EC71EB73B2B13F3032C6FF239] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - AppID Policy Converter Task.) -- C:\Windows\System32\appidpolicyconverter.exe [97792]
O44 - LFC:[MD5.613E2BF7F411D8A26FBBAEDB0A9E76A0] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Base cryptographic API DLL.) -- C:\Windows\System32\cryptbase.dll [36352]
O44 - LFC:[MD5.80C82E8A65D6366A1428856AAB85A1F9] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Biblioteca Principal de Restauração de Sist.) -- C:\Windows\System32\srcore.dll [400896]
O44 - LFC:[MD5.20FA96CA4119C1CC02A9D326E715F802] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Biblioteca criptográfica do Windows.) -- C:\Windows\System32\ncrypt.dll [223232]
O44 - LFC:[MD5.5E319D87058BD69A30E59598669A2ABD] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [17408]
O44 - LFC:[MD5.46E8336D3B98E43B9EE8911CE48D8AFC] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [64000]
O44 - LFC:[MD5.BA97A0437A9EE4F23103322CC4C7A47E] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll [10240]
O44 - LFC:[MD5.BD8A0FCAABECA36E3ADC963FFB11AF4F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DLL de APIs de Identidade de Aplicativo.) -- C:\Windows\System32\appidapi.dll [50688]
O44 - LFC:[MD5.3B7EF68FA050945C468AE782EE61EBEB] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DLL do servidor LSA.) -- C:\Windows\System32\lsasrv.dll [1062912]
O44 - LFC:[MD5.289AE4BABD0724756B892E7EC7DD6072] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll [70656]
O44 - LFC:[MD5.66F44669F2620BFF46E1FA9F5DAC4828] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [47616]
O44 - LFC:[MD5.B3A29317C3A2A86B051C298E3F82E0D5] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [104960]
O44 - LFC:[MD5.B91D51B994997DEAD02B43C7E48D6A42] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.821BAA35B67EF348201B73AD1D93F350] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [15872]
O44 - LFC:[MD5.808161E20EC7873A1B008EEED300E8AB] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll [26112]
O44 - LFC:[MD5.1F83BB829C2A02CD615B7A1378EC5E6B] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [22016]
O44 - LFC:[MD5.7BD965676B36D6046BA04F5D43E9FC43] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys [98304]
O44 - LFC:[MD5.0659195D46943681473024917C356F55] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\Drivers\mrxsmb10.sys [226304]
O44 - LFC:[MD5.9E8004DBAC3FE12B7A1B40BE317C00AF] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - MUI Callback for Bcd.) -- C:\Windows\System32\setbcdlocale.dll [50176]
O44 - LFC:[MD5.4E7E643A6FAF8FF359EA486BA4F07DD8] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\Windows\System32\iesetup.dll [62464]
O44 - LFC:[MD5.C59CB6657664452F799D3168DF463BBA] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Mecanismo de instalação.) -- C:\Windows\System32\inseng.dll [91136]
O44 - LFC:[MD5.280B0363C54C122F1349B07A33E8E92E] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [261120]
O44 - LFC:[MD5.A2E44E9CC6D8B4CC7CB06F905A292175] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [172032]
O44 - LFC:[MD5.38A3DA3D4C41D07A27F8F7ECB9BACB92] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [43008]
O44 - LFC:[MD5.6D5F4F19338CCF40712FFD5483D7878F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Mount Point Manger Sysprep Utility Library.) -- C:\Windows\System32\msmmsp.dll [10752]
O44 - LFC:[MD5.BCA481258D6D79736626033097B2D903] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\Windows\System32\iernonce.dll [30720]
O44 - LFC:[MD5.B60514060323CC3966FF50BFC84A2DC0] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Processo do tempo de Execução do Servidor d.) -- C:\Windows\System32\csrsrv.dll [38912]
O44 - LFC:[MD5.8801A0DF3B6BEDC23530CBEF816DBBD9] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Programa de Diretiva de Auditoria.) -- C:\Windows\System32\auditpol.exe [50176]
O44 - LFC:[MD5.8E768475A75F95D8D1DC904F1C063C66] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - RPC HTTP DLL.) -- C:\Windows\System32\rpchttp.dll [141312]
O44 - LFC:[MD5.128B38F33325940F84FA38B16284D032] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Restauração do Sistema do Microsoft® Window.) -- C:\Windows\System32\rstrui.exe [262656]
O44 - LFC:[MD5.2E7B05D2B01E5E6B2F1A89768EA64A3D] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [22016]
O44 - LFC:[MD5.AFB5F8D723FA212EBD86804F43FF0B77] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [99840]
O44 - LFC:[MD5.B88B13E10F3D2403FB3775138187811E] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Serviço de Identidade de Aplicativo.) -- C:\Windows\System32\appidsvc.dll [29696]
O44 - LFC:[MD5.2AFF57C13F7ADE1D3D08C68F413E4924] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [73216]
O44 - LFC:[MD5.D3C7191F5A49A26895E645020CE9A29F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [254464]
O44 - LFC:[MD5.4399DA5F36AED9BA58D48543878936AF] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe [689664]
O44 - LFC:[MD5.7848F2A1E4B723009DD786919F815D91] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\Windows\System32\ieUnatt.exe [115712]
O44 - LFC:[MD5.4FAB9495AC00D8A12E9EB14DE518188B] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [65536]
O44 - LFC:[MD5.5299D3EFFD0072E8B4449217E67B67DD] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Cryptographic Primitives Library.) -- C:\Windows\System32\bcrypt.dll [82432]
O44 - LFC:[MD5.46D60EF6ECA5A058CA0A63E2F0990E77] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Setup UI.) -- C:\Windows\System32\WinSetupUI.dll [73728]
O44 - LFC:[MD5.9222E721E38EF60B6627B4AC73E54AB7] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [35328]
O44 - LFC:[MD5.21D5B06910FED890196328720CE0E69F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [93696]
O44 - LFC:[MD5.D25087EDF7E1EA0FA861B8C5A8791EA1] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update client proxy stub 2.) -- C:\Windows\System32\wups2.dll [35840]
O44 - LFC:[MD5.43FDFED4530916944F35086228179EB3] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update client proxy stub for intern.) -- C:\Windows\System32\wu.upgrade.ps.dll [11776]
O44 - LFC:[MD5.7612127B53E3486A080A64EB67A0ED95] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\System32\wups.dll [30208]
O44 - LFC:[MD5.8737C6345141BB27430A836D359E23FF] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [136192]
O44 - LFC:[MD5.F5C3A7DC4A3C2E1A518D1D9BF5CE35EE] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\Windows\System32\advapi32.dll [644096]
O44 - LFC:[MD5.235B9E10E10398E4B03773460992B65A] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\Windows\System32\msrating.dll [168960]
O44 - LFC:[MD5.C32DECD73CF519F5BF4DD3C3FE487C79] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - ExplorerFrame.) -- C:\Windows\System32\ExplorerFrame.dll [1499648]
O44 - LFC:[MD5.6C8D411EDC63379A2DF639F254B9BBFA] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Gerenciador de Sessão do Windows.) -- C:\Windows\System32\smss.exe [69632]
O44 - LFC:[MD5.A6D5F57D8C47D668A4F663BF9B219D21] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [620032]
O44 - LFC:[MD5.DECD2A2E51BC19155705F2E1DA1A60D1] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll [553472]
O44 - LFC:[MD5.B5259B75BFDE00A5CDFD8D70444C8E3C] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Serviço de Cache de Fontes do Windows.) -- C:\Windows\System32\FntCache.dll [909824]
O44 - LFC:[MD5.B2BC24B325A194BC1461D28B58D21E87] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Tempo de Execução da Chamada de Procediment.) -- C:\Windows\System32\rpcrt4.dll [655360]
O44 - LFC:[MD5.07E9743EEA123832D04AA292EB435CAB] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Visualizador de controles de objetos.) -- C:\Windows\System32\occache.dll [130048]
O44 - LFC:[MD5.D071B9246BFD1575D72BD88B66F6FB87] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\Drivers\mrxsmb.sys [124416]
O44 - LFC:[MD5.EF651A993C52D89B019F3FC08B820A96] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Conversor de HTML da Microsoft.) -- C:\Windows\System32\html.iec [341504]
O44 - LFC:[MD5.4FFDF016543C1BF8915CF933CF75BC11] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Experiência de Usuário Cliente do Windows U.) -- C:\Windows\System32\wucltux.dll [2953216]
O44 - LFC:[MD5.CE8D9A8CF1CE85AE787A07B81F4E0A44] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [47104]
O44 - LFC:[MD5.0F88A7FF80AD0923F0BCD189994DBA0B] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\Windows\System32\ieui.dll [476160]
O44 - LFC:[MD5.3A7587A2573A5460C311B635A952CE61] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [710144]
O44 - LFC:[MD5.A6F6121711567A714A4680BB1781C76A] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [76288]
O44 - LFC:[MD5.59981F09AEE18D53ABC96AA52D55ABF5] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\System32\webcheck.dll [230400]
O44 - LFC:[MD5.C2E787F8373A8287B06ECFA373B88CC2] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Serviços de Tipografia de DirectX da Micros.) -- C:\Windows\System32\DWrite.dll [1251328]
O44 - LFC:[MD5.F125D0EA19EA00B1841EFAD8C1B4B378] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [174080]
O44 - LFC:[MD5.32EB184774A4A1A5F03CC992FDE1079B] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll [1314816]
O44 - LFC:[MD5.2799A0C93B74A00757E55F1E1AED2957] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - MSSHooks.dll.) -- C:\Windows\System32\msshooks.dll [9728]
O44 - LFC:[MD5.28238510F672C0151C1EA56309E6EF2F] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [693248]
O44 - LFC:[MD5.85B0626CE884936A18F47CD4AA890412] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft Search Proxy.) -- C:\Windows\System32\mssprxy.dll [34816]
O44 - LFC:[MD5.67E8B8B3D758CE618249FB2143D1C49B] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft Windows Search Filter Host.) -- C:\Windows\System32\SearchFilterHost.exe [86528]
O44 - LFC:[MD5.343C2AF6C21F88EBF89D3FA8C913F24F] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [663552]
O44 - LFC:[MD5.26B60687D5891158D2B8A0E943B77F07] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [499200]
O44 - LFC:[MD5.6ECFB0451DAF8E07C3FD2B72F55D0E41] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\Windows\System32\inetcpl.cpl [2057216]
O44 - LFC:[MD5.7D54C0240E252158F477C42603459840] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Plataforma MSSearch Vista.) -- C:\Windows\System32\mssvp.dll [666624]
O44 - LFC:[MD5.61B459EB5D757FEB2A09F26DAF324ABC] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2290176]
O44 - LFC:[MD5.BDAF9986D957DB8174012C37692E6622] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - msscntrs.dll.) -- C:\Windows\System32\msscntrs.dll [59392]
O44 - LFC:[MD5.A278D9480798D233B16190AC7252B260] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - mssitlb.) -- C:\Windows\System32\mssitlb.dll [104448]
O44 - LFC:[MD5.64669AB349067A8A521F96ACF5B527CA] - 18/06/2017 - 17:03:41 ---A- . (.No owner - Aplicativo PrintBrm.) -- C:\Windows\System32\PrintBrmUi.exe [66048]
O44 - LFC:[MD5.9D7DA46D498CFE621791BE6A9A3C189D] - 18/06/2017 - 17:03:42 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [308456]
O44 - LFC:[MD5.56295964C1B7AA9EB55994A0D2FF7FF8] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Conector do Outlook MSSearch.) -- C:\Windows\System32\mssphtb.dll [197120]
O44 - LFC:[MD5.B3DCFDB1CC7AE5C2EAE08E87588CE360] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - DLL de nível do NT.) -- C:\Windows\System32\ntdll.dll [1310528]
O44 - LFC:[MD5.69E1A2342DD24F8BE0C78546EB546277] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - DLL do spooler local.) -- C:\Windows\System32\localspl.dll [779776]
O44 - LFC:[MD5.C2CF55443D72915B513B2B434D03C050] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll [346320]
O44 - LFC:[MD5.77D5322ABB841FB22803F8D6782479ED] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Indexador do Microsoft Windows Search.) -- C:\Windows\System32\SearchIndexer.exe [427520]
O44 - LFC:[MD5.7A0BE123229374477CACA4F816339660] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [67304]
O44 - LFC:[MD5.60A3E1FAA410B7FB7F243A6747243E1E] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [137960]
O44 - LFC:[MD5.8573C2DF99A3F855675DB50CD9C65D7A] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Manipulador de Protocolo Microsoft Search.) -- C:\Windows\System32\mssph.dll [337408]
O44 - LFC:[MD5.6788A1060D8D04E1C540ECF948220A16] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1155072]
O44 - LFC:[MD5.825A18C71EC3D80A674285AAA959212F] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [667648]
O44 - LFC:[MD5.CC110E318C34FE397B1370D9ED783D5E] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) -- C:\Windows\System32\SearchProtocolHost.exe [164352]
O44 - LFC:[MD5.C648901695E275C8F2AD04B687A68CE2] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45056]
O44 - LFC:[MD5.01743A8A62F2C0488F9C4F6D25C21B2C] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\Drivers\tdx.sys [74752]
O44 - LFC:[MD5.3B55B2000DEBDC210693530B669B9966] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Ajuda e Suporte da Microsoft.) -- C:\Windows\HelpPane.exe [497152]
O44 - LFC:[MD5.45987221A09C7535395A1A9C38DFB114] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [306688]
O44 - LFC:[MD5.9664F55623B43FD85D5642A202976AEE] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Gerenciador de Pontos de Montagem.) -- C:\Windows\System32\Drivers\mountmgr.sys [78568]
O44 - LFC:[MD5.08A2667D4A1F78292AAE6754AEAC8308] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Provedor de Impressão do Processo do Client.) -- C:\Windows\System32\win32spl.dll [497664]
O44 - LFC:[MD5.9B2BA304828D5FABF87348D59D635AC7] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Reprodução Automática da Transferência Fáci.) -- C:\Windows\System32\MigAutoPlay.exe [91368]
O44 - LFC:[MD5.25FACE67FAECD9E98A712048BF11A623] - 18/06/2017 - 17:03:44 ---A- . (.Microsoft Corporation - Uniscribe Unicode script processor.) -- C:\Windows\System32\usp10.dll [629760]
O44 - LFC:[MD5.010CF929D6BD8E6877AB1C2694EA6F45] - 18/06/2017 - 17:03:44 ---A- . (.Microsoft Corporation - mssrch.dll.) -- C:\Windows\System32\mssrch.dll [1400320]
O44 - LFC:[MD5.36A48A1471CEE37D11CFDAB2C9EF63B2] - 18/06/2017 - 17:03:45 ---A- . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll [12880896]
O44 - LFC:[MD5.642A5C8133B07C3F6F381E93DA590F3C] - 18/06/2017 - 17:03:45 ---A- . (.Microsoft Corporation - tquery.dll.) -- C:\Windows\System32\tquery.dll [1549824]
O44 - LFC:[MD5.2ADE0250EC6773A04D47C4FA253FDA8D] - 18/06/2017 - 17:03:46 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [4001000]
O44 - LFC:[MD5.BECFF07257DD80EEF20904B4A2D3B319] - 18/06/2017 - 17:03:46 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3945704]
O44 - LFC:[MD5.DCEB6F8CD73D7DDAEABA604DF4D11C49] - 18/06/2017 - 17:03:47 ---A- . (.Microsoft Corporation - Driver Win32 multiusuário.) -- C:\Windows\System32\win32k.sys [2401792]
O44 - LFC:[MD5.9B934764D5320F5F2FC0C3CB663F7A3E] - 18/06/2017 - 17:03:47 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [2767872]
O44 - LFC:[MD5.8E6E93DFE1C8C1732E4B2C843CE4ABA5] - 18/06/2017 - 17:03:47 ---A- . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2092032]
O44 - LFC:[MD5.3104963B375C6BCB80B8BD06E6E5F859] - 18/06/2017 - 17:03:48 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [4549120]
O44 - LFC:[MD5.BCA2778F2BF8F07176D695AEB8F03B01] - 18/06/2017 - 17:03:49 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\Windows\System32\ieframe.dll [13664768]
O44 - LFC:[MD5.4F3ED8A4AAD8A4A87361094559579C56] - 18/06/2017 - 17:03:51 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll [20274688]
O44 - LFC:[MD5.960AE99A15B1C8C9FBDDDE97606478F9] - 18/06/2017 - 17:03:53 ---A- . (.Microsoft Corporation - Direct3D HLSL Compiler for Redistribution.) -- C:\Windows\System32\D3DCompiler_47.dll [3550208]
O44 - LFC:[MD5.A29E3A80C524723FD4163187AA2B6C54] - 19/06/2017 - 00:31:15 ---A- . (.Microsoft Corporation - Ferramentas de Remoção de Software Mal-Inte.) -- C:\Windows\System32\MRT.exe [130903960]
O44 - LFC:[MD5.C6F3F40C7BED004AB90AE216E1A69263] - 19/06/2017 - 20:06:20 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [418496]
O44 - LFC:[MD5.82E931C912C7EEE36E31AD26ADAF2600] - 19/06/2017 - 20:17:08 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [803328]
O44 - LFC:[MD5.56F5F9633110674F2FDA4DAFD9D4165E] - 19/06/2017 - 20:17:08 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [144896]
O44 - LFC:[MD5.D4DC05E513976C37F1F1BB76429AD9CC] - 21/06/2017 - 10:06:02 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.8E63F7DA03E14448F2E0B314C677DE76] - 21/06/2017 - 10:06:09 ---A- . (...) -- C:\Windows\setupact.log [2922]
O44 - LFC:[MD5.CC3DC6E8B41D8376E458685733A1916C] - 21/06/2017 - 10:07:41 ---A- . (...) -- C:\MotoHelperConfig.ini [40]
O44 - LFC:[MD5.F16AC7E773BA8F5F7BBD62A5B761E493] - 21/06/2017 - 10:33:56 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1144425]
O44 - LFC:[MD5.9EB777A18A1298DAFAE2B3433BE72DA6] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1755670]
O44 - LFC:[MD5.C3DDC304B2A5148DEDA377660401E46C] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\perfc009.dat [135324]
O44 - LFC:[MD5.787EE2FC3E219A826409DD0E39BE5E07] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\perfh009.dat [697018]
O44 - LFC:[MD5.13276A5F104C0D56BD095BA640BBC8CB] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [162464]
O44 - LFC:[MD5.7001805B04B84BEFC0EFEB2E5AA2068D] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [753502]
~ Files: 138 Scanned in 00mn 48s
---\\ Últimos arquivos criados no Windows Prefetcher (045)
O45 - LFCP:[MD5.2C03240D53BAF5C774A8853B3A5D2562] - 21/06/2017 - 10:04:52 ---A- - C:\Windows\Prefetch\UTORRENTIE.EXE-DDD28CCF.pf =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSimpleNetIDList"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=221
O56 - MWPE:[HKCU\...\policies\Explorer] - "NolowDiskSpaceChecks"=1
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:13/07/2009 - 22:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 02:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 02:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:05/07/2013 - 13:56:36 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [416560]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:23/03/2016 - 02:00:38 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athr.sys [3374376]
O58 - SDL:07/10/2010 - 02:17:20 ---A- . (.AVerMedia TECHNOLOGIES, Inc. - AVerMedia Hybrid TV Driver.) -- C:\Windows\System32\Drivers\AVerPola.sys [478464]
O58 - SDL:07/10/2010 - 02:17:30 ---A- . (.AVerMedia TECHNOLOGIES, Inc. - AVerMedia USB Polaris Series Custom IR Driver.) -- C:\Windows\System32\Drivers\AVPolCIR.sys [38144]
O58 - SDL:13/07/2009 - 19:02:49 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:13/07/2009 - 21:57:25 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 19:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [259232]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [24736]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [34976]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [175776]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [49312]
O58 - SDL:31/03/2011 - 14:07:40 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [141088]
O58 - SDL:19/06/2016 - 08:20:33 ---A- . (.IVT Corporation. - Bluetooth USB Device Driver.) -- C:\Windows\System32\Drivers\btcusb.sys [47504]
O58 - SDL:31/03/2011 - 14:07:40 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [243360]
O58 - SDL:13/07/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:13/07/2009 - 22:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:13/09/2013 - 09:28:36 ---A- . (.Cypress Semiconductor, Inc. - Trackpad Driver.) -- C:\Windows\System32\Drivers\cykbfltr.sys [16384]
O58 - SDL:19/09/2016 - 22:07:28 ---A- . (.Windows (R) Win 7 DDK provider - Dropbox Filter Driver.) -- C:\Windows\System32\Drivers\dbx-canary.sys [62064]
O58 - SDL:19/09/2016 - 22:07:38 ---A- . (.Windows (R) Win 7 DDK provider - Dropbox Filter Driver.) -- C:\Windows\System32\Drivers\dbx-dev.sys [62064]
O58 - SDL:19/09/2016 - 22:07:28 ---A- . (.Windows (R) Win 7 DDK provider - Dropbox Filter Driver.) -- C:\Windows\System32\Drivers\dbx-stable.sys [62064]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:13/07/2009 - 19:02:50 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:19/10/2010 - 16:33:40 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECI.sys [41088]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:19/06/2016 - 08:15:33 ---A- . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\Drivers\HWiNFO32.SYS [23840]
O58 - SDL:29/05/2015 - 16:05:32 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStorA.sys [503048]
O58 - SDL:29/05/2015 - 16:05:32 ---A- . (.Intel Corporation - Intel Rapid Storage Technology Filter driver - x86.) -- C:\Windows\System32\Drivers\iaStorF.sys [27376]
O58 - SDL:11/03/2011 - 02:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:15/11/2012 - 02:03:56 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [7408128]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:29/03/2017 - 18:05:42 ---A- . (.IObit.com - IMFCameraProtect.) -- C:\Windows\System32\Drivers\IMFCameraProtect.sys [25120]
O58 - SDL:19/06/2016 - 08:30:43 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [379128]
O58 - SDL:04/12/2015 - 19:25:34 ---A- . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\legendasdrv.sys [48368]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:13/07/2009 - 22:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:13/07/2009 - 22:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:11/03/2011 - 02:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:11/03/2011 - 02:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:23/01/2017 - 07:38:32 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\System32\Drivers\Rt86win7.sys [777736]
O58 - SDL:28/11/2016 - 05:05:47 ---A- . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\Windows\System32\Drivers\RtsUer.sys [304344]
