~ ZHPDiag v2015.7.24.101 Por Nicolas Coolman (2015/07/24)
~ iniciado por SoulReaver (Administrator)  (2015/07/25 13:25:59)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versao:  Version OK
~ Modo: Scanner
~ Relatorio: G:\Edson\Desktop\ZHPDiag.txt
~ Relatorio: C:\Users\SoulReaver\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicializacao do sistema: Normal (Normal boot)
~ Windows 8.1, 64-bit  (Build 9600)

---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v43.0.2357.134
MFIE: Mozilla Firefox 39.0 (x86 pt-BR) v39.0
MSIE: Internet Explorer v11.0.9600.17905

---\\ Informacoes sobre os produtos Windows (4) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Generation : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Softwares de protecao do sistema (2) - 1s
Kaspersky Internet Security v14.0.0.4651
Malwarebytes Anti-Malware versão 2.1.8.1057

---\\ Softwares d'optimizacao do sistema (1) - 1s
CCleaner v5.03

---\\ Monitoramento dos softwares (1) - 1s
Adobe Flash Player 18 NPAPI

---\\ Informacoes sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 8330.044 MB (79% free)
~ System Restore: Active (Enable)
~ System drive C: has 111 GB free of 238 GB

---\\ Modo de conexao ao sistema (3) - 0s
~ Computer Name: EDSONSOULREAVER
~ User Name: SoulReaver
~ Logged in as Administrator

---\\ Enumeracao das unidades dos discos (6) - 0s
~ Drive C: has 111 GB free of 238 GB  (System)
~ Drive E: has 0 GB free of 0 GB
~ Drive F: has 104 GB free of 476 GB
~ Drive G: has 505 GB free of 953 GB
~ Drive H: has  GB free of 4 GB
~ Drive J: has 57 GB free of 476 GB

---\\ Estado do Centro de Seguranca do Windows (13) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Pesquisa particular de ficheiros genericos (22) - 0s
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2501368]
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [54784]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Aplicativo de Inicializacao do Windows.) () -- C:\Windows\System32\Wininit.exe [145920]
[MD5.98C6A46E9E2822BF83196C2EAE43DBD4] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2427392]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [76800]
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [108544]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848]
[MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [401408]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Driver de copia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [310080]

---\\ Processos lancados (17) - 1s
[MD5.2998362D1E550F0C990D77E34415BEB6] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [244736] [PID.976]
[MD5.CAC9C36B2E28F3AE76FF62EA7523D71F] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [774656] [PID.1072]
[MD5.0D2F8F4055903A762AD46204E5A42E86] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512] [PID.1784]
[MD5.7CEE2F14E0771D2354962FF07C97BB5B] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [957304] [PID.1864]
[MD5.EE8684BF88C1B74D47647802281ED085] - (.DTS, Inc - DTS Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584] [PID.1948]
[MD5.095F25F869AFDE5A213526363CBDD708] - (.Garmin Ltd. or its subsidiaries - Garmin Service.) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [713736] [PID.2008]
[MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696] [PID.2756]
[MD5.958E956E119EB7B9ABA142AFED1B5FF4] - (...) -- C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760] [PID.3100]
[MD5.EDA917548C58FA93F5357A9000D297BF] - (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe [847160] [PID.3156]
[MD5.C9E2D38B73524AF3B281299BA04E5205] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe [1005352] [PID.4288]
[MD5.532E8929C8D71E0C4DE405D8995907CF] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2895552] [PID.1744]
[MD5.B2052C5EBB8001FD68149A6C747ECF39] - (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403224] [PID.4776]
[MD5.E7D0C79E41D30D576B460875C05517FF] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1861312] [PID.4720]
[MD5.23FFE2A2FD3A9EF5FC1011431352482C] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [1346936] [PID.5088]
[MD5.7AE700179C4839F657D245319E234A06] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [838336] [PID.5012]
[MD5.6A59922E23F05792748F55C1A41E11D4] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [4621176] [PID.2424]
[MD5.AD4C3A130B20BBAAE95CF9A49A4BC6D3] - (.Kaspersky Lab ZAO - WMI x64 Helper.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe [19864] [PID.5028]