O58 - SDL:13/07/2009 - 17:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:22/03/2016 - 11:02:16 ---A- . (.IObit - SmartDefrag Driver.) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:16/08/2013 - 05:21:10 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys [459264]
O58 - SDL:10/08/2016 - 07:04:12 ---A- . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\Windows\System32\Drivers\SWDUMon.sys [13368]
O58 - SDL:29/03/2016 - 08:01:42 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriver.sys [157752]
O58 - SDL:13/07/2009 - 22:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:13/07/2009 - 22:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:30/04/2015 - 00:01:06 ---A- . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\Drivers\wdcsam.sys [20256]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:24/01/2011 - 14:39:08 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athr.sys [2152448]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 90 Scanned in 00mn 04s
---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 15/06/2017 - 11:06:06 ---A- . (...) -- C:\Users\exame\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll [17785856] =>.Google PepperFlash
O61 - LFC: 18/06/2017 - 11:06:15 ---A- . (.Google Inc..) -- C:\Users\exame\AppData\Local\Temp\CR_6064C.tmp\setup.exe [1394008]
O61 - LFC: 18/06/2017 - 11:06:15 ---A- . (.Oracle Corporation.) -- C:\Users\exame\AppData\Local\Temp\jds523570.tmp\jre-8u131-windows-au.exe [1623104]
O61 - LFC: 18/06/2017 - 11:06:15 ---A- . (.Oracle Corporation.) -- C:\Users\exame\AppData\Local\Temp\jre-8u131-windows-au.exe [739904]
O61 - LFC: 18/06/2017 - 11:06:17 ---A- . (...) -- C:\Users\exame\AppData\LocalLow\Oracle\Java\jre1.8.0_131\java_sp.dll [894950]
O61 - LFC: 21/06/2017 - 11:06:18 ---A- . (.GlavSoft LLC..) -- C:\Users\exame\AppData\Roaming\Java\crov.exe [1690096]
O61 - LFC: 21/06/2017 - 11:06:18 ---A- . (.Microsoft Corporation.) -- C:\Users\exame\AppData\Roaming\Java\makecert.exe [55632]
O61 - LFC: 21/06/2017 - 11:06:20 ---A- . (...) -- C:\Users\exame\AppData\Roaming\ZHP\ZHPDiag3.exe [2751872] =>.Nicolas Coolman
O61 - LFC: 21/06/2017 - 11:06:20 ---A- . (...) -- C:\Users\exame\Downloads\ZHPDiag3.exe [2751872] =>.Nicolas Coolman
O61 - LFC: 21/06/2017 - 11:06:20 ---A- . (.Nicolas Coolman.) -- C:\Users\exame\Downloads\ZHPDiag2-2015.4.6.36.exe [6877287] =>.Nicolas Coolman
~ 436 Fichiers temporaires (Temporary files)
~ 544 Fichiers cookies (Cookies files)
~ Files: 10 Scanned in 00mn 20s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 19/06/2016 - C:\Windows\system32\drivers\HWiNFO32.sys (HWiNFO32) .(.REALiX(tm) - HWiNFO x86 Kernel Driver.) - LEGACY_HWINFO32
O64 - Services: CurCS - 04/12/2015 - C:\Windows\System32\drivers\legendasdrv.sys (legendasdrv) .(.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - LEGACY_LEGENDASDRV
O64 - Services: CurCS - 22/03/2016 - C:\Windows\System32\Drivers\SmartDefragDriver.sys (SmartDefragDriver) .(.IObit - SmartDefrag Driver.) - LEGACY_SMARTDEFRAGDRIVER
~ Legacy: 78 Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 02mn 54s
---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [606720]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [474624]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2092032]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [751104]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [149504]
~ Services: 33 Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.E10F238101243073F157FC91C68C3305] [SPRF][25/07/2016] (...) -- C:\ProgramData\ntuser.dat [262144]
~ Files: 1 Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{F1064BD0-837E-47F0-8F27-8298E3D52768}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{BD02FA3C-E62F-4AD7-9792-95029FD85C41}" | Out - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{7F6F3A91-BC26-490C-8486-BBD2C0400AC7}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{45852B68-6623-4313-8E1C-64E5473FA25C}" | In - Public - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{1D419C37-02AF-46E9-9A1E-F27434D930C0}" | In - Public - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{E3C680A5-4C06-4635-9E64-93097BE12A81}" | Out - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 6 Scanned in 00mn 01s
---\\ Pesquisa desvio do DNS do roteador (LIV) (089)
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Adobe Acrobat Update Task","21/06/2017 21:00:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:19:40","0","Adobe Systems Incorporated","C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ","N/A","This task keeps your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Adobe Acrobat Update Task","21/06/2017 21:00:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:19:40","0","Adobe Systems Incorporated","C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ","N/A","This task keeps your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","21:00:00","01/01/2013","02/05/2027","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Adobe Flash Player Updater","21/06/2017 11:44:00","Pronto","Interativo/segundo plano","21/06/2017 10:44:00","0","Adobe Systems Incorporated","C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ","N/A","Esta tarefa mant‚m sua instala‡Æo do Adobe Flash Player atualizada com os aprimoramentos e as corre‡äes de seguran‡a mais recentes. Se esta tarefa for desativada ou removida, o Adobe Flash Player nÆo poder proteger sua m quina automaticamente com as co","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","21:44:00","31/12/1999","N/A","A cada 1 dia(s)","N/A","1 hora(s), 0 minuto(s)","Nenhum","24 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\ASC8_PerformanceMonitor","N/A","NÆo foi poss¡vel iniciar","Interativo apenas","21/06/2017 10:07:40","-2147024893","N/A","C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe /Task","N/A","N/A","Habilitado","Desativado","","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\ASC8_SkipUac_exame","N/A","Pronto","Interativo apenas","N/A","1","N/A",""C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac","N/A","N/A","Habilitado","Desativado","","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478}","21/06/2017 11:50:00","Pronto","Interativo/segundo plano","21/06/2017 10:50:00","0","SISTEMA","C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSN8E.EXE /EXE:"{F059BDD9-045E-48EB-B555-9A90D2334478}" /F:"Update"","N/A","Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.This task is uninstalled automatically when you uninstall the related pri","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","08:50:00","10/01/2017","N/A","A cada 1 dia(s)","N/A","1 hora(s), 0 minuto(s)","Nenhum","24 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\GoogleUpdateTaskMachineCore","22/06/2017 09:24:25","Pronto","Interativo/segundo plano","21/06/2017 10:07:41","0","N/A","C:\Program Files\Google\Update\GoogleUpdate.exe /c","N/A","Mant‚m o seu software do Google atualizado. Se esta tarefa for desativada ou interrompida, o seu software do Google nÆo ser mantido atualizado, o que significa que vulnerabilidades que poderÆo surgir na seguran‡a nÆo serÆo reparadas e recursos poderÆo ","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\GoogleUpdateTaskMachineCore","22/06/2017 09:24:25","Pronto","Interativo/segundo plano","21/06/2017 10:07:41","0","N/A","C:\Program Files\Google\Update\GoogleUpdate.exe /c","N/A","Mant‚m o seu software do Google atualizado. Se esta tarefa for desativada ou interrompida, o seu software do Google nÆo ser mantido atualizado, o que significa que vulnerabilidades que poderÆo surgir na seguran‡a nÆo serÆo reparadas e recursos poderÆo ","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","09:24:25","28/04/2017","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\GoogleUpdateTaskMachineUA","21/06/2017 11:24:26","Pronto","Interativo/segundo plano","21/06/2017 10:24:26","0","N/A","C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler","N/A","Mant‚m o seu software do Google atualizado. Se esta tarefa for desativada ou interrompida, o seu software do Google nÆo ser mantido atualizado, o que significa que vulnerabilidades que poderÆo surgir na seguran‡a nÆo serÆo reparadas e recursos poderÆo ","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","09:24:26","28/04/2017","N/A","A cada 1 dia(s)","N/A","1 hora(s), 0 minuto(s)","Nenhum","24 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\HPCeeScheduleForexame","22/07/2017 19:55:00","Pronto","Interativo apenas","18/06/2017 19:55:00","0","exame","C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForexame (null)","N/A","N/A","Habilitado","Desativado","","exame","PT0S","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","19:55:00","22/06/2017","N/A","N/A","N/A","6 hora(s), 0 minuto(s)","Nenhum","720 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\Motorola Device Manager Initial Update","N/A","Pronto","Interativo/segundo plano","25/04/2017 13:50:00","0","exame",""C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -d -silent","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez","13:50:00","25/04/2017","N/A","N/A","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Motorola Device Manager Update","04/07/2017 13:20:00","Pronto","Interativo/segundo plano","09/05/2017 13:20:00","0","exame",""C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -d -silent","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","13:20:00","25/04/2017","N/A","A cada 14 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}","21/06/2017 15:26:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:07:40","0","exame","C:\Program Files\tools\update\tools_update.exe -Update","N/A","Tools update check when system start. It will automatically unload if there is no Tools soft.","Habilitado","Desativado","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}","21/06/2017 15:26:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:07:40","0","exame","C:\Program Files\tools\update\tools_update.exe -Update","N/A","Tools update check when system start. It will automatically unload if there is no Tools soft.","Habilitado","Desativado","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","15:26:00","24/02/2017","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Uninstaller_SkipUac_exame","N/A","Pronto","Interativo apenas","N/A","1","N/A","C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer","N/A","N/A","Habilitado","Desativado","","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{1B698559-8634-4AB9-9C27-1CF03B9EBA12}","N/A","Pronto","Interativo apenas","16/03/2017 12:54:23","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Users\exame\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LG66LQQY\JavaSetup8u121.exe" -d C:\Users\exame\Desktop","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{20084F90-0189-40E8-8191-7872175A0B9F}","N/A","Pronto","Interativo/segundo plano","04/08/2016 08:30:08","0","SkypeSetupLight",""c:\program files\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002","N/A","N/A","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A" =>Hijacker.Browsers
"EXAME-PC","\{36C01001-AFBA-492B-AC51-010B2FB19624}","N/A","Pronto","Interativo apenas","27/05/2016 00:51:05","0","N/A","C:\Windows\system32\pcalua.exe -a C:\Users\exame\Downloads\dotnetfx35.exe -d C:\Users\exame\Downloads","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{3910BBA3-96DB-4330-9D75-F77DC66CE2BA}","N/A","Pronto","Interativo/segundo plano","04/08/2016 07:58:13","0","SkypeSetupLight",""c:\program files\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002","N/A","N/A","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A" =>Hijacker.Browsers
"EXAME-PC","\{63B546AA-FB21-4AE3-B5F5-5BEB316444D8}","N/A","Pronto","Interativo apenas","10/08/2016 08:53:24","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Users\exame\Downloads\HPSupportSolutionsFramework-12.5.26.37 (2).exe" -d C:\Users\exame\Downloads","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{6FF17A9B-915D-46F7-A69C-7CA9EC82F167}","N/A","Pronto","Interativo apenas","24/04/2017 07:31:49","0","N/A","C:\Windows\system32\pcalua.exe -a C:\Users\exame\AppData\Local\Temp\jre-8u131-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{C6B5865B-E9A2-4F36-A597-1C79FCE29464}","N/A","Pronto","Interativo apenas","06/08/2016 12:26:43","1073807364","N/A","C:\Windows\system32\pcalua.exe -a C:\Users\exame\Downloads\chromeinstall-8u101.exe -d C:\Users\exame\Downloads","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{D4D740EA-BB79-4651-ADFC-0306947EEA0E}","N/A","Pronto","Interativo apenas","18/04/2017 11:06:01","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2017\IRPF2017.exe" -d "C:\Arquivos de Programas RFB\IRPF2017"","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{F66929D3-50C0-43DD-99AC-A9C00181548C}","N/A","Pronto","Interativo apenas","06/08/2016 11:22:08","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Users\exame\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3F22K8S\JavaSetup8u101.exe" -d C:\Users\exame\Desktop","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report","21/06/2017 19:21:13","Pronto","Interativo/segundo plano","20/06/2017 18:43:25","0","HP Inc.","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send","N/A","HP Support Solutions Framework Report","Habilitado","Desativado","","Administradores","Habilitado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","18:34:32","08/08/2016","08/08/2024","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado" =>.Hewlett-Packard Co
"EXAME-PC","\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater","24/06/2017 13:37:12","NÆo foi poss¡vel iniciar","Interativo/segundo plano","18/06/2017 11:57:04","-5","HP Inc.","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\","Check for updates to HP Support Solutions Framework components","Habilitado","Desativado","","Administradores","Habilitado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","13:05:55","09/08/2016","08/08/2024","SAT","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado" =>.Hewlett-Packard Co
"EXAME-PC","\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources","N/A","Pronto","Interativo/segundo plano","08/08/2016 13:06:54","0","HP Inc.","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m","C:\Program Files\Hewlett-Packard\HP Support Framework\","HP Support Solutions Framework Updater - Resources","Habilitado","Desativado","","Administradores","Habilitado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez","12:06:54","08/08/2016","08/08/2016","N/A","N/A","Desativado","Desativado","Desativado","Desativado" =>.Hewlett-Packard Co
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Atualiza os modelos da diretiva de direitos RMS do AD para o usu rio. Esse trabalho nÆo fornecer um prompt de credencial se a autentica‡Æo para o servi‡o da web de distribui‡Æo do modelo no servidor falhar. Nesse caso, a falha ser silenciosa.","Desativado","Desativado","","Todos","Desativado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:00:00","09/11/2006","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Atualiza os modelos da diretiva de direitos RMS do AD para o usu rio. Esse trabalho nÆo fornecer um prompt de credencial se a autentica‡Æo para o servi‡o da web de distribui‡Æo do modelo no servidor falhar. Nesse caso, a falha ser silenciosa.","Desativado","Desativado","","Todos","Desativado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Atualiza os modelos da diretiva de direitos RMS do AD para o usu rio. Esse trabalho fornecer um prompt de credencial se a autentica‡Æo para o servi‡o da web de distribui‡Æo do modelo no servidor falhar.","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Todos","Habilitado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\AppID\PolicyConverter","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\appidpolicyconverter.exe ","N/A","Converte as diretrizes de restri‡Æo de software de XML para o formato bin rio.","Desativado","Desativado","","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\appidcertstorecheck.exe ","N/A","Verifica se h certificados inv lidos ou revogados no cache do certificado AppID.","Desativado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Application Experience\AitAgent","22/06/2017 02:30:00","Desconhecido","Interativo/segundo plano","20/06/2017 21:12:17","0","Microsoft Corporation","aitagent ","N/A","Agrega e carrega informa‡äes de Telemetria de Aplicativos se tiver aceitado o Programa de Aperfei‡oamento da Experiˆncia do Usu rio da Microsoft..","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1320 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","02:30:00","08/10/2007","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser","22/06/2017 04:25:11","Pronto","Interativo/segundo plano","21/06/2017 07:41:28","0","N/A","V rias a‡äes","V rias a‡äes","N/A","Habilitado","Desativado","","SISTEMA","Habilitado","96:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:00:00","28/04/2014","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Application Experience\ProgramDataUpdater","22/06/2017 01:29:45","Desconhecido","Interativo/segundo plano","20/06/2017 21:12:17","0","N/A","%windir%\system32\compattelrunner.exe -maintenance","N/A","N/A","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","23:30:00","28/04/2014","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Autochk\Proxy","N/A","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations","N/A","Esta tarefa coleta e carrega os dados de SQM de autochk se a op‡Æo de Programa de Aperfei‡oamento da Experiˆncia do Usu rio da Microsoft tiver sido aceita.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 525600 minutos","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Bluetooth\UninstallDeviceTask","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft","BthUdTask.exe $(Arg0)","N/A","Desinstala o dispositivo PnP associado … ID de servi‡o do Bluetooth especificado","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\SystemTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:06:23","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\SystemTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:06:23","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\SystemTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:06:23","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 07:38:38","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 07:38:38","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 07:38:38","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask-Roam","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask-Roam","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Customer Experience Improvement Program\Consolidator","22/06/2017 05:00:00","NÆo foi poss¡vel iniciar","Interativo/segundo plano","21/06/2017 10:00:01","-2147479295","Microsoft Corporation","%SystemRoot%\System32\wsqmcons.exe ","N/A","Se o usu rio aceitou participar do Programa de Aperfei‡oamento da Experiˆncia do Usu rio do Windows, esse trabalho coleta e envia dados de uso para a Microsoft.","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","02/01/2004","N/A","N/A","N/A","19 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask","22/06/2017 03:30:00","Pronto","Interativo/segundo plano","20/06/2017 21:12:17","0","Microsoft Corporation","Manipulador COM","N/A","A tarefa do Programa de Aperfei‡oamento da Experiˆncia do Usu rio Kernel (CEIP) coleta informa‡äes adicionais sobre o sistema e envia esses dados … Microsoft. Se o usu rio nÆo tiver aceitado participar do Programa de Aperfei‡oamento da Experiˆncia do Us","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1020 minutos","NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","03:30:00","01/09/2008","N/A","THU","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip","22/06/2017 01:30:00","Pronto","Interativo/segundo plano","19/06/2017 20:09:48","0","Microsoft Corporation","Manipulador COM","N/A","A tarefa do Programa de Aperfei‡oamento da Experiˆncia do Usu rio USB (CEIP) coleta estat¡sticas relacionadas ao Barramento Serial Universal e informa‡äes sobre seu computador, e as envia ao grupo de engenharia da Conectividade do Dispositivo Windows na","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","01:30:00","25/04/2008","N/A","A cada 3 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Defrag\ScheduledDefrag","28/06/2017 01:19:59","Desconhecido","Interativo/segundo plano","20/06/2017 21:12:17","0","Microsoft Corporation","%windir%\system32\defrag.exe -c","N/A","Esta tarefa desfragmenta as unidades de disco r¡gido dos computadores.","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 10080 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2005","N/A","WED","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Diagnosis\Scheduled","25/06/2017 01:00:00","Pronto","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","Manipulador COM","N/A","A Tarefa de Manuten‡Æo Programada do Windows executa a manuten‡Æo peri¢dica do sistema do computador, corrigindo automaticamente os problemas ou relatando-os pela Central de A‡äes.