---\\ Google Chrome, Arranque,Pesquisa,Extensoes (G0,G1,G2 (14) - 0s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] __MSG_web2pdfExtnName__
G2 - GCE: Preference [User Data\Default] [hakdifolhalapjijoafobooafbilfakh] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [hghkgaeecgjhjkannahfamoehjmkjail] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [kgmpojlddncminmkddkpoegdjhojjipg] GBBD Guardiao - Itau 30 horas
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] __MSG_ExtensionName__

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensoes (P2,M0,M1,M2,M3) (19) - 1s
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.PTB
P2 - EXT FILE: (...) -- C:\Users\SoulReaver\AppData\Roaming\Mozilla\Firefox\Profiles\qb7p000t.default-1436024846404\extensions\fdm_ffext@freedownloadmanager.org
P2 - EXT FILE: (...) -- C:\Users\SoulReaver\AppData\Roaming\Mozilla\Firefox\Profiles\qb7p000t.default-1436024846404\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\SoulReaver\AppData\Roaming\Mozilla\Firefox\Profiles\qb7p000t.default-1436024846404\searchplugins\Google.xml
P2 - EXT FILE: (...) -- C:\Users\SoulReaver\AppData\Roaming\Mozilla\Firefox\Profiles\qb7p000t.default-1436024846404\searchplugins\yahoo-avast.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia.) -- C:\Users\SoulReaver\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia.) -- C:\Users\SoulReaver\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef64] - (.GAS Tecnologia.) -- C:\Users\SoulReaver\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/uni] - (.GAS Tecnologia.) -- C:\Users\SoulReaver\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.55.2] - (.Oracle Corporation.) -- C:\Windows\SysWOW64\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.55.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@photodex.com/PhotodexPresenter] - (.Photodex Corporation.) -- C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.1] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) (23) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0

---\\ Internet Explorer, Gestao do Proxy (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automatico de programas (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Redirecao do ficheiro Hosts (O1) (1) - 0s
~ Le fichier hote est sain (The hosts file is clean) (19)

---\\ Browser Helper Objects do navegador (O2) (7) - 0s
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}  (Orphean)
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: (no name) [64Bits] - {CC59E0F9-7E43-44FA-9FAA-8377850BF205}  (Orphean)
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9}  (Orphean)
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll

---\\ Aplicacoes iniciadas por registo & pastas (O4) (10) - 0s
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-21-3662118153-1271711059-27057628-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-3662118153-1271711059-27057628-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKUS\S-1-5-21-3662118153-1271711059-27057628-1001\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-21-3662118153-1271711059-27057628-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe

---\\ Alteracao Dominio/Clientes DNS (017) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.122.127.37 187.122.127.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.122.127.34 187.122.127.58
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 187.122.127.37 187.122.127.61
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 187.122.127.34 187.122.127.58

---\\ Lista dos servicos NT nao Microsoft e nao desativados (023) (16) - 0s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: Servico do Kaspersky Anti-Virus (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @oem45.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Man (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\system32\BtwRSupportService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DTSAudioSvc (DTSAudioSvc) . (.DTS, Inc - DTS Audio Service.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
O23 - Service: Garmin Device Interaction Service (Garmin Device Interaction Service) . (.Garmin Ltd. or its subsidiaries - Garmin Service.) - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Servico do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: ScsiAccess (ScsiAccess) . (...) - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) - C:\Program Files\Diebold\Warsaw\core.exe