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 480 minutos","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2004","N/A","SUN","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector","Desativado","","Interativo/segundo plano","17/07/2016 01:00:00","0","Microsoft Corporation","%windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART","N/A","O Diagn¢stico de Disco do Windows relata para a Microsoft informa‡äes gerais do disco e do sistema de usu rios participantes do Programa de Aperfei‡oamento da Experiˆncia do Usu rio.","Desativado","Iniciar apenas se ficar ocioso por minutos, Se nÆo estiver ocioso, tente novamente por minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2004","N/A","SUN","A cada 2 semana(s)","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\DFDWiz.exe ","N/A","O Resolvedor de Diagn¢stico de Disco do Microsoft Windows avisa os usu rios sobre falhas relatadas pelos discos r¡gidos que suportam o padrÆo S.M.A.R.T. Essa tarefa ‚ disparada automaticamente pelo Servi‡o de Diretiva de Diagn¢stico quando uma falha S.M","Desativado","Desativado","","Usu rios","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Location\Notifications","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%windir%\System32\LocationNotifications.exe ","N/A","Atividade do Local","Habilitado","Desativado","","Usu rios autenticados","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Maintenance\WinSAT","25/06/2017 01:00:00","Pronto","Interativo/segundo plano","21/05/2017 01:00:00","0","Microsoft","Manipulador COM","N/A","Mede o desempenho e os recursos de um sistema","Habilitado","Iniciar apenas se ficar ocioso por minutos, Se nÆo estiver ocioso, tente novamente por minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Administradores","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2008","N/A","SUN","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Media Center\ActivateWindowsSearch","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch","N/A","Trabalho de Reindexa‡Æo de Pesquisa do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ConfigureInternetTimeService","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService","N/A","Trabalho de configura‡Æo do Servi‡o de Atualiza‡Æo de Tempo do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\DispatchRecoveryTasks","N/A","Pronto","Interativo/segundo plano","22/03/2017 21:26:24","0","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)","N/A","Trabalho do Distribuidor de Tarefas de Recupera‡Æo do Media Center Privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ehDRMInit","N/A","Pronto","Interativo/segundo plano","09/09/2016 06:38:06","0","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DRMInit","N/A","Trabalho de inicializa‡Æo DRM do Media Center privilegiado","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\InstallPlayReady","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)","N/A","Trabalho de instala‡Æo do PlayReady do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\mcupdate","N/A","Pronto","Interativo/segundo plano","18/06/2016 17:18:25","0","N/A","%SystemRoot%\ehome\mcupdate $(Arg0)","N/A","Verifique se h atualiza‡äes do Media Center.","Habilitado","Desativado","Parar se estiver usando baterias","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\mcupdate_scheduled","N/A","Pronto","Interativo/segundo plano","09/09/2016 06:37:49","0","N/A","%SystemRoot%\ehome\mcupdate -crl -hms -pscn 15","N/A","Check for Media Center updates.","Habilitado","Desativado","NÆo iniciar se estiver usando baterias","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\MediaCenterRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo do Media Center","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo do Reposit¢rio de Objetos","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\OCURActivate","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate","N/A","Trabalho de ativa‡Æo OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\OCURDiscovery","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PBDADiscovery","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PBDADiscoveryW1","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PBDADiscoveryW2","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PeriodicScanRetry","Desativado","","Interativo/segundo plano","N/A","1","N/A","%windir%\ehome\MCUpdate.exe -pscn 0","N/A","Scanner peri¢dico em segundo plano - PeriodicScanRetry","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SERVI€O DE REDE","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez","17:33:00","09/09/2006","N/A","N/A","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Media Center\PvrRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo de Pvr","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PvrScheduleTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Agendamento de PVR","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\RecordingRestart","Desativado","","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehrec /RestartRecording","N/A","Reinicia as grava‡äes ap¢s uma falta de energia.","Desativado","Desativado","Parar se estiver usando baterias","SERVI€O DE REDE","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\RegisterSearch","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)","N/A","Trabalho de registro de Pesquisa do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ReindexSearchRoot","N/A","NÆo foi poss¡vel iniciar","Interativo/segundo plano","07/09/2016 05:59:28","-2147024809","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot","N/A","Trabalho de Reindexa‡Æo de Pesquisa do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\SqlLiteRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo de Dados","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\StartRecording","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehrec /StartRecording","N/A","N/A","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\UpdateRecordPath","N/A","Pronto","Interativo/segundo plano","18/06/2016 17:18:27","0","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)","N/A","Trabalho de configura‡Æo da PermissÆo do Gravador do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa para iniciar o Diagn¢stico de Mem¢ria","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa para iniciar o Diagn¢stico de Mem¢ria","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\MobilePC\HotStart","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:07:39","0","Microsoft Corporation","Manipulador COM","N/A","Inicia aplicativos configurados para o Windows HotStart","Habilitado","Desativado","","Usu rios autenticados","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\MUI\LPRemove","N/A","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\lpremove.exe ","N/A","Inicie a ferramenta de limpeza de idioma","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 10 minutos Interromper a tarefa se o estado ocioso terminar","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","09:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Multimedia\SystemSoundsService","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 10:07:39","267009","N/A","Manipulador COM","N/A","Agente do Modo de Usu rio de Sons do Sistema","Habilitado","Desativado","","Usu rios","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\NetTrace\GatherNetworkInfo","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft","%windir%\system32\gatherNetworkInfo.vbs ","$(Arg1)","Coletor de informa‡äes de rede","Habilitado","Desativado","Parar se estiver usando baterias","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Offline Files\Background Synchronization","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa controla a sincroniza‡Æo peri¢dica em segundo plano dos Arquivos Offline quando o usu rio trabalha em um modo offline.","Desativado","Desativado","","Usu rios autenticados","Desativado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","01/01/2008","N/A","N/A","N/A","6 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Offline Files\Logon Synchronization","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa inicializa a sincroniza‡Æo de Arquivos Offline quando um usu rio faz logon no sistema.","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Usu rios autenticados","Desativado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa Ociosa de Rastreamento de Desempenho: avaliador de configura‡Æo de Segundo Plano","Desativado","Desativado","NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No tempo ocioso","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa Ociosa de Rastreamento de Desempenho: avaliador de configura‡Æo de Segundo Plano","Desativado","Desativado","NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:00:00","30/05/2008","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem","04/07/2017 07:57:19","Desconhecido","Interativo/segundo plano","31/05/2017 16:53:02","0","Microsoft Corporation","%SystemRoot%\System32\powercfg.exe -energy -auto","N/A","Esse trabalho analisa o sistema em busca de condi‡äes que podem causar alto uso de energia.","Habilitado","Iniciar apenas se ficar ocioso por 5 minutos, Se nÆo estiver ocioso, tente novamente por 120 minutos","","SISTEMA","Habilitado","00:05:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","06:00:00","01/01/2008","N/A","A cada 14 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\RAC\RacTask","21/06/2017 12:13:48","Pronto","Interativo/segundo plano","21/06/2017 10:03:27","0","Microsoft Corporation","Manipulador COM","N/A","Tarefa An lise de Confiabilidade da Microsoft para processar dados de confiabilidade do sistema.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\RAC\RacTask","21/06/2017 12:06:56","Pronto","Interativo/segundo plano","21/06/2017 10:03:27","0","Microsoft Corporation","Manipulador COM","N/A","Tarefa An lise de Confiabilidade da Microsoft para processar dados de confiabilidade do sistema.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","31/03/2008","N/A","N/A","N/A","1 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Ras\MobilityManager","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Fornece suporte para a comuta‡Æo de conexäes VPN habilitadas para a mobilidade, caso suas interfaces subjacentes estejam fora do ar.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Registry\RegIdleBackup","22/06/2017 00:14:00","Pronto","Interativo/segundo plano","14/06/2017 19:21:21","0","Microsoft Corporation","Manipulador COM","N/A","Tarefa de Backup de Ociosidade no Registro","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos Interromper a tarefa se o estado ocioso terminar","","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","00:00:00","01/01/2008","N/A","A cada 10 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask","N/A","Pronto","Interativo/segundo plano","05/06/2017 13:38:41","0","Microsoft","%windir%\system32\RAServer.exe /offerraupdate","%windir%","Verifica se h altera‡äes pertinentes … Assistˆncia Remota nas diretivas de grupo","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask","N/A","Pronto","Interativo/segundo plano","05/06/2017 13:38:41","0","Microsoft","%windir%\system32\RAServer.exe /offerraupdate","%windir%","Verifica se h altera‡äes pertinentes … Assistˆncia Remota nas diretivas de grupo","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Shell\WindowsParentalControls","Desativado","","Interativo/segundo plano","N/A","1","Microsoft","Manipulador COM","N/A","Notifica‡äes para a‡äes realizadas pelos Controles dos Pais do Windows.","Desativado","Desativado","","Usu rios autenticados","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Shell\WindowsParentalControlsMigration","Desativado","","Interativo/segundo plano","14/07/2009 01:54:03","0","Microsoft","Manipulador COM","N/A","Migra‡Æo para o Controles dos Pais do Windows.","Desativado","Desativado","","SISTEMA","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\SideShow\AutoWake","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa ativa o computador automaticamente e o coloca em suspensÆo quando a ativa‡Æo autom tica em um dispositivo compat¡vel com Windows SideShow est ativada.","Desativado","Desativado","","SERVI€O LOCAL","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\SideShow\GadgetManager","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa gerencia e sincroniza metadados dos gadgets instalados em um dispositivo compat¡vel com Windows SideShow.","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\SideShow\SessionAgent","Desativado","NÆo foi poss¡vel iniciar","Interativo/segundo plano","26/05/2016 23:44:27","-2147023729","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa gerencia o comportamento da sessÆo quando v rias contas de usu rio existem em um dispositivo compat¡vel com Windows SideShow.","Desativado","Desativado","","Usu rios","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\SideShow\SystemDataProviders","Desativado","NÆo foi poss¡vel iniciar","Interativo/segundo plano","26/05/2016 23:44:42","-2147023729","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa fornece dados do sistema para o rel¢gio, a fonte de energia, a potˆncia da rede sem fio e o volume em um dispositivo compat¡vel com Windows SideShow.","Desativado","Desativado","","SERVI€O LOCAL","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","sc.exe start sppsvc","N/A","Esta tarefa reinicia o servi‡o Plataforma de Prote‡Æo de Software na hora especificada","Desativado","Desativado","","SERVI€O DE REDE","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","00:00:00","01/01/2004","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\SystemRestore\SR","22/06/2017 00:00:00","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation","N/A","Esta tarefa cria pontos de prote‡Æo do sistema regulares.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","00:00:00","14/06/2005","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\SystemRestore\SR","22/06/2017 00:00:00","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation","N/A","Esta tarefa cria pontos de prote‡Æo do sistema regulares.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Task Manager\Interactive","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Executa uma tarefa como o usu rio interativo.","Habilitado","Desativado","","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Tcpip\IpAddressConflict1","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem","N/A","Este evento ‚ disparado quando um conflito de endere‡os IP ‚ detectado.","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Tcpip\IpAddressConflict2","N/A","Pronto","Interativo/segundo plano","08/05/2017 10:42:51","0","Microsoft Corporation","%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem","N/A","Este evento ‚ disparado quando um conflito de endere‡os IP ‚ detectado.","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\TextServicesFramework\MsCtfMonitor","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 10:07:39","267009","N/A","Manipulador COM","N/A","TextServicesFramework monitor task","Habilitado","Desativado","","Usu rios","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Time Synchronization\SynchronizeTime","25/06/2017 01:00:00","Pronto","Interativo/segundo plano","18/06/2017 11:47:12","0","Microsoft Corporation","%windir%\system32\sc.exe start w32time task_started","N/A","Mant‚m sincroniza‡Æo de data e hora em todos os clientes e servidores da rede. Se este servi‡o for interrompido, a sincroniza‡Æo nÆo ficar dispon¡vel. Se este servi‡o for desativado, os servi‡os que dele dependem explicitamente nÆo serÆo iniciados.","Habilitado","Desativado","Parar se estiver usando baterias","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2005","N/A","SUN","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\UPnP\UPnPHostConfig","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft","sc.exe config upnphost start= auto","N/A","Definir servi‡o UPnPHost para que seja iniciado automaticamente","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\User Profile Service\HiveUploadTask","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Essa tarefa carregar automaticamente um hive do Registro de perfil de usu rio de roaming para seu local de rede.","Desativado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 120 minutos","Parar se estiver usando baterias","SISTEMA","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","28/08/2007","N/A","N/A","N/A","12 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\WDI\ResolutionHost","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 11:03:35","267009","Microsoft Corporation","Manipulador COM","N/A","O host de Solu‡Æo de Infraestrutura de Diagn¢stico do Windows permite solu‡äes interativas para problemas de sistemas detectados pelo Servi‡o de Diretiva de Diagn¢stico. disparado quando necess rio pelo Servi‡o de Diretiva de Diagn¢stico na sessÆo de ","Habilitado","Desativado","","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Windows Error Reporting\QueueReporting","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:20:40","0","Microsoft Corporation","%windir%\system32\wermgr.exe -queuereporting","N/A","Tarefa do Relat¢rio de Erros do Windows para processar relat¢rios enfileirados.","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange","N/A","Esta tarefa ajusta o tipo de inicializa‡Æo de servi‡os acionado por firewall quando o tipo de inicializa‡Æo do Mecanismo de Filtragem Base (BFE) est desabilitado.","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Windows Media Sharing\UpdateLibrary","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation",""%ProgramFiles%\Windows Media Player\wmpnscfg.exe" ","N/A","Esta tarefa atualiza a lista de pastas em cache e as permissäes de seguran‡a nos novos arquivos da biblioteca de m¡dia compartilhada de um usu rio.","Habilitado","Desativado","","Usu rios autenticados","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A" =>.Microsoft Corporation
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\WindowsBackup\ConfigNotification","22/06/2017 10:00:00","Pronto","Interativo/segundo plano","21/06/2017 10:00:01","0","Microsoft Corporation","%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION","N/A","Esta tarefa agendada notifica o usu rio de que o Backup do Windows nÆo foi configurado.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","10:00:00","11/02/2011","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\WindowsColorSystem\Calibration Loader","Desativado","","Interativo/segundo plano","14/07/2009 01:54:01","0","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa se aplica …s configura‡äes de calibragem de cor.","Desativado","Desativado","","Usu rios","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\WindowsColorSystem\Calibration Loader","Desativado","","Interativo/segundo plano","14/07/2009 01:54:01","0","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa se aplica …s configura‡äes de calibragem de cor.","Desativado","Desativado","","Usu rios","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Wininet\CacheTask","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 10:07:39","267009","Microsoft","Manipulador COM","N/A","Tarefa de Cache Wininet","Habilitado","Desativado","","Usu rios","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows Defender\MP Scheduled Scan","22/06/2017 03:01:28","Pronto","Interativo/segundo plano","N/A","1","N/A","c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan","N/A","Scheduled Scan","Habilitado","Iniciar apenas se ficar ocioso por 1 minutos, Se nÆo estiver ocioso, tente novamente por 240 minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:01:28","01/01/2000","01/01/2100","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\WPD\SqmUpload_S-1-5-21-2157787958-2153105667-2115196349-1000","N/A","Pronto","Interativo apenas","N/A","1","Microsoft Corporation","%windir%\system32\rundll32.exe portabledeviceapi.dll,#1","N/A","This task uploads Customer Experience Improvement Program (CEIP) data for Portable Devices","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos","NÆo iniciar se estiver usando baterias","exame-PC\exame","Habilitado","00:15:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","12:00:00","01/01/2008","02/05/2015","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
~ DNS: Scanned in 00mn 02s
---\\ Exportar as chaves do registo aleatórias (091)
[HKCU\Software\0E878C6C46213496749D767AE37D5585]:d="20160711"
[HKCU\Software\F7DC9720542D86003ED29446949A333F]:d="20160618"
[HKLM\Software\0E878C6C46213496749D767AE37D5585]:="{9DC74CD5-24EA-4ADE-9C42-608A8CE17116}"
~ Export Key Software: Scanned in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 19/06/2017 272384 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/2016 154440 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/2016 154440 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 02/06/2015 2904864 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 25/07/2016 324224 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 25/04/2017 83056 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/02/2011 135168 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
SR - | Auto 31/03/2011 72864 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 23/01/2016 1855488 | (COMLegService) . (...) - C:\Program Files\Legendas-3.5\srvlegendas.exe
SR - | Auto 19/09/2016 36648 | (DbxSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Windows\System32\DbxSvc.exe
SR - | Auto 08/05/2017 595960 | (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
SR - | Auto 17/05/2012 126128 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc.exe
SR - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 04/07/2016 29760 | (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
SR - | Auto 01/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 08/04/2014 137528 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 01/03/2017 1993728 | (scpbradserv) . (.Scopus Soluções em TI Ltda.) - C:\Program Files\scpbrad\scpbradserv.exe
SR - | Auto 30/05/2016 150640 | (TheDesktopWeatherService) . (...) - C:\Program Files\WeatherTool\2.0.1.11389\WeatherService.exe
SR - | Auto 01/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s
---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s
---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, http://ad13.geekstog
Run by exame at 21/06/2017 11:10:03
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
---\\ Scâner Aditional (088)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 8
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files\Reimage =>Rogue.ReimageRepair^
C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair^
C:\Users\exame\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Users\exame\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe =>P2P.BitTorrent^
[HKCU\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\F7DC9720542D86003ED29446949A333F] =>PUP.CrossRider^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKLM\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 277157 Items scanned in 00mn 17s
---\\ Informações complémentaires do módulos
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Barras do Internet Explorer (03))
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Scanned in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
~ MSI: 5 link(s) detected in 00mn 00s
End of the scan (1615 lines in 06mn 21s)(0.6)
~ Iniciado por exame (21/06/2017 11:04:07)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Endereço do Webforum : http://forum.nicolascoolman.fr
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.18697
GCIE: Google Chrome v59.0.3071.104 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 26 ActiveX
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3493 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 191 GB (70%) free of 270 GB
---\\ Modo de conexão ao sistema
~ Computer Name: EXAME-PC
~ User Name: exame
~ All Users Names: HomeGroupUser$, exame, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\exame\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\exame\AppData\Roaming\
~ %Desktop% : C:\Users\exame\Desktop\
~ %Favorites% : C:\Users\exame\Favorites\
~ %LocalAppData% : C:\Users\exame\AppData\Local\
~ %StartMenu% : C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 191 Go of 270 Go)
D: Hard drive, Flash drive, Thumb drive (Free 193 Go of 195 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
F: Hard drive, Flash drive, Thumb drive (Free 613 Go of 931 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 47 Scanned in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - (.Microsoft Corporation - Windows Explorer.) (.29/08/2016 - 11:55:07.) -- C:\Windows\Explorer.exe [2972672]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.9B934764D5320F5F2FC0C3CB663F7A3E] - (.Microsoft Corporation - Internet Extensions para Win32.) (.14/05/2017 - 15:15:06.) -- C:\Windows\System32\wininet.dll [2767872]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 22:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 03:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F582FC7976F1248AC5FBD6875C626B41] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/04/2017 - 11:52:22.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 23:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.08/09/2016 - 11:49:56.) -- C:\Windows\system32\Drivers\DfsC.sys [81408]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 00:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.D071B9246BFD1575D72BD88B66F6FB87] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/05/2017 - 00:42:53.) -- C:\Windows\system32\Drivers\MRxSmb.sys [124416]
[MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - (.Microsoft Corporation - MBT Transport driver.) (.11/05/2016 - 11:52:27.) -- C:\Windows\system32\Drivers\netBT.sys [188928]
[MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/01/2016 - 15:54:03.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 01:24:48.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.01743A8A62F2C0488F9C4F6D25C21B2C] - (.Microsoft Corporation - TDI Translation Driver.) (.10/05/2017 - 11:47:49.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 03:30:18.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/20
~ Mes musiques (My Musics) : 1/48
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/131
~ Mon Bureau (My Desktop) : 1/10852
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 11s
---\\ Processos lançados
[MD5.C0885F17C4F55F9DAC1C8BA2C78C736D] - (.Scopus Soluções em TI Ltda - Módulo de Interação do Componente de Segura.) -- C:\Program Files\scpbrad\scpbradguard.exe [2908160] [PID.3428]
[MD5.2A14140B95890D182B79ED6FC192623D] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [559448] [PID.3508]
[MD5.AEF91EEA30E103E4403733A030A99EA4] - (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [490656] [PID.3516]
[MD5.087505693E59774560320B0687ED8B96] - (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [302240] [PID.3524]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.3572]
[MD5.A2066594AE0D747FF12B9D94BB592B1D] - (...) -- C:\Users\exame\AppData\Roaming\Java\SYSEXAME-PC.exe [95047680] [PID.3596]
[MD5.00A9DFC5EF873004F0851D3C234E4801] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [3405168] [PID.3616]
[MD5.76D8232F015BC1D9B08319F86732E523] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [145464] [PID.3652]
[MD5.533C7343CA6E5B10DD77BCF56DE2E540] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [180792] [PID.3676]
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [96056] [PID.3708]
[MD5.4ABA86D5B0D440F33BDBDBDAEA065C42] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1065024] [PID.3780]
[MD5.395CB6E8C67BFB1063AD86987909C184] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288] [PID.3828]
[MD5.BE0AFA9112B26F183053EA236342CA81] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [964912] [PID.3840]
[MD5.8D92D0B56C19819A99312C3FD25788A0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [29538432] [PID.3872]
[MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\exame\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3888]
[MD5.E24219B8B865828FB37B3BAD5A4AFA6E] - (.ShenZhen Enode Techology co,.Ltd - Windows weather tool.) -- C:\Program Files\WeatherTool\2.0.1.11389\weather.exe [1282160] [PID.3948]
[MD5.EF17CD62EEDF0BD53270E8F900D79F5B] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_TATIN8E.exe [262208] [PID.4028]
[MD5.2AA1DDE4CE26F216347FD9057B61BB5F] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe [2144448] [PID.2080] =>P2P.BitTorrent
[MD5.EAA666E9DD8DCDA6E075087091CB85EE] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [275072] [PID.2764]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.224]
[MD5.618C007ED5A0F27AF7C9E80E0065E70B] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\exame\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe [396992] [PID.4136] =>P2P.BitTorrent
[MD5.4DB8C3E9A5D6EB99F21B199C28EDE8D1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [173696] [PID.4336]
[MD5.469533CC7F16566BE9D3436860E12013] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [563840] [PID.4396]
[MD5.66BB5B07696219FA334452D6F51FD648] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [366720] [PID.4428]
[MD5.12183679CA18F2C725E8E72EE922DDA3] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [58160] [PID.4728]
[MD5.7A42A8E161DC32C5A40C5813ED64DF03] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [54744] [PID.4752]
[MD5.DFC8186972EB21F75E5B532194AF4C3A] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [54640] [PID.4760]
[MD5.33CA2F7FA1D265C84086B5913F000646] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1027928] [PID.4692]
[MD5.7AFD03A53C1FE02E04974C9D99B1CF67] - (.Adobe Systems Incorporated - Adobe RdrCEF.) -- C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [1920592] [PID.1404]
[MD5.E96DD1ABAC2BE889CF521EA2192BFD1D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8196608] [PID.1964]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Pasta de extensão do Google Chrome
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [__MSG_web2pdfExtnName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [__MSG_extName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
G2 - EXT: C:\Users\exame\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [Chrome Media Router]
~ Google Lines Browser: 16 Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [exame - 4o34ihj2.default] http://br.hao123.com
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.2.4.194.) -- C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.121.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.121.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.121.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.50907.0.) -- c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.2] - (.VideoLAN - VLC media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.4] - (.VideoLAN - VLC media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 17.9.20044.) -- C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
~ Firefox Browser: 10 Scanned in 00mn 01s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nuesearch.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mylucky123.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuesearch.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nuesearch.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mylucky123.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuesearch.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 17.9.20044.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 12 Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;http://localhost:8092;192.168.*.*;
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:45222 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: (no name) - {451C804F-C205-4F03-B48E-537EC94937BF} Chave orfã
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: 16 Scanned in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Resumir Reimage Repair Instalação.lnk . (.Reimage - Reimage Downloader.) -- C:\Users\exame\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4LZ0SRC\ReimageRepair.exe =>Rogue.ReimageRepair
O4 - GS\Desktop [exame]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Scanned in 00mn 06s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Java7 Update] . (...) -- C:\Users\exame\AppData\Roaming\Java\SYSEXAME-PC.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\exame\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIN8E.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\exame\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIN8E.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2157787958-2153105667-2115196349-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F75B2E1-D4AD-4DA4-B178-308CC0B2AD8F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C3C7AC4-E91A-426A-8D98-CE5312FDF23D}: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F75B2E1-D4AD-4DA4-B178-308CC0B2AD8F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C3C7AC4-E91A-426A-8D98-CE5312FDF23D}: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F75B2E1-D4AD-4DA4-B178-308CC0B2AD8F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6C3C7AC4-E91A-426A-8D98-CE5312FDF23D}: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.0.1 8.8.8.8 8.8.4.4
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: WSWSVCUchrome - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: COM+ Leg Service (COMLegService) . (...) - C:\Program Files\Legendas-3.5\srvlegendas.exe
O23 - Service: DbxSvc (DbxSvc) . (.Windows (R) Win 7 DDK provider - Dropbox Service.) - C:\Windows\System32\DbxSvc.exe
O23 - Service: EpsonCustomerResearchParticipation (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION - Epson Customer Research Participation.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (32bit).) - C:\Windows\system32\EscSvc.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Componente de Segurança Bradesco (scpbradserv) . (.Scopus Soluções em TI Ltda - Componente de Segurança Bradesco.) - C:\Program Files\scpbrad\scpbradserv.exe
O23 - Service: The Desktop Weather Service (TheDesktopWeatherService) . (.No owner - The Desktop Weather Service.) - C:\Program Files\WeatherTool\2.0.1.11389\WeatherService.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 16 Scanned in 00mn 03s
---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
[MD5.AFC094098B6D856151002051E31867D8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1162360]
[MD5.7DE8B8AC559E16AEB388E7D098E7C288] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384]
[MD5.00000000000000000000000000000000] [APT] [ASC8_PerformanceMonitor] (...) -- C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ASC8_SkipUac_exame] (...) -- C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe (.not file.) [0]
[MD5.26502493132A7924466D091C540584F0] [APT] [EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478}] (.SEIKO EPSON CORPORATION.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSN8E.exe [690536]
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [154440]
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [154440]
[MD5.3ECAF01F5F4BFBEBBA31596DB0FC471B] [APT] [HPCeeScheduleForexame] (.HP Development Company, L.P..) -- C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [99392]
[MD5.7A44FC5E70C4D1B4002E75039A04F0B7] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176]
[MD5.7A44FC5E70C4D1B4002E75039A04F0B7] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176]
[MD5.31E3E8785182DEB239A9DB6CCCC56265] [APT] [Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}] (...) -- C:\Program Files\tools\update\tools_update.exe [1093736]
[MD5.00000000000000000000000000000000] [APT] [Uninstaller_SkipUac_exame] (...) -- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe (.not file.) [0]
[MD5.33CA2F7FA1D265C84086B5913F000646] [APT] [{20084F90-0189-40E8-8191-7872175A0B9F}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [1027928]
[MD5.00000000000000000000000000000000] [APT] [{36C01001-AFBA-492B-AC51-010B2FB19624}] (...) -- C:\Users\exame\Downloads\dotnetfx35.exe (.not file.) [0]
[MD5.33CA2F7FA1D265C84086B5913F000646] [APT] [{3910BBA3-96DB-4330-9D75-F77DC66CE2BA}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [1027928]
[MD5.00000000000000000000000000000000] [APT] [{63B546AA-FB21-4AE3-B5F5-5BEB316444D8}] (...) -- C:\Users\exame\Downloads\HPSupportSolutionsFramework-12.5.26.37 (2).exe (.not file.) [0]
[MD5.4B8AB9C3C1B1B2091D4C7C50895AB06C] [APT] [{6FF17A9B-915D-46F7-A69C-7CA9EC82F167}] (.Oracle Corporation.) -- C:\Users\exame\AppData\Local\Temp\jre-8u131-windows-au.exe [739904]
[MD5.00000000000000000000000000000000] [APT] [{C6B5865B-E9A2-4F36-A597-1C79FCE29464}] (...) -- C:\Users\exame\Downloads\chromeinstall-8u101.exe (.not file.) [0]
[MD5.95696F6683CF86C8DE65F52F4891306F] [APT] [{D4D740EA-BB79-4651-ADFC-0306947EEA0E}] (...) -- C:\Arquivos de Programas RFB\IRPF2017\IRPF2017.exe [32256]
[MD5.15A3BD6C514F574D3AA5458511555CC9] [APT] [HP Support Solutions Framework Report] (.HP Inc..) -- C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [106376]
[MD5.592FE7B6D1DEE178532F3BB797DEDB88] [APT] [HP Support Solutions Framework Updater] (.HP Inc..) -- C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [619656]
[MD5.592FE7B6D1DEE178532F3BB797DEDB88] [APT] [HP Support Solutions Framework Updater - Resources] (.HP Inc..) -- C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [619656]
O39 - APT: EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\Tasks\EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478}.job [919]
O39 - APT: EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\System32\Tasks\EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478} [919]
O39 - APT: HPCeeScheduleForexame - (.HP Development Company, L.P..) -- C:\Windows\Tasks\HPCeeScheduleForexame.job [320]
O39 - APT: HPCeeScheduleForexame - (.HP Development Company, L.P..) -- C:\Windows\System32\Tasks\HPCeeScheduleForexame [320]
O39 - APT: Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} - (...) -- C:\Windows\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}.job [500]
O39 - APT: Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} - (...) -- C:\Windows\System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} [500]
~ Scheduled Task: 28 Scanned in 00mn 04s
---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Enable TLS1.1 and 1.2 - {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\59.0.3071.104\Installer\chrmstp.exe
O40 - ASIC: Adobe Reader User Settings - {A6EADE66-0000-0000-484E-7E8A45000000} . (.Adobe Systems, Inc. - Acrobat Install On Demand.) -- C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 26.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_26_0_0_131.ocx
~ Active Setup: 14 Scanned in 00mn 00s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (HWiNFO32) . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) - C:\Windows\system32\drivers\HWiNFO32.sys
O41 - Driver: (IMFCameraProtect) . (.IObit.com - IMFCameraProtect.) - C:\Windows\system32\drivers\IMFCameraProtect.sys
O41 - Driver: (legendasdrv) . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\legendasdrv.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100}
O42 - Logiciel: Adobe Flash Player 26 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824225037}
O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Componente de Segurança Bradesco - (.Banco Bradesco S.A..) [HKLM] -- scpbrad
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: EPSON L375 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON L375 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: Epson Connect Printer Setup - (.Seiko Epson Corporation.) [HKLM] -- {D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}
O42 - Logiciel: Epson Customer Research Participation - (.Seiko Epson Corporation.) [HKLM] -- {B26449A6-6007-4460-B4FE-C4776115BCEA}
O42 - Logiciel: Epson Easy Photo Print 2 - (.Seiko Epson Corporation.) [HKLM] -- {922E2D91-9314-45AA-9AEF-E585F93B59A9}
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM] -- {4B22C430-7EA8-4534-8358-376FD900B953}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON Corporation.) [HKLM] -- {15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: HP Customer Experience Enhancements - (.HP Development Company, L.P..) [HKLM] -- {64228DFB-7450-49B7-935C-B97342CB6659}
O42 - Logiciel: HP Customer Participation Program 14.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 - (.HP.) [HKLM] -- {96178C0A-BAF9-4E49-A2A5-CDE76722105B}
O42 - Logiciel: HP Imaging Device Functions 14.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 14.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: IRPF2017 - (.Receita Federal do Brasil.) [HKLM] -- IRPF2017
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180121F0}
O42 - Logiciel: Legendas 3.5 - (.LegendasBrasil.org.) [HKLM] -- {461C0377-D2EC-4FB0-B038-847BC6455432}_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Manual Epson L375 versão 1.0 - (...) [HKLM] -- UsersGuideManual Epson L375_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM] -- {28DB8373-C1BB-444F-A427-A55585A12ED7}
O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM] -- {894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}
O42 - Logiciel: Motorola Mobile Drivers Installation 6.4.0 - (.Motorola Mobility LLC.) [HKLM] -- {BA562260-B4FA-4D87-ADC5-963783028C68} =>.Motorola
O42 - Logiciel: Pacote de Driver do Windows - FTDI CDM Driver Package (03/30/2010 2.06.02) - (.FTDI.) [HKLM] -- 883C04C33C70062A4AD0ED48685D05F25A854C1D
O42 - Logiciel: Pacote de Driver do Windows - FTDI CDM Driver Package (03/30/2010 2.06.02) - (.FTDI.) [HKLM] -- ABE36B9BBD00CD433A4454EBCAD52F303406A488
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) Ports (11/09/2011 - (.NEUROTEC - BRASIL.) [HKLM] -- F7C662807239D9D9F7087AEC41156F1AB6963939
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (04/05/2010 1 - (.NEUROTEC - BRASIL.) [HKLM] -- A074B5595E0921E45C48FCE17CF2904FA796114F
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (04/05/2010 1 - (.NEUROTEC - BRASIL.) [HKLM] -- E36A598F4929EFBADF0E00E5AC1CB9176952232A
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (07/14/2010 2 - (.NEUROTEC - BRASIL.) [HKLM] -- 52A6FBB9525A42424A661763290AAFC15EDC87FB
O42 - Logiciel: Pacote de Driver do Windows - NEUROTEC - BRASIL (WinUSB) USB (07/14/2010 2 - (.NEUROTEC - BRASIL.) [HKLM] -- 7D708184FCCC638488558E37A4CB6DC6A384EF0A
O42 - Logiciel: Project64 1.6 - (.Project64.) [HKLM] -- {9559F7CA-5E34-4237-A2D9-D856464AD727}
O42 - Logiciel: QuickSet32 - (.Dell Inc..) [HKLM] -- {C4972073-2BFE-475D-8441-564EA97DA161}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconduct Corp..) [HKLM] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Revo Uninstaller 2.0.0 - (.VS Revo Group, Ltd..) [HKLM] -- {A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Skype™ 7.27 - (.Skype Technologies S.A..) [HKLM] -- {FC965A47-4839-40CA-B618-18F486F042C6}
O42 - Logiciel: Software Updater - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
O42 - Logiciel: The Desktop Weather 2.0.1.11389 - (.ShenZhen Enode Techology co,.Ltd.) [HKLM] -- WeatherTool
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.31 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 38 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\Bagbin]
[HKCU\Software\Baixaki]
[HKCU\Software\Banglamp]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Carambis]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DRP]
[HKCU\Software\DownloadManager]
[HKCU\Software\DropboxUpdate]
[HKCU\Software\Epson]
[HKCU\Software\F7DC9720542D86003ED29446949A333F] =>PUP.CrossRider
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\I.R.I.S.]
[HKCU\Software\IM Providers]
[HKCU\Software\IObit]
[HKCU\Software\Intel]
[HKCU\Software\Iris]
[HKCU\Software\JaboSoft]
[HKCU\Software\Jamjob]
[HKCU\Software\JavaSoft]
[HKCU\Software\Karlis Blumentals]
[HKCU\Software\KasperskyLabSetup]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Policies]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\SEIKO EPSON CORPORATION]
[HKCU\Software\Skype]
[HKCU\Software\SlimWare Utilities Inc]
[HKCU\Software\TightVNC]
[HKCU\Software\Trolltech]
[HKCU\Software\VS Revo Group]
[HKCU\Software\WSVCUPlugin]
[HKCU\Software\WeatherTool]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wondershare]
[HKCU\Software\WsAudio_Device]
[HKCU\Software\Yandex]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\csastats]
[HKCU\Software\drpsu]
[HKCU\Software\profession]
[HKCU\Software\undefined]
[HKLM\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Alps]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Bagbin]
[HKLM\Software\Banglamp]
[HKLM\Software\CLSID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cypress Keyboard Filter Driver]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\Dell]
[HKLM\Software\DtsEncodeTools]
[HKLM\Software\EPSON]
[HKLM\Software\EVP]
[HKLM\Software\EpsonNet]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\I.R.I.S.]
[HKLM\Software\ICE]
[HKLM\Software\IDT]
[HKLM\Software\IGC]
[HKLM\Software\IM Providers]
[HKLM\Software\IObit]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterHop]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\Jamjob]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\LogMeInRescueCallingCard]
[HKLM\Software\Macromedia]
[HKLM\Software\Motorola Mobility]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Skype]
[HKLM\Software\SlimWare Utilities Inc]
[HKLM\Software\SlimWare Utilities, Inc.]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WafCX]
[HKLM\Software\WinRAR]
[HKLM\Software\WinSaberSvc]
[HKLM\Software\Wondershare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\drpsu]
[HKLM\Software\hdcode]
[HKLM\Software\mozilla.org]
[HKLM\Software\mylucky123Software]
[HKLM\Software\nuesearchSoftware]
[HKLM\Software\qkseeSvc]
[HKLM\Software\qonlsq]
[HKLM\Software\tools]
[HKLM\Software\vSnapshotEncodeTools]
~ Key Software: 233 Scanned in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/07/2016 - 12:37:07 - [0] ----D C:\Program Files\3vztaky0
O43 - CFD: 11/07/2016 - 07:05:09 - [] ----D C:\Program Files\Adobe
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\Program Files\Arquivos Comuns
O43 - CFD: 20/09/2016 - 06:01:28 - [] ----D C:\Program Files\Banglamp
O43 - CFD: 19/01/2017 - 12:22:48 - [0] ----D C:\Program Files\Carambis
O43 - CFD: 12/06/2017 - 18:16:58 - [] ----D C:\Program Files\Common Files
O43 - CFD: 09/08/2016 - 12:40:28 - [] ----D C:\Program Files\Dell
O43 - CFD: 27/05/2016 - 00:21:27 - [] ----D C:\Program Files\Dell Wireless
O43 - CFD: 09/08/2016 - 14:05:23 - [] ----D C:\Program Files\DellTPad
O43 - CFD: 27/05/2016 - 00:45:56 - [] ----D C:\Program Files\DIFX
O43 - CFD: 15/03/2017 - 07:04:15 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 10/01/2017 - 08:48:30 - [] ----D C:\Program Files\epson
O43 - CFD: 10/01/2017 - 08:54:45 - [] ----D C:\Program Files\EPSON Software
O43 - CFD: 10/01/2017 - 08:44:50 - [] ----D C:\Program Files\EpsonNet
O43 - CFD: 12/06/2017 - 18:16:54 - [] ----D C:\Program Files\FormatFactory
O43 - CFD: 12/06/2017 - 18:16:58 - [] ----D C:\Program Files\Google
O43 - CFD: 08/08/2016 - 12:34:18 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 21/11/2016 - 18:52:49 - [] ----D C:\Program Files\HP
O43 - CFD: 20/06/2016 - 07:52:59 - [0] ----D C:\Program Files\Htucult
O43 - CFD: 09/08/2016 - 12:36:20 - [] ----D C:\Program Files\IDT
O43 - CFD: 18/04/2017 - 11:05:11 - [] --H-D C:\Program Files\InstallJammer Registry
O43 - CFD: 05/05/2017 - 13:16:35 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 10/08/2016 - 12:09:18 - [] ----D C:\Program Files\Intel
O43 - CFD: 27/09/2016 - 15:26:22 - [] ----D C:\Program Files\Internet Download Manager
O43 - CFD: 19/06/2017 - 20:03:45 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 12/06/2017 - 20:52:35 - [] ----D C:\Program Files\IObit
O43 - CFD: 27/09/2016 - 12:57:03 - [] ----D C:\Program Files\Jamjob
O43 - CFD: 16/03/2017 - 13:39:26 - [] ----D C:\Program Files\Java
O43 - CFD: 25/07/2016 - 07:11:06 - [] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 12/06/2017 - 18:17:00 - [] ----D C:\Program Files\Legendas-3.5
O43 - CFD: 03/08/2016 - 16:05:51 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 19/06/2017 - 00:27:48 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 17/06/2016 - 08:13:47 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 17/06/2016 - 08:10:55 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 18/06/2016 - 14:57:30 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 17/06/2016 - 08:13:34 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 25/04/2017 - 13:07:20 - [] ----D C:\Program Files\Motorola
O43 - CFD: 25/04/2017 - 13:07:26 - [] ----D C:\Program Files\Motorola Mobility
O43 - CFD: 17/06/2016 - 08:13:56 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 25/04/2017 - 13:07:09 - [] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 21/06/2016 - 13:07:21 - [0] ----D C:\Program Files\Phakichreenash
O43 - CFD: 12/06/2017 - 18:17:04 - [] ----D C:\Program Files\Pherdpy
O43 - CFD: 31/05/2017 - 14:16:23 - [] ----D C:\Program Files\Project64 1.6
O43 - CFD: 27/05/2016 - 00:12:18 - [] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 01:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 05/06/2017 - 15:23:07 - [] ----D C:\Program Files\Reimage =>Rogue.ReimageRepair
O43 - CFD: 20/06/2016 - 19:45:03 - [0] ----D C:\Program Files\Rouythobsh
O43 - CFD: 12/06/2017 - 18:18:37 - [] ----D C:\Program Files\scpbrad
O43 - CFD: 12/06/2017 - 18:17:05 - [] R---D C:\Program Files\Skype
O43 - CFD: 10/08/2016 - 07:09:18 - [0] ----D C:\Program Files\SlimDrivers
O43 - CFD: 24/02/2017 - 15:26:55 - [] ----D C:\Program Files\Tools
O43 - CFD: 14/07/2009 - 01:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/06/2016 - 07:48:47 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 29/05/2017 - 18:37:18 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 19/06/2016 - 06:59:05 - [] ----D C:\Program Files\Vupiyntaied
O43 - CFD: 10/07/2016 - 07:58:41 - [] ----D C:\Program Files\WeatherTool
O43 - CFD: 05/06/2016 - 17:42:07 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 04/02/2011 - 14:53:46 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/10/2016 - 06:00:52 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/05/2016 - 23:42:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 04/02/2011 - 14:53:45 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 04/02/2011 - 14:53:45 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 04/02/2011 - 14:53:45 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 22/08/2016 - 20:35:58 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 26/12/2016 - 19:20:41 - [0] ----D C:\Program Files\Wondershare
O43 - CFD: 21/06/2017 - 11:02:35 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 11/07/2016 - 07:05:10 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 12/06/2017 - 18:12:52 - [] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 27/05/2016 - 00:17:51 - [] ----D C:\Program Files\Common Files\Atheros
O43 - CFD: 21/06/2016 - 22:57:44 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/01/2017 - 08:50:45 - [] ----D C:\Program Files\Common Files\EPSON
O43 - CFD: 17/06/2016 - 07:51:46 - [] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 13/07/2016 - 17:18:51 - [] ----D C:\Program Files\Common Files\IObit
O43 - CFD: 16/03/2017 - 13:41:42 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 18/06/2016 - 22:41:08 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 25/04/2017 - 13:06:14 - [] ----D C:\Program Files\Common Files\Motorola Shared
O43 - CFD: 25/04/2017 - 13:07:20 - [] ----D C:\Program Files\Common Files\MSSoap
O43 - CFD: 27/05/2016 - 00:13:39 - [] ----D C:\Program Files\Common Files\postureAgent
O43 - CFD: 13/07/2009 - 23:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\Program Files\Common Files\Sistema
O43 - CFD: 12/06/2017 - 18:16:58 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 13/07/2009 - 23:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/06/2016 - 22:54:33 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 11/07/2016 - 07:05:02 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 12/06/2017 - 18:17:05 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 05/06/2017 - 15:59:34 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 11/10/2016 - 18:26:35 - [0] ----D C:\ProgramData\Banglamp
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Dados de aplicativos
O43 - CFD: 09/08/2016 - 12:40:33 - [] ----D C:\ProgramData\Dell
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 10/01/2017 - 08:51:41 - [] ----D C:\ProgramData\EPSON
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 08/08/2016 - 19:12:43 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 21/11/2016 - 18:52:07 - [] ----D C:\ProgramData\HP
O43 - CFD: 21/11/2016 - 18:51:56 - [] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 17/09/2016 - 07:06:12 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 27/05/2016 - 00:27:01 - [] ----D C:\ProgramData\Intel
O43 - CFD: 12/06/2017 - 20:01:05 - [] ----D C:\ProgramData\IObit
O43 - CFD: 06/11/2016 - 14:30:37 - [0] ----D C:\ProgramData\Jamjob
O43 - CFD: 02/10/2016 - 15:03:36 - [] ----D C:\ProgramData\jwinpj
O43 - CFD: 26/07/2016 - 06:43:26 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 31/05/2017 - 14:13:31 - [] ----D C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 23/05/2017 - 18:30:38 - [] ----D C:\ProgramData\Legendas
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Menu Iniciar
O43 - CFD: 15/08/2016 - 12:33:49 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 19/06/2017 - 00:38:57 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 26/05/2016 - 23:42:30 - [] -SH-D C:\ProgramData\Modelos
O43 - CFD: 25/04/2017 - 13:10:30 - [] ----D C:\ProgramData\Motorola
O43 - CFD: 16/03/2017 - 13:41:39 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 05/06/2017 - 14:10:34 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 26/05/2017 - 12:10:57 - [] ----D C:\ProgramData\Pianosoft
O43 - CFD: 15/06/2017 - 05:00:30 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 15/07/2016 - 09:43:30 - [] ----D C:\ProgramData\PwinpP
O43 - CFD: 01/06/2017 - 07:58:01 - [] ----D C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair
O43 - CFD: 12/06/2017 - 18:18:56 - [] ----D C:\ProgramData\scpbrad
O43 - CFD: 20/09/2016 - 05:31:09 - [] ----D C:\ProgramData\Skype
O43 - CFD: 09/08/2016 - 12:21:01 - [] ----D C:\ProgramData\SlimWare Utilities, Inc
O43 - CFD: 10/01/2017 - 08:47:50 - [] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 20/09/2016 - 06:01:28 - [] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 01:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 24/02/2017 - 15:26:55 - [] ----D C:\ProgramData\tools
O43 - CFD: 20/07/2016 - 07:47:55 - [0] ----D C:\ProgramData\uckt
O43 - CFD: 10/01/2017 - 08:48:13 - [] ----D C:\ProgramData\UDL
O43 - CFD: 17/06/2016 - 08:05:56 - [] ----D C:\ProgramData\WEBREG
O43 - CFD: 26/12/2016 - 19:20:30 - [] ----D C:\ProgramData\Wondershare
O43 - CFD: 26/12/2016 - 19:18:45 - [] ----D C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 16/01/2017 - 20:25:30 - [0] ----D C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
O43 - CFD: 04/11/2016 - 19:12:33 - [0] ----D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
O43 - CFD: 12/06/2017 - 12:38:05 - [] ----D C:\ProgramData\{99605C03-1322-D6C5-95E4-48870FA6C349}
O43 - CFD: 19/06/2016 - 08:08:49 - [0] ----D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
O43 - CFD: 19/06/2016 - 08:13:55 - [0] ----D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
O43 - CFD: 13/07/2016 - 08:46:50 - [0] ----D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 15/08/2016 - 13:01:32 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 10/08/2016 - 12:20:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/05/2016 - 00:18:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
O43 - CFD: 12/06/2017 - 18:17:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
O43 - CFD: 10/01/2017 - 08:54:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 10/01/2017 - 08:48:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
O43 - CFD: 05/02/2011 - 14:51:29 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 21/11/2016 - 18:52:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 16/03/2017 - 13:40:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/07/2009 - 01:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17/06/2016 - 08:15:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 19/06/2017 - 00:28:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 25/04/2017 - 13:07:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
O43 - CFD: 18/04/2017 - 11:05:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
O43 - CFD: 12/06/2017 - 19:58:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 12/06/2017 - 18:17:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 21/11/2016 - 19:08:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 17/06/2016 - 07:49:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 22/08/2016 - 20:35:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 21/06/2017 - 11:02:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 05/06/2017 - 14:46:03 - [] ----D C:\Users\exame\AppData\Roaming\71BC229B-5EC9-B8AF-82B8-3CF96B29EAE0
O43 - CFD: 20/06/2016 - 10:07:09 - [] ----D C:\Users\exame\AppData\Roaming\Adobe
O43 - CFD: 19/06/2016 - 08:08:45 - [] ----D C:\Users\exame\AppData\Roaming\Apple Computer
O43 - CFD: 22/08/2016 - 20:37:28 - [] ----D C:\Users\exame\AppData\Roaming\Carambis
O43 - CFD: 27/09/2016 - 07:38:05 - [] ----D C:\Users\exame\AppData\Roaming\DMCache
O43 - CFD: 09/08/2016 - 12:27:03 - [] ----D C:\Users\exame\AppData\Roaming\DRPSu
O43 - CFD: 31/05/2017 - 14:16:26 - [] ----D C:\Users\exame\AppData\Roaming\dvdcss
O43 - CFD: 11/08/2016 - 08:17:00 - [] ----D C:\Users\exame\AppData\Roaming\Easeware
O43 - CFD: 12/01/2017 - 12:55:09 - [] ----D C:\Users\exame\AppData\Roaming\Epson
O43 - CFD: 26/07/2016 - 19:04:04 - [] ----D C:\Users\exame\AppData\Roaming\Hewlett-Packard
O43 - CFD: 29/06/2016 - 07:07:47 - [] ----D C:\Users\exame\AppData\Roaming\HP
O43 - CFD: 26/07/2016 - 18:56:48 - [] ----D C:\Users\exame\AppData\Roaming\hpqLog
O43 - CFD: 21/11/2016 - 18:57:54 - [] ----D C:\Users\exame\AppData\Roaming\HpUpdate
O43 - CFD: 26/05/2016 - 23:44:22 - [] ----D C:\Users\exame\AppData\Roaming\Identities
O43 - CFD: 25/09/2016 - 06:51:21 - [] ----D C:\Users\exame\AppData\Roaming\IDM
O43 - CFD: 27/05/2016 - 00:13:31 - [] ----D C:\Users\exame\AppData\Roaming\InstallShield
O43 - CFD: 12/06/2017 - 20:02:22 - [] ----D C:\Users\exame\AppData\Roaming\IObit
O43 - CFD: 21/06/2017 - 10:08:42 - [] ----D C:\Users\exame\AppData\Roaming\Java
O43 - CFD: 10/01/2017 - 08:53:49 - [] ----D C:\Users\exame\AppData\Roaming\Leadertech
O43 - CFD: 19/06/2016 - 08:25:30 - [] ----D C:\Users\exame\AppData\Roaming\Macromedia
O43 - CFD: 05/02/2011 - 14:50:11 - [0] ----D C:\Users\exame\AppData\Roaming\Media Center Programs
O43 - CFD: 12/06/2017 - 18:13:47 - [] -S--D C:\Users\exame\AppData\Roaming\Microsoft
O43 - CFD: 25/04/2017 - 13:05:45 - [] ----D C:\Users\exame\AppData\Roaming\Motorola
O43 - CFD: 25/04/2017 - 13:07:30 - [] ----D C:\Users\exame\AppData\Roaming\Motorola Mobility
O43 - CFD: 12/06/2017 - 18:17:08 - [] ----D C:\Users\exame\AppData\Roaming\Mozilla
O43 - CFD: 09/08/2016 - 12:34:19 - [] ----D C:\Users\exame\AppData\Roaming\Opera Software
O43 - CFD: 06/06/2017 - 22:19:54 - [0] ----D C:\Users\exame\AppData\Roaming\PeerNetworking
O43 - CFD: 12/06/2017 - 18:17:08 - [] ----D C:\Users\exame\AppData\Roaming\ProductData
O43 - CFD: 11/07/2016 - 18:36:01 - [] ----D C:\Users\exame\AppData\Roaming\Profiles
O43 - CFD: 21/06/2017 - 10:07:43 - [] ----D C:\Users\exame\AppData\Roaming\Skype
O43 - CFD: 12/08/2016 - 08:29:12 - [0] ----D C:\Users\exame\AppData\Roaming\Solvusoft
O43 - CFD: 16/03/2017 - 13:40:16 - [] ----D C:\Users\exame\AppData\Roaming\Sun
O43 - CFD: 24/02/2017 - 15:26:55 - [] ----D C:\Users\exame\AppData\Roaming\Tools
O43 - CFD: 21/06/2017 - 11:04:20 - [] ----D C:\Users\exame\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 15/06/2017 - 05:12:05 - [] ----D C:\Users\exame\AppData\Roaming\vlc
O43 - CFD: 21/06/2017 - 10:23:53 - [] ----D C:\Users\exame\AppData\Roaming\WeatherTool
O43 - CFD: 22/08/2016 - 20:36:17 - [] ----D C:\Users\exame\AppData\Roaming\WinRAR
O43 - CFD: 26/12/2016 - 19:15:10 - [0] ----D C:\Users\exame\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 21/06/2017 - 11:04:56 - [] ----D C:\Users\exame\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 26/12/2016 - 19:15:14 - [0] ----D C:\Users\exame\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 21/06/2016 - 11:45:36 - [] ----D C:\Users\exame\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
O43 - CFD: 11/07/2016 - 07:53:19 - [] ----D C:\Users\exame\AppData\Local\Adobe
O43 - CFD: 27/05/2016 - 00:17:23 - [] ----D C:\Users\exame\AppData\Local\Apps
O43 - CFD: 22/08/2016 - 10:41:02 - [] ----D C:\Users\exame\AppData\Local\Bagbin
O43 - CFD: 20/09/2016 - 06:01:34 - [] ----D C:\Users\exame\AppData\Local\Banglamp
O43 - CFD: 27/05/2016 - 01:21:33 - [] ----D C:\Users\exame\AppData\Local\BMExplorer
O43 - CFD: 11/07/2016 - 07:53:20 - [] ----D C:\Users\exame\AppData\Local\CEF
O43 - CFD: 05/06/2017 - 15:49:29 - [] ----D C:\Users\exame\AppData\Local\CrashDumps
O43 - CFD: 26/05/2016 - 23:44:10 - [] -SH-D C:\Users\exame\AppData\Local\Dados de aplicativos
O43 - CFD: 25/05/2017 - 13:58:50 - [0] ----D C:\Users\exame\AppData\Local\Deployment
O43 - CFD: 20/06/2017 - 21:19:40 - [] ----D C:\Users\exame\AppData\Local\Diagnostics
O43 - CFD: 21/05/2017 - 10:08:01 - [] ----D C:\Users\exame\AppData\Local\ElevatedDiagnostics
O43 - CFD: 12/06/2017 - 18:17:07 - [] ----D C:\Users\exame\AppData\Local\Google
O43 - CFD: 18/06/2016 - 14:16:55 - [] ----D C:\Users\exame\AppData\Local\GWX
O43 - CFD: 08/08/2016 - 12:04:31 - [] ----D C:\Users\exame\AppData\Local\Hewlett-Packard
O43 - CFD: 26/05/2016 - 23:44:10 - [] -SH-D C:\Users\exame\AppData\Local\Histórico
O43 - CFD: 29/06/2016 - 07:07:46 - [] ----D C:\Users\exame\AppData\Local\HP
O43 - CFD: 27/07/2016 - 09:23:43 - [] ----D C:\Users\exame\AppData\Local\HP_Development_Company,_L
O43 - CFD: 16/01/2017 - 20:25:17 - [] ----D C:\Users\exame\AppData\Local\IIIQF
O43 - CFD: 27/09/2016 - 12:57:12 - [] ----D C:\Users\exame\AppData\Local\Jamjob
O43 - CFD: 23/04/2017 - 22:47:04 - [] ----D C:\Users\exame\AppData\Local\Microsoft
O43 - CFD: 08/01/2017 - 15:41:37 - [] ----D C:\Users\exame\AppData\Local\Microsoft Help
O43 - CFD: 04/06/2016 - 19:43:20 - [] ----D C:\Users\exame\AppData\Local\NFS Underground 2
O43 - CFD: 10/07/2016 - 15:56:32 - [] ----D C:\Users\exame\AppData\Local\niughfujuiedghergadom
O43 - CFD: 09/08/2016 - 12:34:20 - [] ----D C:\Users\exame\AppData\Local\Opera Software
O43 - CFD: 19/06/2016 - 08:08:24 - [] ----D C:\Users\exame\AppData\Local\Programs
O43 - CFD: 10/08/2016 - 07:07:52 - [] ----D C:\Users\exame\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 21/06/2017 - 11:02:38 - [] ----D C:\Users\exame\AppData\Local\Temp
O43 - CFD: 26/05/2016 - 23:44:10 - [] -SH-D C:\Users\exame\AppData\Local\Temporary Internet Files
O43 - CFD: 11/07/2016 - 18:36:47 - [] ----D C:\Users\exame\AppData\Local\thudephwutisnimge
O43 - CFD: 04/06/2016 - 20:31:36 - [] ----D C:\Users\exame\AppData\Local\VirtualStore
O43 - CFD: 26/12/2016 - 19:14:59 - [] ----D C:\Users\exame\AppData\Local\Wondershare
O43 - CFD: 14/07/2009 - 01:42:04 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 19/06/2017 - 20:07:48 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/06/2016 - 17:16:04 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
O43 - CFD: 04/06/2016 - 19:42:08 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 01:37:42 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/04/2017 - 11:05:08 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
O43 - CFD: 12/06/2017 - 18:17:08 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
O43 - CFD: 19/06/2017 - 20:07:48 - [] R---D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/08/2016 - 20:35:58 - [] ----D C:\Users\exame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 238 Scanned in 00mn 01s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/06/2017 - 12:56:34 ---A- . (...) -- C:\History [0]
O44 - LFC:[MD5.76A347BD0A6C60389E9069E504629440] - 12/06/2017 - 20:36:43 ---A- . (...) -- C:\Windows\Reimage.ini [99] =>Rogue.ReimageRepair
O44 - LFC:[MD5.BDA7ADB2AF8C7B007355B3E9FEBF77AB] - 12/06/2017 - 20:52:35 ---A- . (...) -- C:\Windows\PFRO.log [7276]
O44 - LFC:[MD5.E5E675AEC355298CA882C08F912600EA] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - DLL de eventos de auditoria de segurança.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.432FFE3F8F7848CE7C3B324322445F24] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - DLL do Esquema de auditoria de segurança.) -- C:\Windows\System32\adtschema.dll [690688]
O44 - LFC:[MD5.4CB4C43E561E0478EA8C3FDEF5CB7647] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.FDC07CA8F3D7A6B0FD9940C493FD93BB] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.B69C93680FA50E980C3876A9B5676C5A] - 18/06/2017 - 17:03:37 ---A- . (.Microsoft Corporation - Nomes de auditoria dos objetos do sistema.) -- C:\Windows\System32\msobjs.dll [60416]
O44 - LFC:[MD5.2D9C5440622FC24B954DA6D17C64DF55] - 18/06/2017 - 17:03:38 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.C3B4631AEA2EE375796FE15818A0F6F8] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - API do Cliente do Windows Update.) -- C:\Windows\System32\wuapi.dll [573440]
O44 - LFC:[MD5.C4B23D2CF32765F1E2B7671B27C5E331] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656]
O44 - LFC:[MD5.63EF04F2497DBD7408598F2EBBA9BC58] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - AppID Certificate Store Verification Task.) -- C:\Windows\System32\appidcertstorecheck.exe [16896]
O44 - LFC:[MD5.20ED6F310B7C56389D97B3BC435A466D] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\Drivers\appid.sys [50688]
O44 - LFC:[MD5.B008EC0EC71EB73B2B13F3032C6FF239] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - AppID Policy Converter Task.) -- C:\Windows\System32\appidpolicyconverter.exe [97792]
O44 - LFC:[MD5.613E2BF7F411D8A26FBBAEDB0A9E76A0] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Base cryptographic API DLL.) -- C:\Windows\System32\cryptbase.dll [36352]
O44 - LFC:[MD5.80C82E8A65D6366A1428856AAB85A1F9] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Biblioteca Principal de Restauração de Sist.) -- C:\Windows\System32\srcore.dll [400896]
O44 - LFC:[MD5.20FA96CA4119C1CC02A9D326E715F802] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Biblioteca criptográfica do Windows.) -- C:\Windows\System32\ncrypt.dll [223232]
O44 - LFC:[MD5.5E319D87058BD69A30E59598669A2ABD] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [17408]
O44 - LFC:[MD5.46E8336D3B98E43B9EE8911CE48D8AFC] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [64000]
O44 - LFC:[MD5.BA97A0437A9EE4F23103322CC4C7A47E] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll [10240]
O44 - LFC:[MD5.BD8A0FCAABECA36E3ADC963FFB11AF4F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DLL de APIs de Identidade de Aplicativo.) -- C:\Windows\System32\appidapi.dll [50688]
O44 - LFC:[MD5.3B7EF68FA050945C468AE782EE61EBEB] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - DLL do servidor LSA.) -- C:\Windows\System32\lsasrv.dll [1062912]
O44 - LFC:[MD5.289AE4BABD0724756B892E7EC7DD6072] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll [70656]
O44 - LFC:[MD5.66F44669F2620BFF46E1FA9F5DAC4828] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [47616]
O44 - LFC:[MD5.B3A29317C3A2A86B051C298E3F82E0D5] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [104960]
O44 - LFC:[MD5.B91D51B994997DEAD02B43C7E48D6A42] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.821BAA35B67EF348201B73AD1D93F350] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [15872]
O44 - LFC:[MD5.808161E20EC7873A1B008EEED300E8AB] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll [26112]
O44 - LFC:[MD5.1F83BB829C2A02CD615B7A1378EC5E6B] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [22016]
O44 - LFC:[MD5.7BD965676B36D6046BA04F5D43E9FC43] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys [98304]
O44 - LFC:[MD5.0659195D46943681473024917C356F55] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\Drivers\mrxsmb10.sys [226304]
O44 - LFC:[MD5.9E8004DBAC3FE12B7A1B40BE317C00AF] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - MUI Callback for Bcd.) -- C:\Windows\System32\setbcdlocale.dll [50176]
O44 - LFC:[MD5.4E7E643A6FAF8FF359EA486BA4F07DD8] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\Windows\System32\iesetup.dll [62464]
O44 - LFC:[MD5.C59CB6657664452F799D3168DF463BBA] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Mecanismo de instalação.) -- C:\Windows\System32\inseng.dll [91136]
O44 - LFC:[MD5.280B0363C54C122F1349B07A33E8E92E] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [261120]
O44 - LFC:[MD5.A2E44E9CC6D8B4CC7CB06F905A292175] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [172032]
O44 - LFC:[MD5.38A3DA3D4C41D07A27F8F7ECB9BACB92] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [43008]
O44 - LFC:[MD5.6D5F4F19338CCF40712FFD5483D7878F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Mount Point Manger Sysprep Utility Library.) -- C:\Windows\System32\msmmsp.dll [10752]
O44 - LFC:[MD5.BCA481258D6D79736626033097B2D903] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\Windows\System32\iernonce.dll [30720]
O44 - LFC:[MD5.B60514060323CC3966FF50BFC84A2DC0] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Processo do tempo de Execução do Servidor d.) -- C:\Windows\System32\csrsrv.dll [38912]
O44 - LFC:[MD5.8801A0DF3B6BEDC23530CBEF816DBBD9] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Programa de Diretiva de Auditoria.) -- C:\Windows\System32\auditpol.exe [50176]
O44 - LFC:[MD5.8E768475A75F95D8D1DC904F1C063C66] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - RPC HTTP DLL.) -- C:\Windows\System32\rpchttp.dll [141312]
O44 - LFC:[MD5.128B38F33325940F84FA38B16284D032] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Restauração do Sistema do Microsoft® Window.) -- C:\Windows\System32\rstrui.exe [262656]
O44 - LFC:[MD5.2E7B05D2B01E5E6B2F1A89768EA64A3D] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [22016]
O44 - LFC:[MD5.AFB5F8D723FA212EBD86804F43FF0B77] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [99840]
O44 - LFC:[MD5.B88B13E10F3D2403FB3775138187811E] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Serviço de Identidade de Aplicativo.) -- C:\Windows\System32\appidsvc.dll [29696]
O44 - LFC:[MD5.2AFF57C13F7ADE1D3D08C68F413E4924] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [73216]
O44 - LFC:[MD5.D3C7191F5A49A26895E645020CE9A29F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [254464]
O44 - LFC:[MD5.4399DA5F36AED9BA58D48543878936AF] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe [689664]
O44 - LFC:[MD5.7848F2A1E4B723009DD786919F815D91] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\Windows\System32\ieUnatt.exe [115712]
O44 - LFC:[MD5.4FAB9495AC00D8A12E9EB14DE518188B] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [65536]
O44 - LFC:[MD5.5299D3EFFD0072E8B4449217E67B67DD] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Cryptographic Primitives Library.) -- C:\Windows\System32\bcrypt.dll [82432]
O44 - LFC:[MD5.46D60EF6ECA5A058CA0A63E2F0990E77] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Setup UI.) -- C:\Windows\System32\WinSetupUI.dll [73728]
O44 - LFC:[MD5.9222E721E38EF60B6627B4AC73E54AB7] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [35328]
O44 - LFC:[MD5.21D5B06910FED890196328720CE0E69F] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [93696]
O44 - LFC:[MD5.D25087EDF7E1EA0FA861B8C5A8791EA1] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update client proxy stub 2.) -- C:\Windows\System32\wups2.dll [35840]
O44 - LFC:[MD5.43FDFED4530916944F35086228179EB3] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update client proxy stub for intern.) -- C:\Windows\System32\wu.upgrade.ps.dll [11776]
O44 - LFC:[MD5.7612127B53E3486A080A64EB67A0ED95] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\System32\wups.dll [30208]
O44 - LFC:[MD5.8737C6345141BB27430A836D359E23FF] - 18/06/2017 - 17:03:38 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [136192]
O44 - LFC:[MD5.F5C3A7DC4A3C2E1A518D1D9BF5CE35EE] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\Windows\System32\advapi32.dll [644096]
O44 - LFC:[MD5.235B9E10E10398E4B03773460992B65A] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\Windows\System32\msrating.dll [168960]
O44 - LFC:[MD5.C32DECD73CF519F5BF4DD3C3FE487C79] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - ExplorerFrame.) -- C:\Windows\System32\ExplorerFrame.dll [1499648]
O44 - LFC:[MD5.6C8D411EDC63379A2DF639F254B9BBFA] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Gerenciador de Sessão do Windows.) -- C:\Windows\System32\smss.exe [69632]
O44 - LFC:[MD5.A6D5F57D8C47D668A4F663BF9B219D21] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [620032]
O44 - LFC:[MD5.DECD2A2E51BC19155705F2E1DA1A60D1] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll [553472]
O44 - LFC:[MD5.B5259B75BFDE00A5CDFD8D70444C8E3C] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Serviço de Cache de Fontes do Windows.) -- C:\Windows\System32\FntCache.dll [909824]
O44 - LFC:[MD5.B2BC24B325A194BC1461D28B58D21E87] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Tempo de Execução da Chamada de Procediment.) -- C:\Windows\System32\rpcrt4.dll [655360]
O44 - LFC:[MD5.07E9743EEA123832D04AA292EB435CAB] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Visualizador de controles de objetos.) -- C:\Windows\System32\occache.dll [130048]
O44 - LFC:[MD5.D071B9246BFD1575D72BD88B66F6FB87] - 18/06/2017 - 17:03:39 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\Drivers\mrxsmb.sys [124416]
O44 - LFC:[MD5.EF651A993C52D89B019F3FC08B820A96] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Conversor de HTML da Microsoft.) -- C:\Windows\System32\html.iec [341504]
O44 - LFC:[MD5.4FFDF016543C1BF8915CF933CF75BC11] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Experiência de Usuário Cliente do Windows U.) -- C:\Windows\System32\wucltux.dll [2953216]
O44 - LFC:[MD5.CE8D9A8CF1CE85AE787A07B81F4E0A44] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [47104]
O44 - LFC:[MD5.0F88A7FF80AD0923F0BCD189994DBA0B] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\Windows\System32\ieui.dll [476160]
O44 - LFC:[MD5.3A7587A2573A5460C311B635A952CE61] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [710144]
O44 - LFC:[MD5.A6F6121711567A714A4680BB1781C76A] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [76288]
O44 - LFC:[MD5.59981F09AEE18D53ABC96AA52D55ABF5] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\System32\webcheck.dll [230400]
O44 - LFC:[MD5.C2E787F8373A8287B06ECFA373B88CC2] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Serviços de Tipografia de DirectX da Micros.) -- C:\Windows\System32\DWrite.dll [1251328]
O44 - LFC:[MD5.F125D0EA19EA00B1841EFAD8C1B4B378] - 18/06/2017 - 17:03:40 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [174080]
O44 - LFC:[MD5.32EB184774A4A1A5F03CC992FDE1079B] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll [1314816]
O44 - LFC:[MD5.2799A0C93B74A00757E55F1E1AED2957] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - MSSHooks.dll.) -- C:\Windows\System32\msshooks.dll [9728]
O44 - LFC:[MD5.28238510F672C0151C1EA56309E6EF2F] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [693248]
O44 - LFC:[MD5.85B0626CE884936A18F47CD4AA890412] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft Search Proxy.) -- C:\Windows\System32\mssprxy.dll [34816]
O44 - LFC:[MD5.67E8B8B3D758CE618249FB2143D1C49B] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft Windows Search Filter Host.) -- C:\Windows\System32\SearchFilterHost.exe [86528]
O44 - LFC:[MD5.343C2AF6C21F88EBF89D3FA8C913F24F] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [663552]
O44 - LFC:[MD5.26B60687D5891158D2B8A0E943B77F07] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [499200]
O44 - LFC:[MD5.6ECFB0451DAF8E07C3FD2B72F55D0E41] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\Windows\System32\inetcpl.cpl [2057216]
O44 - LFC:[MD5.7D54C0240E252158F477C42603459840] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Plataforma MSSearch Vista.) -- C:\Windows\System32\mssvp.dll [666624]
O44 - LFC:[MD5.61B459EB5D757FEB2A09F26DAF324ABC] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2290176]
O44 - LFC:[MD5.BDAF9986D957DB8174012C37692E6622] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - msscntrs.dll.) -- C:\Windows\System32\msscntrs.dll [59392]
O44 - LFC:[MD5.A278D9480798D233B16190AC7252B260] - 18/06/2017 - 17:03:41 ---A- . (.Microsoft Corporation - mssitlb.) -- C:\Windows\System32\mssitlb.dll [104448]
O44 - LFC:[MD5.64669AB349067A8A521F96ACF5B527CA] - 18/06/2017 - 17:03:41 ---A- . (.No owner - Aplicativo PrintBrm.) -- C:\Windows\System32\PrintBrmUi.exe [66048]
O44 - LFC:[MD5.9D7DA46D498CFE621791BE6A9A3C189D] - 18/06/2017 - 17:03:42 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [308456]
O44 - LFC:[MD5.56295964C1B7AA9EB55994A0D2FF7FF8] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Conector do Outlook MSSearch.) -- C:\Windows\System32\mssphtb.dll [197120]
O44 - LFC:[MD5.B3DCFDB1CC7AE5C2EAE08E87588CE360] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - DLL de nível do NT.) -- C:\Windows\System32\ntdll.dll [1310528]
O44 - LFC:[MD5.69E1A2342DD24F8BE0C78546EB546277] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - DLL do spooler local.) -- C:\Windows\System32\localspl.dll [779776]
O44 - LFC:[MD5.C2CF55443D72915B513B2B434D03C050] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll [346320]
O44 - LFC:[MD5.77D5322ABB841FB22803F8D6782479ED] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Indexador do Microsoft Windows Search.) -- C:\Windows\System32\SearchIndexer.exe [427520]
O44 - LFC:[MD5.7A0BE123229374477CACA4F816339660] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [67304]
O44 - LFC:[MD5.60A3E1FAA410B7FB7F243A6747243E1E] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [137960]
O44 - LFC:[MD5.8573C2DF99A3F855675DB50CD9C65D7A] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Manipulador de Protocolo Microsoft Search.) -- C:\Windows\System32\mssph.dll [337408]
O44 - LFC:[MD5.6788A1060D8D04E1C540ECF948220A16] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1155072]
O44 - LFC:[MD5.825A18C71EC3D80A674285AAA959212F] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [667648]
O44 - LFC:[MD5.CC110E318C34FE397B1370D9ED783D5E] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) -- C:\Windows\System32\SearchProtocolHost.exe [164352]
O44 - LFC:[MD5.C648901695E275C8F2AD04B687A68CE2] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - Processo de host do Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45056]
O44 - LFC:[MD5.01743A8A62F2C0488F9C4F6D25C21B2C] - 18/06/2017 - 17:03:42 ---A- . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\Drivers\tdx.sys [74752]
O44 - LFC:[MD5.3B55B2000DEBDC210693530B669B9966] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Ajuda e Suporte da Microsoft.) -- C:\Windows\HelpPane.exe [497152]
O44 - LFC:[MD5.45987221A09C7535395A1A9C38DFB114] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [306688]
O44 - LFC:[MD5.9664F55623B43FD85D5642A202976AEE] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Gerenciador de Pontos de Montagem.) -- C:\Windows\System32\Drivers\mountmgr.sys [78568]
O44 - LFC:[MD5.08A2667D4A1F78292AAE6754AEAC8308] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Provedor de Impressão do Processo do Client.) -- C:\Windows\System32\win32spl.dll [497664]
O44 - LFC:[MD5.9B2BA304828D5FABF87348D59D635AC7] - 18/06/2017 - 17:03:43 ---A- . (.Microsoft Corporation - Reprodução Automática da Transferência Fáci.) -- C:\Windows\System32\MigAutoPlay.exe [91368]
O44 - LFC:[MD5.25FACE67FAECD9E98A712048BF11A623] - 18/06/2017 - 17:03:44 ---A- . (.Microsoft Corporation - Uniscribe Unicode script processor.) -- C:\Windows\System32\usp10.dll [629760]
O44 - LFC:[MD5.010CF929D6BD8E6877AB1C2694EA6F45] - 18/06/2017 - 17:03:44 ---A- . (.Microsoft Corporation - mssrch.dll.) -- C:\Windows\System32\mssrch.dll [1400320]
O44 - LFC:[MD5.36A48A1471CEE37D11CFDAB2C9EF63B2] - 18/06/2017 - 17:03:45 ---A- . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll [12880896]
O44 - LFC:[MD5.642A5C8133B07C3F6F381E93DA590F3C] - 18/06/2017 - 17:03:45 ---A- . (.Microsoft Corporation - tquery.dll.) -- C:\Windows\System32\tquery.dll [1549824]
O44 - LFC:[MD5.2ADE0250EC6773A04D47C4FA253FDA8D] - 18/06/2017 - 17:03:46 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [4001000]
O44 - LFC:[MD5.BECFF07257DD80EEF20904B4A2D3B319] - 18/06/2017 - 17:03:46 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3945704]
O44 - LFC:[MD5.DCEB6F8CD73D7DDAEABA604DF4D11C49] - 18/06/2017 - 17:03:47 ---A- . (.Microsoft Corporation - Driver Win32 multiusuário.) -- C:\Windows\System32\win32k.sys [2401792]
O44 - LFC:[MD5.9B934764D5320F5F2FC0C3CB663F7A3E] - 18/06/2017 - 17:03:47 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [2767872]
O44 - LFC:[MD5.8E6E93DFE1C8C1732E4B2C843CE4ABA5] - 18/06/2017 - 17:03:47 ---A- . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2092032]
O44 - LFC:[MD5.3104963B375C6BCB80B8BD06E6E5F859] - 18/06/2017 - 17:03:48 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [4549120]
O44 - LFC:[MD5.BCA2778F2BF8F07176D695AEB8F03B01] - 18/06/2017 - 17:03:49 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\Windows\System32\ieframe.dll [13664768]
O44 - LFC:[MD5.4F3ED8A4AAD8A4A87361094559579C56] - 18/06/2017 - 17:03:51 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll [20274688]
O44 - LFC:[MD5.960AE99A15B1C8C9FBDDDE97606478F9] - 18/06/2017 - 17:03:53 ---A- . (.Microsoft Corporation - Direct3D HLSL Compiler for Redistribution.) -- C:\Windows\System32\D3DCompiler_47.dll [3550208]
O44 - LFC:[MD5.A29E3A80C524723FD4163187AA2B6C54] - 19/06/2017 - 00:31:15 ---A- . (.Microsoft Corporation - Ferramentas de Remoção de Software Mal-Inte.) -- C:\Windows\System32\MRT.exe [130903960]
O44 - LFC:[MD5.C6F3F40C7BED004AB90AE216E1A69263] - 19/06/2017 - 20:06:20 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [418496]
O44 - LFC:[MD5.82E931C912C7EEE36E31AD26ADAF2600] - 19/06/2017 - 20:17:08 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [803328]
O44 - LFC:[MD5.56F5F9633110674F2FDA4DAFD9D4165E] - 19/06/2017 - 20:17:08 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [144896]
O44 - LFC:[MD5.D4DC05E513976C37F1F1BB76429AD9CC] - 21/06/2017 - 10:06:02 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.8E63F7DA03E14448F2E0B314C677DE76] - 21/06/2017 - 10:06:09 ---A- . (...) -- C:\Windows\setupact.log [2922]
O44 - LFC:[MD5.CC3DC6E8B41D8376E458685733A1916C] - 21/06/2017 - 10:07:41 ---A- . (...) -- C:\MotoHelperConfig.ini [40]
O44 - LFC:[MD5.F16AC7E773BA8F5F7BBD62A5B761E493] - 21/06/2017 - 10:33:56 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1144425]
O44 - LFC:[MD5.9EB777A18A1298DAFAE2B3433BE72DA6] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1755670]
O44 - LFC:[MD5.C3DDC304B2A5148DEDA377660401E46C] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\perfc009.dat [135324]
O44 - LFC:[MD5.787EE2FC3E219A826409DD0E39BE5E07] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\perfh009.dat [697018]
O44 - LFC:[MD5.13276A5F104C0D56BD095BA640BBC8CB] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [162464]
O44 - LFC:[MD5.7001805B04B84BEFC0EFEB2E5AA2068D] - 21/06/2017 - 10:58:02 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [753502]
~ Files: 138 Scanned in 00mn 48s
---\\ Últimos arquivos criados no Windows Prefetcher (045)
O45 - LFCP:[MD5.2C03240D53BAF5C774A8853B3A5D2562] - 21/06/2017 - 10:04:52 ---A- - C:\Windows\Prefetch\UTORRENTIE.EXE-DDD28CCF.pf =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSimpleNetIDList"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=221
O56 - MWPE:[HKCU\...\policies\Explorer] - "NolowDiskSpaceChecks"=1
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:13/07/2009 - 22:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 02:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 02:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:05/07/2013 - 13:56:36 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [416560]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:23/03/2016 - 02:00:38 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athr.sys [3374376]
O58 - SDL:07/10/2010 - 02:17:20 ---A- . (.AVerMedia TECHNOLOGIES, Inc. - AVerMedia Hybrid TV Driver.) -- C:\Windows\System32\Drivers\AVerPola.sys [478464]
O58 - SDL:07/10/2010 - 02:17:30 ---A- . (.AVerMedia TECHNOLOGIES, Inc. - AVerMedia USB Polaris Series Custom IR Driver.) -- C:\Windows\System32\Drivers\AVPolCIR.sys [38144]
O58 - SDL:13/07/2009 - 19:02:49 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:13/07/2009 - 21:57:25 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 19:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [259232]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [24736]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [34976]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [175776]
O58 - SDL:31/03/2011 - 14:07:38 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [49312]
O58 - SDL:31/03/2011 - 14:07:40 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [141088]
O58 - SDL:19/06/2016 - 08:20:33 ---A- . (.IVT Corporation. - Bluetooth USB Device Driver.) -- C:\Windows\System32\Drivers\btcusb.sys [47504]
O58 - SDL:31/03/2011 - 14:07:40 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [243360]
O58 - SDL:13/07/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:13/07/2009 - 22:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:13/09/2013 - 09:28:36 ---A- . (.Cypress Semiconductor, Inc. - Trackpad Driver.) -- C:\Windows\System32\Drivers\cykbfltr.sys [16384]
O58 - SDL:19/09/2016 - 22:07:28 ---A- . (.Windows (R) Win 7 DDK provider - Dropbox Filter Driver.) -- C:\Windows\System32\Drivers\dbx-canary.sys [62064]
O58 - SDL:19/09/2016 - 22:07:38 ---A- . (.Windows (R) Win 7 DDK provider - Dropbox Filter Driver.) -- C:\Windows\System32\Drivers\dbx-dev.sys [62064]
O58 - SDL:19/09/2016 - 22:07:28 ---A- . (.Windows (R) Win 7 DDK provider - Dropbox Filter Driver.) -- C:\Windows\System32\Drivers\dbx-stable.sys [62064]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:13/07/2009 - 19:02:50 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:19/10/2010 - 16:33:40 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECI.sys [41088]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:19/06/2016 - 08:15:33 ---A- . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\Drivers\HWiNFO32.SYS [23840]
O58 - SDL:29/05/2015 - 16:05:32 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStorA.sys [503048]
O58 - SDL:29/05/2015 - 16:05:32 ---A- . (.Intel Corporation - Intel Rapid Storage Technology Filter driver - x86.) -- C:\Windows\System32\Drivers\iaStorF.sys [27376]
O58 - SDL:11/03/2011 - 02:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:15/11/2012 - 02:03:56 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [7408128]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:29/03/2017 - 18:05:42 ---A- . (.IObit.com - IMFCameraProtect.) -- C:\Windows\System32\Drivers\IMFCameraProtect.sys [25120]
O58 - SDL:19/06/2016 - 08:30:43 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [379128]
O58 - SDL:04/12/2015 - 19:25:34 ---A- . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\legendasdrv.sys [48368]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:13/07/2009 - 22:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:13/07/2009 - 22:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:13/07/2009 - 22:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:11/03/2011 - 02:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:11/03/2011 - 02:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:23/01/2017 - 07:38:32 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\System32\Drivers\Rt86win7.sys [777736]
O58 - SDL:28/11/2016 - 05:05:47 ---A- . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\Windows\System32\Drivers\RtsUer.sys [304344]
O58 - SDL:13/07/2009 - 17:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:22/03/2016 - 11:02:16 ---A- . (.IObit - SmartDefrag Driver.) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:16/08/2013 - 05:21:10 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys [459264]
O58 - SDL:10/08/2016 - 07:04:12 ---A- . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\Windows\System32\Drivers\SWDUMon.sys [13368]
O58 - SDL:29/03/2016 - 08:01:42 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriver.sys [157752]
O58 - SDL:13/07/2009 - 22:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:13/07/2009 - 22:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:30/04/2015 - 00:01:06 ---A- . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\Drivers\wdcsam.sys [20256]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:24/01/2011 - 14:39:08 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athr.sys [2152448]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 90 Scanned in 00mn 04s
---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 15/06/2017 - 11:06:06 ---A- . (...) -- C:\Users\exame\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll [17785856] =>.Google PepperFlash
O61 - LFC: 18/06/2017 - 11:06:15 ---A- . (.Google Inc..) -- C:\Users\exame\AppData\Local\Temp\CR_6064C.tmp\setup.exe [1394008]
O61 - LFC: 18/06/2017 - 11:06:15 ---A- . (.Oracle Corporation.) -- C:\Users\exame\AppData\Local\Temp\jds523570.tmp\jre-8u131-windows-au.exe [1623104]
O61 - LFC: 18/06/2017 - 11:06:15 ---A- . (.Oracle Corporation.) -- C:\Users\exame\AppData\Local\Temp\jre-8u131-windows-au.exe [739904]
O61 - LFC: 18/06/2017 - 11:06:17 ---A- . (...) -- C:\Users\exame\AppData\LocalLow\Oracle\Java\jre1.8.0_131\java_sp.dll [894950]
O61 - LFC: 21/06/2017 - 11:06:18 ---A- . (.GlavSoft LLC..) -- C:\Users\exame\AppData\Roaming\Java\crov.exe [1690096]
O61 - LFC: 21/06/2017 - 11:06:18 ---A- . (.Microsoft Corporation.) -- C:\Users\exame\AppData\Roaming\Java\makecert.exe [55632]
O61 - LFC: 21/06/2017 - 11:06:20 ---A- . (...) -- C:\Users\exame\AppData\Roaming\ZHP\ZHPDiag3.exe [2751872] =>.Nicolas Coolman
O61 - LFC: 21/06/2017 - 11:06:20 ---A- . (...) -- C:\Users\exame\Downloads\ZHPDiag3.exe [2751872] =>.Nicolas Coolman
O61 - LFC: 21/06/2017 - 11:06:20 ---A- . (.Nicolas Coolman.) -- C:\Users\exame\Downloads\ZHPDiag2-2015.4.6.36.exe [6877287] =>.Nicolas Coolman
~ 436 Fichiers temporaires (Temporary files)
~ 544 Fichiers cookies (Cookies files)
~ Files: 10 Scanned in 00mn 20s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 19/06/2016 - C:\Windows\system32\drivers\HWiNFO32.sys (HWiNFO32) .(.REALiX(tm) - HWiNFO x86 Kernel Driver.) - LEGACY_HWINFO32
O64 - Services: CurCS - 04/12/2015 - C:\Windows\System32\drivers\legendasdrv.sys (legendasdrv) .(.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - LEGACY_LEGENDASDRV
O64 - Services: CurCS - 22/03/2016 - C:\Windows\System32\Drivers\SmartDefragDriver.sys (SmartDefragDriver) .(.IObit - SmartDefrag Driver.) - LEGACY_SMARTDEFRAGDRIVER
~ Legacy: 78 Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Scanned in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 02mn 54s
---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [606720]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [474624]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2092032]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [751104]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [149504]
~ Services: 33 Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.E10F238101243073F157FC91C68C3305] [SPRF][25/07/2016] (...) -- C:\ProgramData\ntuser.dat [262144]
~ Files: 1 Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{F1064BD0-837E-47F0-8F27-8298E3D52768}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{BD02FA3C-E62F-4AD7-9792-95029FD85C41}" | Out - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{7F6F3A91-BC26-490C-8486-BBD2C0400AC7}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{45852B68-6623-4313-8E1C-64E5473FA25C}" | In - Public - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{1D419C37-02AF-46E9-9A1E-F27434D930C0}" | In - Public - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{E3C680A5-4C06-4635-9E64-93097BE12A81}" | Out - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 6 Scanned in 00mn 01s
---\\ Pesquisa desvio do DNS do roteador (LIV) (089)
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Adobe Acrobat Update Task","21/06/2017 21:00:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:19:40","0","Adobe Systems Incorporated","C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ","N/A","This task keeps your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Adobe Acrobat Update Task","21/06/2017 21:00:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:19:40","0","Adobe Systems Incorporated","C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ","N/A","This task keeps your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","21:00:00","01/01/2013","02/05/2027","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Adobe Flash Player Updater","21/06/2017 11:44:00","Pronto","Interativo/segundo plano","21/06/2017 10:44:00","0","Adobe Systems Incorporated","C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ","N/A","Esta tarefa mant‚m sua instala‡Æo do Adobe Flash Player atualizada com os aprimoramentos e as corre‡äes de seguran‡a mais recentes. Se esta tarefa for desativada ou removida, o Adobe Flash Player nÆo poder proteger sua m quina automaticamente com as co","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","21:44:00","31/12/1999","N/A","A cada 1 dia(s)","N/A","1 hora(s), 0 minuto(s)","Nenhum","24 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\ASC8_PerformanceMonitor","N/A","NÆo foi poss¡vel iniciar","Interativo apenas","21/06/2017 10:07:40","-2147024893","N/A","C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe /Task","N/A","N/A","Habilitado","Desativado","","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\ASC8_SkipUac_exame","N/A","Pronto","Interativo apenas","N/A","1","N/A",""C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac","N/A","N/A","Habilitado","Desativado","","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\EPSON L375 Series Update {F059BDD9-045E-48EB-B555-9A90D2334478}","21/06/2017 11:50:00","Pronto","Interativo/segundo plano","21/06/2017 10:50:00","0","SISTEMA","C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSN8E.EXE /EXE:"{F059BDD9-045E-48EB-B555-9A90D2334478}" /F:"Update"","N/A","Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.This task is uninstalled automatically when you uninstall the related pri","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","08:50:00","10/01/2017","N/A","A cada 1 dia(s)","N/A","1 hora(s), 0 minuto(s)","Nenhum","24 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\GoogleUpdateTaskMachineCore","22/06/2017 09:24:25","Pronto","Interativo/segundo plano","21/06/2017 10:07:41","0","N/A","C:\Program Files\Google\Update\GoogleUpdate.exe /c","N/A","Mant‚m o seu software do Google atualizado. Se esta tarefa for desativada ou interrompida, o seu software do Google nÆo ser mantido atualizado, o que significa que vulnerabilidades que poderÆo surgir na seguran‡a nÆo serÆo reparadas e recursos poderÆo ","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\GoogleUpdateTaskMachineCore","22/06/2017 09:24:25","Pronto","Interativo/segundo plano","21/06/2017 10:07:41","0","N/A","C:\Program Files\Google\Update\GoogleUpdate.exe /c","N/A","Mant‚m o seu software do Google atualizado. Se esta tarefa for desativada ou interrompida, o seu software do Google nÆo ser mantido atualizado, o que significa que vulnerabilidades que poderÆo surgir na seguran‡a nÆo serÆo reparadas e recursos poderÆo ","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","09:24:25","28/04/2017","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\GoogleUpdateTaskMachineUA","21/06/2017 11:24:26","Pronto","Interativo/segundo plano","21/06/2017 10:24:26","0","N/A","C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler","N/A","Mant‚m o seu software do Google atualizado. Se esta tarefa for desativada ou interrompida, o seu software do Google nÆo ser mantido atualizado, o que significa que vulnerabilidades que poderÆo surgir na seguran‡a nÆo serÆo reparadas e recursos poderÆo ","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","09:24:26","28/04/2017","N/A","A cada 1 dia(s)","N/A","1 hora(s), 0 minuto(s)","Nenhum","24 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\HPCeeScheduleForexame","22/07/2017 19:55:00","Pronto","Interativo apenas","18/06/2017 19:55:00","0","exame","C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForexame (null)","N/A","N/A","Habilitado","Desativado","","exame","PT0S","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","19:55:00","22/06/2017","N/A","N/A","N/A","6 hora(s), 0 minuto(s)","Nenhum","720 hora(s), 0 minuto(s)","Desativado"
"EXAME-PC","\Motorola Device Manager Initial Update","N/A","Pronto","Interativo/segundo plano","25/04/2017 13:50:00","0","exame",""C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -d -silent","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez","13:50:00","25/04/2017","N/A","N/A","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Motorola Device Manager Update","04/07/2017 13:20:00","Pronto","Interativo/segundo plano","09/05/2017 13:20:00","0","exame",""C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -d -silent","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","13:20:00","25/04/2017","N/A","A cada 14 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}","21/06/2017 15:26:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:07:40","0","exame","C:\Program Files\tools\update\tools_update.exe -Update","N/A","Tools update check when system start. It will automatically unload if there is no Tools soft.","Habilitado","Desativado","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}","21/06/2017 15:26:00","Desconhecido","Interativo/segundo plano","21/06/2017 10:07:40","0","exame","C:\Program Files\tools\update\tools_update.exe -Update","N/A","Tools update check when system start. It will automatically unload if there is no Tools soft.","Habilitado","Desativado","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","15:26:00","24/02/2017","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Uninstaller_SkipUac_exame","N/A","Pronto","Interativo apenas","N/A","1","N/A","C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer","N/A","N/A","Habilitado","Desativado","","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{1B698559-8634-4AB9-9C27-1CF03B9EBA12}","N/A","Pronto","Interativo apenas","16/03/2017 12:54:23","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Users\exame\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LG66LQQY\JavaSetup8u121.exe" -d C:\Users\exame\Desktop","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{20084F90-0189-40E8-8191-7872175A0B9F}","N/A","Pronto","Interativo/segundo plano","04/08/2016 08:30:08","0","SkypeSetupLight",""c:\program files\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002","N/A","N/A","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A" =>Hijacker.Browsers
"EXAME-PC","\{36C01001-AFBA-492B-AC51-010B2FB19624}","N/A","Pronto","Interativo apenas","27/05/2016 00:51:05","0","N/A","C:\Windows\system32\pcalua.exe -a C:\Users\exame\Downloads\dotnetfx35.exe -d C:\Users\exame\Downloads","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{3910BBA3-96DB-4330-9D75-F77DC66CE2BA}","N/A","Pronto","Interativo/segundo plano","04/08/2016 07:58:13","0","SkypeSetupLight",""c:\program files\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002","N/A","N/A","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A" =>Hijacker.Browsers
"EXAME-PC","\{63B546AA-FB21-4AE3-B5F5-5BEB316444D8}","N/A","Pronto","Interativo apenas","10/08/2016 08:53:24","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Users\exame\Downloads\HPSupportSolutionsFramework-12.5.26.37 (2).exe" -d C:\Users\exame\Downloads","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{6FF17A9B-915D-46F7-A69C-7CA9EC82F167}","N/A","Pronto","Interativo apenas","24/04/2017 07:31:49","0","N/A","C:\Windows\system32\pcalua.exe -a C:\Users\exame\AppData\Local\Temp\jre-8u131-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{C6B5865B-E9A2-4F36-A597-1C79FCE29464}","N/A","Pronto","Interativo apenas","06/08/2016 12:26:43","1073807364","N/A","C:\Windows\system32\pcalua.exe -a C:\Users\exame\Downloads\chromeinstall-8u101.exe -d C:\Users\exame\Downloads","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{D4D740EA-BB79-4651-ADFC-0306947EEA0E}","N/A","Pronto","Interativo apenas","18/04/2017 11:06:01","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2017\IRPF2017.exe" -d "C:\Arquivos de Programas RFB\IRPF2017"","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\{F66929D3-50C0-43DD-99AC-A9C00181548C}","N/A","Pronto","Interativo apenas","06/08/2016 11:22:08","0","N/A","C:\Windows\system32\pcalua.exe -a "C:\Users\exame\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3F22K8S\JavaSetup8u101.exe" -d C:\Users\exame\Desktop","N/A","N/A","Habilitado","Desativado","Parar se estiver usando baterias","exame-PC\exame","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report","21/06/2017 19:21:13","Pronto","Interativo/segundo plano","20/06/2017 18:43:25","0","HP Inc.","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send","N/A","HP Support Solutions Framework Report","Habilitado","Desativado","","Administradores","Habilitado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","18:34:32","08/08/2016","08/08/2024","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado" =>.Hewlett-Packard Co
"EXAME-PC","\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater","24/06/2017 13:37:12","NÆo foi poss¡vel iniciar","Interativo/segundo plano","18/06/2017 11:57:04","-5","HP Inc.","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\","Check for updates to HP Support Solutions Framework components","Habilitado","Desativado","","Administradores","Habilitado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","13:05:55","09/08/2016","08/08/2024","SAT","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado" =>.Hewlett-Packard Co
"EXAME-PC","\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources","N/A","Pronto","Interativo/segundo plano","08/08/2016 13:06:54","0","HP Inc.","C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m","C:\Program Files\Hewlett-Packard\HP Support Framework\","HP Support Solutions Framework Updater - Resources","Habilitado","Desativado","","Administradores","Habilitado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez","12:06:54","08/08/2016","08/08/2016","N/A","N/A","Desativado","Desativado","Desativado","Desativado" =>.Hewlett-Packard Co
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Atualiza os modelos da diretiva de direitos RMS do AD para o usu rio. Esse trabalho nÆo fornecer um prompt de credencial se a autentica‡Æo para o servi‡o da web de distribui‡Æo do modelo no servidor falhar. Nesse caso, a falha ser silenciosa.","Desativado","Desativado","","Todos","Desativado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:00:00","09/11/2006","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Atualiza os modelos da diretiva de direitos RMS do AD para o usu rio. Esse trabalho nÆo fornecer um prompt de credencial se a autentica‡Æo para o servi‡o da web de distribui‡Æo do modelo no servidor falhar. Nesse caso, a falha ser silenciosa.","Desativado","Desativado","","Todos","Desativado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Atualiza os modelos da diretiva de direitos RMS do AD para o usu rio. Esse trabalho fornecer um prompt de credencial se a autentica‡Æo para o servi‡o da web de distribui‡Æo do modelo no servidor falhar.","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Todos","Habilitado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\AppID\PolicyConverter","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\appidpolicyconverter.exe ","N/A","Converte as diretrizes de restri‡Æo de software de XML para o formato bin rio.","Desativado","Desativado","","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\appidcertstorecheck.exe ","N/A","Verifica se h certificados inv lidos ou revogados no cache do certificado AppID.","Desativado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Application Experience\AitAgent","22/06/2017 02:30:00","Desconhecido","Interativo/segundo plano","20/06/2017 21:12:17","0","Microsoft Corporation","aitagent ","N/A","Agrega e carrega informa‡äes de Telemetria de Aplicativos se tiver aceitado o Programa de Aperfei‡oamento da Experiˆncia do Usu rio da Microsoft..","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1320 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","02:30:00","08/10/2007","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser","22/06/2017 04:25:11","Pronto","Interativo/segundo plano","21/06/2017 07:41:28","0","N/A","V rias a‡äes","V rias a‡äes","N/A","Habilitado","Desativado","","SISTEMA","Habilitado","96:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:00:00","28/04/2014","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Application Experience\ProgramDataUpdater","22/06/2017 01:29:45","Desconhecido","Interativo/segundo plano","20/06/2017 21:12:17","0","N/A","%windir%\system32\compattelrunner.exe -maintenance","N/A","N/A","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","23:30:00","28/04/2014","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Autochk\Proxy","N/A","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations","N/A","Esta tarefa coleta e carrega os dados de SQM de autochk se a op‡Æo de Programa de Aperfei‡oamento da Experiˆncia do Usu rio da Microsoft tiver sido aceita.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 525600 minutos","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Bluetooth\UninstallDeviceTask","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft","BthUdTask.exe $(Arg0)","N/A","Desinstala o dispositivo PnP associado … ID de servi‡o do Bluetooth especificado","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\SystemTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:06:23","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\SystemTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:06:23","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\SystemTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:06:23","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 07:38:38","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 07:38:38","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask","N/A","Pronto","Interativo/segundo plano","21/06/2017 07:38:38","0","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Habilitado","Desativado","Parar se estiver usando baterias","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask-Roam","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\CertificateServicesClient\UserTask-Roam","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","O Cliente de Servi‡os de Certificado gerencia automaticamente identidades digitais, tais como Certificados, Chaves e Credenciais para usu rios e computadores, permitindo a inscri‡Æo, mobilidade e outros servi‡os.","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Customer Experience Improvement Program\Consolidator","22/06/2017 05:00:00","NÆo foi poss¡vel iniciar","Interativo/segundo plano","21/06/2017 10:00:01","-2147479295","Microsoft Corporation","%SystemRoot%\System32\wsqmcons.exe ","N/A","Se o usu rio aceitou participar do Programa de Aperfei‡oamento da Experiˆncia do Usu rio do Windows, esse trabalho coleta e envia dados de uso para a Microsoft.","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","02/01/2004","N/A","N/A","N/A","19 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask","22/06/2017 03:30:00","Pronto","Interativo/segundo plano","20/06/2017 21:12:17","0","Microsoft Corporation","Manipulador COM","N/A","A tarefa do Programa de Aperfei‡oamento da Experiˆncia do Usu rio Kernel (CEIP) coleta informa‡äes adicionais sobre o sistema e envia esses dados … Microsoft. Se o usu rio nÆo tiver aceitado participar do Programa de Aperfei‡oamento da Experiˆncia do Us","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1020 minutos","NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","03:30:00","01/09/2008","N/A","THU","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip","22/06/2017 01:30:00","Pronto","Interativo/segundo plano","19/06/2017 20:09:48","0","Microsoft Corporation","Manipulador COM","N/A","A tarefa do Programa de Aperfei‡oamento da Experiˆncia do Usu rio USB (CEIP) coleta estat¡sticas relacionadas ao Barramento Serial Universal e informa‡äes sobre seu computador, e as envia ao grupo de engenharia da Conectividade do Dispositivo Windows na","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","01:30:00","25/04/2008","N/A","A cada 3 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Defrag\ScheduledDefrag","28/06/2017 01:19:59","Desconhecido","Interativo/segundo plano","20/06/2017 21:12:17","0","Microsoft Corporation","%windir%\system32\defrag.exe -c","N/A","Esta tarefa desfragmenta as unidades de disco r¡gido dos computadores.","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 10080 minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2005","N/A","WED","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Diagnosis\Scheduled","25/06/2017 01:00:00","Pronto","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","Manipulador COM","N/A","A Tarefa de Manuten‡Æo Programada do Windows executa a manuten‡Æo peri¢dica do sistema do computador, corrigindo automaticamente os problemas ou relatando-os pela Central de A‡äes.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 480 minutos","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","INTERATIVO","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2004","N/A","SUN","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector","Desativado","","Interativo/segundo plano","17/07/2016 01:00:00","0","Microsoft Corporation","%windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART","N/A","O Diagn¢stico de Disco do Windows relata para a Microsoft informa‡äes gerais do disco e do sistema de usu rios participantes do Programa de Aperfei‡oamento da Experiˆncia do Usu rio.","Desativado","Iniciar apenas se ficar ocioso por minutos, Se nÆo estiver ocioso, tente novamente por minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2004","N/A","SUN","A cada 2 semana(s)","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\DFDWiz.exe ","N/A","O Resolvedor de Diagn¢stico de Disco do Microsoft Windows avisa os usu rios sobre falhas relatadas pelos discos r¡gidos que suportam o padrÆo S.M.A.R.T. Essa tarefa ‚ disparada automaticamente pelo Servi‡o de Diretiva de Diagn¢stico quando uma falha S.M","Desativado","Desativado","","Usu rios","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Location\Notifications","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%windir%\System32\LocationNotifications.exe ","N/A","Atividade do Local","Habilitado","Desativado","","Usu rios autenticados","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Maintenance\WinSAT","25/06/2017 01:00:00","Pronto","Interativo/segundo plano","21/05/2017 01:00:00","0","Microsoft","Manipulador COM","N/A","Mede o desempenho e os recursos de um sistema","Habilitado","Iniciar apenas se ficar ocioso por minutos, Se nÆo estiver ocioso, tente novamente por minutos Interromper a tarefa se o estado ocioso terminar","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Administradores","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2008","N/A","SUN","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Media Center\ActivateWindowsSearch","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch","N/A","Trabalho de Reindexa‡Æo de Pesquisa do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ConfigureInternetTimeService","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService","N/A","Trabalho de configura‡Æo do Servi‡o de Atualiza‡Æo de Tempo do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\DispatchRecoveryTasks","N/A","Pronto","Interativo/segundo plano","22/03/2017 21:26:24","0","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)","N/A","Trabalho do Distribuidor de Tarefas de Recupera‡Æo do Media Center Privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ehDRMInit","N/A","Pronto","Interativo/segundo plano","09/09/2016 06:38:06","0","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DRMInit","N/A","Trabalho de inicializa‡Æo DRM do Media Center privilegiado","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\InstallPlayReady","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)","N/A","Trabalho de instala‡Æo do PlayReady do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\mcupdate","N/A","Pronto","Interativo/segundo plano","18/06/2016 17:18:25","0","N/A","%SystemRoot%\ehome\mcupdate $(Arg0)","N/A","Verifique se h atualiza‡äes do Media Center.","Habilitado","Desativado","Parar se estiver usando baterias","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\mcupdate_scheduled","N/A","Pronto","Interativo/segundo plano","09/09/2016 06:37:49","0","N/A","%SystemRoot%\ehome\mcupdate -crl -hms -pscn 15","N/A","Check for Media Center updates.","Habilitado","Desativado","NÆo iniciar se estiver usando baterias","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\MediaCenterRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo do Media Center","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo do Reposit¢rio de Objetos","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\OCURActivate","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate","N/A","Trabalho de ativa‡Æo OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\OCURDiscovery","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PBDADiscovery","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PBDADiscoveryW1","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PBDADiscoveryW2","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery","N/A","Trabalho de descoberta OCUR do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","01:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PeriodicScanRetry","Desativado","","Interativo/segundo plano","N/A","1","N/A","%windir%\ehome\MCUpdate.exe -pscn 0","N/A","Scanner peri¢dico em segundo plano - PeriodicScanRetry","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SERVI€O DE REDE","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez","17:33:00","09/09/2006","N/A","N/A","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Media Center\PvrRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo de Pvr","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\PvrScheduleTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Agendamento de PVR","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\RecordingRestart","Desativado","","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehrec /RestartRecording","N/A","Reinicia as grava‡äes ap¢s uma falta de energia.","Desativado","Desativado","Parar se estiver usando baterias","SERVI€O DE REDE","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\RegisterSearch","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)","N/A","Trabalho de registro de Pesquisa do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\ReindexSearchRoot","N/A","NÆo foi poss¡vel iniciar","Interativo/segundo plano","07/09/2016 05:59:28","-2147024809","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot","N/A","Trabalho de Reindexa‡Æo de Pesquisa do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\SqlLiteRecoveryTask","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","V rias a‡äes","V rias a‡äes","Executar atividades de Recupera‡Æo de Dados","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\StartRecording","N/A","Pronto","Interativo/segundo plano","N/A","1","N/A","%SystemRoot%\ehome\ehrec /StartRecording","N/A","N/A","Habilitado","Desativado","","SERVI€O DE REDE","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Media Center\UpdateRecordPath","N/A","Pronto","Interativo/segundo plano","18/06/2016 17:18:27","0","N/A","%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)","N/A","Trabalho de configura‡Æo da PermissÆo do Gravador do Media Center privilegiado","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa para iniciar o Diagn¢stico de Mem¢ria","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa para iniciar o Diagn¢stico de Mem¢ria","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\MobilePC\HotStart","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:07:39","0","Microsoft Corporation","Manipulador COM","N/A","Inicia aplicativos configurados para o Windows HotStart","Habilitado","Desativado","","Usu rios autenticados","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\MUI\LPRemove","N/A","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\lpremove.exe ","N/A","Inicie a ferramenta de limpeza de idioma","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 10 minutos Interromper a tarefa se o estado ocioso terminar","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","09:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Multimedia\SystemSoundsService","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 10:07:39","267009","N/A","Manipulador COM","N/A","Agente do Modo de Usu rio de Sons do Sistema","Habilitado","Desativado","","Usu rios","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\NetTrace\GatherNetworkInfo","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft","%windir%\system32\gatherNetworkInfo.vbs ","$(Arg1)","Coletor de informa‡äes de rede","Habilitado","Desativado","Parar se estiver usando baterias","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Offline Files\Background Synchronization","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa controla a sincroniza‡Æo peri¢dica em segundo plano dos Arquivos Offline quando o usu rio trabalha em um modo offline.","Desativado","Desativado","","Usu rios autenticados","Desativado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","01/01/2008","N/A","N/A","N/A","6 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\Offline Files\Logon Synchronization","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa inicializa a sincroniza‡Æo de Arquivos Offline quando um usu rio faz logon no sistema.","Desativado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Usu rios autenticados","Desativado","24:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa Ociosa de Rastreamento de Desempenho: avaliador de configura‡Æo de Segundo Plano","Desativado","Desativado","NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No tempo ocioso","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Tarefa Ociosa de Rastreamento de Desempenho: avaliador de configura‡Æo de Segundo Plano","Desativado","Desativado","NÆo iniciar se estiver usando baterias","SERVI€O LOCAL","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:00:00","30/05/2008","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem","04/07/2017 07:57:19","Desconhecido","Interativo/segundo plano","31/05/2017 16:53:02","0","Microsoft Corporation","%SystemRoot%\System32\powercfg.exe -energy -auto","N/A","Esse trabalho analisa o sistema em busca de condi‡äes que podem causar alto uso de energia.","Habilitado","Iniciar apenas se ficar ocioso por 5 minutos, Se nÆo estiver ocioso, tente novamente por 120 minutos","","SISTEMA","Habilitado","00:05:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","06:00:00","01/01/2008","N/A","A cada 14 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\RAC\RacTask","21/06/2017 12:13:48","Pronto","Interativo/segundo plano","21/06/2017 10:03:27","0","Microsoft Corporation","Manipulador COM","N/A","Tarefa An lise de Confiabilidade da Microsoft para processar dados de confiabilidade do sistema.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\RAC\RacTask","21/06/2017 12:06:56","Pronto","Interativo/segundo plano","21/06/2017 10:03:27","0","Microsoft Corporation","Manipulador COM","N/A","Tarefa An lise de Confiabilidade da Microsoft para processar dados de confiabilidade do sistema.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","31/03/2008","N/A","N/A","N/A","1 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Ras\MobilityManager","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Fornece suporte para a comuta‡Æo de conexäes VPN habilitadas para a mobilidade, caso suas interfaces subjacentes estejam fora do ar.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Registry\RegIdleBackup","22/06/2017 00:14:00","Pronto","Interativo/segundo plano","14/06/2017 19:21:21","0","Microsoft Corporation","Manipulador COM","N/A","Tarefa de Backup de Ociosidade no Registro","Habilitado","Iniciar apenas se ficar ocioso por 3 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos Interromper a tarefa se o estado ocioso terminar","","SISTEMA","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","00:00:00","01/01/2008","N/A","A cada 10 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask","N/A","Pronto","Interativo/segundo plano","05/06/2017 13:38:41","0","Microsoft","%windir%\system32\RAServer.exe /offerraupdate","%windir%","Verifica se h altera‡äes pertinentes … Assistˆncia Remota nas diretivas de grupo","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask","N/A","Pronto","Interativo/segundo plano","05/06/2017 13:38:41","0","Microsoft","%windir%\system32\RAServer.exe /offerraupdate","%windir%","Verifica se h altera‡äes pertinentes … Assistˆncia Remota nas diretivas de grupo","Habilitado","Desativado","Parar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Shell\WindowsParentalControls","Desativado","","Interativo/segundo plano","N/A","1","Microsoft","Manipulador COM","N/A","Notifica‡äes para a‡äes realizadas pelos Controles dos Pais do Windows.","Desativado","Desativado","","Usu rios autenticados","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Shell\WindowsParentalControlsMigration","Desativado","","Interativo/segundo plano","14/07/2009 01:54:03","0","Microsoft","Manipulador COM","N/A","Migra‡Æo para o Controles dos Pais do Windows.","Desativado","Desativado","","SISTEMA","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\SideShow\AutoWake","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa ativa o computador automaticamente e o coloca em suspensÆo quando a ativa‡Æo autom tica em um dispositivo compat¡vel com Windows SideShow est ativada.","Desativado","Desativado","","SERVI€O LOCAL","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\SideShow\GadgetManager","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa gerencia e sincroniza metadados dos gadgets instalados em um dispositivo compat¡vel com Windows SideShow.","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\SideShow\SessionAgent","Desativado","NÆo foi poss¡vel iniciar","Interativo/segundo plano","26/05/2016 23:44:27","-2147023729","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa gerencia o comportamento da sessÆo quando v rias contas de usu rio existem em um dispositivo compat¡vel com Windows SideShow.","Desativado","Desativado","","Usu rios","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\SideShow\SystemDataProviders","Desativado","NÆo foi poss¡vel iniciar","Interativo/segundo plano","26/05/2016 23:44:42","-2147023729","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa fornece dados do sistema para o rel¢gio, a fonte de energia, a potˆncia da rede sem fio e o volume em um dispositivo compat¡vel com Windows SideShow.","Desativado","Desativado","","SERVI€O LOCAL","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","sc.exe start sppsvc","N/A","Esta tarefa reinicia o servi‡o Plataforma de Prote‡Æo de Software na hora especificada","Desativado","Desativado","","SERVI€O DE REDE","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","00:00:00","01/01/2004","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\SystemRestore\SR","22/06/2017 00:00:00","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation","N/A","Esta tarefa cria pontos de prote‡Æo do sistema regulares.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","00:00:00","14/06/2005","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"EXAME-PC","\Microsoft\Windows\SystemRestore\SR","22/06/2017 00:00:00","Desconhecido","Interativo/segundo plano","20/06/2017 21:19:17","0","Microsoft Corporation","%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation","N/A","Esta tarefa cria pontos de prote‡Æo do sistema regulares.","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Na inicializa‡Æo do sistema","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Task Manager\Interactive","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Executa uma tarefa como o usu rio interativo.","Habilitado","Desativado","","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Tcpip\IpAddressConflict1","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem","N/A","Este evento ‚ disparado quando um conflito de endere‡os IP ‚ detectado.","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\Tcpip\IpAddressConflict2","N/A","Pronto","Interativo/segundo plano","08/05/2017 10:42:51","0","Microsoft Corporation","%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem","N/A","Este evento ‚ disparado quando um conflito de endere‡os IP ‚ detectado.","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\TextServicesFramework\MsCtfMonitor","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 10:07:39","267009","N/A","Manipulador COM","N/A","TextServicesFramework monitor task","Habilitado","Desativado","","Usu rios","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Time Synchronization\SynchronizeTime","25/06/2017 01:00:00","Pronto","Interativo/segundo plano","18/06/2017 11:47:12","0","Microsoft Corporation","%windir%\system32\sc.exe start w32time task_started","N/A","Mant‚m sincroniza‡Æo de data e hora em todos os clientes e servidores da rede. Se este servi‡o for interrompido, a sincroniza‡Æo nÆo ficar dispon¡vel. Se este servi‡o for desativado, os servi‡os que dele dependem explicitamente nÆo serÆo iniciados.","Habilitado","Desativado","Parar se estiver usando baterias","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Semanalmente","01:00:00","01/01/2005","N/A","SUN","A cada 1 semana(s)","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\UPnP\UPnPHostConfig","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft","sc.exe config upnphost start= auto","N/A","Definir servi‡o UPnPHost para que seja iniciado automaticamente","Habilitado","Desativado","Parar se estiver usando baterias, NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\User Profile Service\HiveUploadTask","Desativado","","Interativo/segundo plano","N/A","1","Microsoft Corporation","Manipulador COM","N/A","Essa tarefa carregar automaticamente um hive do Registro de perfil de usu rio de roaming para seu local de rede.","Desativado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 120 minutos","Parar se estiver usando baterias","SISTEMA","Desativado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente uma vez, Hor ria ","00:00:00","28/08/2007","N/A","N/A","N/A","12 hora(s), 0 minuto(s)","Nenhum","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\WDI\ResolutionHost","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 11:03:35","267009","Microsoft Corporation","Manipulador COM","N/A","O host de Solu‡Æo de Infraestrutura de Diagn¢stico do Windows permite solu‡äes interativas para problemas de sistemas detectados pelo Servi‡o de Diretiva de Diagn¢stico. disparado quando necess rio pelo Servi‡o de Diretiva de Diagn¢stico na sessÆo de ","Habilitado","Desativado","","INTERATIVO","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Somente sob demanda","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Windows Error Reporting\QueueReporting","N/A","Pronto","Interativo/segundo plano","21/06/2017 10:20:40","0","Microsoft Corporation","%windir%\system32\wermgr.exe -queuereporting","N/A","Tarefa do Relat¢rio de Erros do Windows para processar relat¢rios enfileirados.","Habilitado","Desativado","","Usu rios","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation","%windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange","N/A","Esta tarefa ajusta o tipo de inicializa‡Æo de servi‡os acionado por firewall quando o tipo de inicializa‡Æo do Mecanismo de Filtragem Base (BFE) est desabilitado.","Habilitado","Desativado","","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Windows Media Sharing\UpdateLibrary","N/A","Pronto","Interativo/segundo plano","N/A","1","Microsoft Corporation",""%ProgramFiles%\Windows Media Player\wmpnscfg.exe" ","N/A","Esta tarefa atualiza a lista de pastas em cache e as permissäes de seguran‡a nos novos arquivos da biblioteca de m¡dia compartilhada de um usu rio.","Habilitado","Desativado","","Usu rios autenticados","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A" =>.Microsoft Corporation
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\WindowsBackup\ConfigNotification","22/06/2017 10:00:00","Pronto","Interativo/segundo plano","21/06/2017 10:00:01","0","Microsoft Corporation","%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION","N/A","Esta tarefa agendada notifica o usu rio de que o Backup do Windows nÆo foi configurado.","Habilitado","Desativado","","SERVI€O LOCAL","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","10:00:00","11/02/2011","N/A","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\WindowsColorSystem\Calibration Loader","Desativado","","Interativo/segundo plano","14/07/2009 01:54:01","0","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa se aplica …s configura‡äes de calibragem de cor.","Desativado","Desativado","","Usu rios","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"EXAME-PC","\Microsoft\Windows\WindowsColorSystem\Calibration Loader","Desativado","","Interativo/segundo plano","14/07/2009 01:54:01","0","Microsoft Corporation","Manipulador COM","N/A","Esta tarefa se aplica …s configura‡äes de calibragem de cor.","Desativado","Desativado","","Usu rios","Desativado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","Quando um evento ocorrer","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows\Wininet\CacheTask","N/A","Em execu‡Æo","Interativo/segundo plano","21/06/2017 10:07:39","267009","Microsoft","Manipulador COM","N/A","Tarefa de Cache Wininet","Habilitado","Desativado","","Usu rios","Habilitado","Desativado","O agendamento de dados nÆo est dispon¡vel neste formato.","No logon","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A","N/A"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\Microsoft\Windows Defender\MP Scheduled Scan","22/06/2017 03:01:28","Pronto","Interativo/segundo plano","N/A","1","N/A","c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan","N/A","Scheduled Scan","Habilitado","Iniciar apenas se ficar ocioso por 1 minutos, Se nÆo estiver ocioso, tente novamente por 240 minutos","NÆo iniciar se estiver usando baterias","SISTEMA","Habilitado","72:00:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","03:01:28","01/01/2000","01/01/2100","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
"Nome do host","Nome da tarefa","Hora da pr¢xima execu‡Æo","Status","Modo de Logon","Hor rio da £ltima execu‡Æo","éltimo resultado","Autor","Tarefa a ser executada","Iniciar em","Coment rio","Estado de tarefa agendada","Tempo Ocioso","Gerenciamento de Energia","Executar como Usu rio","Excluir tarefa se nÆo for reagendada","Interromper tarefa se for executada X horas e X minutos","Agendar","Tipo de Agendamento","Hora de in¡cio","Data de in¡cio","Data de t‚rmino","Dias","Meses","Repetir: a cada","Repetir: at‚: hor rio","Repetir: at‚: dura‡Æo","Repetir: parar se ainda estiver em execu‡Æo"
"EXAME-PC","\WPD\SqmUpload_S-1-5-21-2157787958-2153105667-2115196349-1000","N/A","Pronto","Interativo apenas","N/A","1","Microsoft Corporation","%windir%\system32\rundll32.exe portabledeviceapi.dll,#1","N/A","This task uploads Customer Experience Improvement Program (CEIP) data for Portable Devices","Habilitado","Iniciar apenas se ficar ocioso por 10 minutos, Se nÆo estiver ocioso, tente novamente por 1380 minutos","NÆo iniciar se estiver usando baterias","exame-PC\exame","Habilitado","00:15:00","O agendamento de dados nÆo est dispon¡vel neste formato.","Di rio ","12:00:00","01/01/2008","02/05/2015","A cada 1 dia(s)","N/A","Desativado","Desativado","Desativado","Desativado"
~ DNS: Scanned in 00mn 02s
---\\ Exportar as chaves do registo aleatórias (091)
[HKCU\Software\0E878C6C46213496749D767AE37D5585]:d="20160711"
[HKCU\Software\F7DC9720542D86003ED29446949A333F]:d="20160618"
[HKLM\Software\0E878C6C46213496749D767AE37D5585]:="{9DC74CD5-24EA-4ADE-9C42-608A8CE17116}"
~ Export Key Software: Scanned in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 19/06/2017 272384 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/2016 154440 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/2016 154440 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 02/06/2015 2904864 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 25/07/2016 324224 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 25/04/2017 83056 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/02/2011 135168 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
SR - | Auto 31/03/2011 72864 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 23/01/2016 1855488 | (COMLegService) . (...) - C:\Program Files\Legendas-3.5\srvlegendas.exe
SR - | Auto 19/09/2016 36648 | (DbxSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Windows\System32\DbxSvc.exe
SR - | Auto 08/05/2017 595960 | (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
SR - | Auto 17/05/2012 126128 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc.exe
SR - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 04/07/2016 29760 | (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
SR - | Auto 01/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 08/04/2014 137528 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 01/03/2017 1993728 | (scpbradserv) . (.Scopus Soluções em TI Ltda.) - C:\Program Files\scpbrad\scpbradserv.exe
SR - | Auto 30/05/2016 150640 | (TheDesktopWeatherService) . (...) - C:\Program Files\WeatherTool\2.0.1.11389\WeatherService.exe
SR - | Auto 01/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s
---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s
---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, http://ad13.geekstog
Run by exame at 21/06/2017 11:10:03
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
---\\ Scâner Aditional (088)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 8
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files\Reimage =>Rogue.ReimageRepair^
C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair^
C:\Users\exame\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\exame\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Users\exame\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe =>P2P.BitTorrent^
[HKCU\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\F7DC9720542D86003ED29446949A333F] =>PUP.CrossRider^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKLM\Software\0E878C6C46213496749D767AE37D5585] =>PUP.CrossRider^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 277157 Items scanned in 00mn 17s
---\\ Informações complémentaires do módulos
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Barras do Internet Explorer (03))
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Scanned in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
~ MSI: 5 link(s) detected in 00mn 00s
End of the scan (1615 lines in 06mn 21s)(0.6)