---\\ Tarefas planificadas automaticamente (039) (27) - 2s
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [1022152]
[MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [268976]
[MD5.00000000000000000000000000000000] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.)   [0]  =>PUA.KMSpico
[MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [5503768]
[MD5.CBD4750B5096FA92EC0C51E3B9E1D3F6] [APT] [GarminUpdaterTask] (.Copyright ©  2015.) -- C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe   [19456]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.4DE6F44810BAD050AC81F45549D58F34] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe   [1173504]
[MD5.00000000000000000000000000000000] [APT] [MSIAfterburner] (...) -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (.not file.)   [0]
[MD5.CBDA873D80B478929C432BBE4029AD88] [APT] [Nero\Nero Info] (.Nero AG.) -- C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe   [3673424]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job   [902]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1104]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1108]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task   [3886]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [3790]
O39 - APT: AutoPico Daily Restart - (...) -- C:\Windows\System32\Tasks\AutoPico Daily Restart   [3714]  =>PUA.KMSpico
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC   [2782]
O39 - APT: GarminUpdaterTask - (.Copyright ©  2015.) -- C:\Windows\System32\Tasks\GarminUpdaterTask   [3556]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [3844]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [4080]
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\klcp_update   [3712]
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe   [3092]
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe   [3090]
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe   [3118]
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe   [3062]
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe   [3060]
O39 - APT: MSIAfterburner - (...) -- C:\Windows\System32\Tasks\MSIAfterburner   [3046]

---\\ Software instalados (042) (130) - 7s
O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1 - (.Garmin.) [HKLM][64Bits] -- 98157A226B40B173301B0F53C8E98C47805D5152
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Network Adapter
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Pacote de Driver do Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB   - (.Silicon Labs Software.) [HKLM][64Bits] -- D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2
O42 - Logiciel: Pacote de Driver do Windows - Dynastream Innovations, Inc. ANT LibUSB Drive - (.Dynastream Innovations, Inc..) [HKLM][64Bits] -- F9D2A789F9CFF8CEC36B544F53877C80F1F73C46
O42 - Logiciel: HP Imaging Device Functions 14.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP Solution Center 14.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Customer Participation Program 14.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: Central de Mouse e Teclado da Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center
O42 - Logiciel: Intel(R) Network Connections 17.3.57.0 - (.Intel.) [HKLM][64Bits] -- PROSetDX
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies
O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {1D1CB210-D05E-5BF4-F998-2B1903EE4323}
O42 - Logiciel: Allgemeine Runtime Files (x86) - (.Sereby Corporation.) [HKLM][64Bits] -- {1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1
O42 - Logiciel: Warsaw 1.5.2.9896 64 bits - (.GAS Tecnologia.) [HKLM][64Bits] -- {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1
O42 - Logiciel: TextPad 7 - (.Helios.) [HKLM][64Bits] -- {3DE3E4EE-F270-4A31-AB76-475515C661BD}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}
O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUSR_{45AD9785-5503-4B26-981A-AF62A355ADF2}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUSR_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}
O42 - Logiciel: ANT Drivers Installer x64 - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {9F5CE4F5-A12D-4AAD-965C-1CBD76FDA002}
O42 - Logiciel: HP Officejet 4400 K410 All-in-One Driver Software 14.0 Rel. 7 - (.HP.) [HKLM][64Bits] -- {A1CD82D5-3758-4214-93D1-4C8B55D9998F}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}
O42 - Logiciel: Intel(R) Network Connections 17.3.57.0 - (.Intel.) [HKLM][64Bits] -- {D2B1C10F-369B-40BC-B550-271F968C5EE0}
O42 - Logiciel: ANT Drivers Installer x64 - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {E72458E7-8996-4D74-B178-3A3EE9095ACF}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F2A7CE36-57BF-5C86-952D-90DBF3746D82}
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854}
O42 - Logiciel: MouseCraft - (.GOG.com.) [HKLM][64Bits] -- 1207664833_is1
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
O42 - Logiciel: Dead Rising 3 - (...) [HKLM][64Bits] -- Dead Rising 3_is1
O42 - Logiciel: FormatFactory 3.5.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Free Download Manager 3.9.2 - (.FreeDownloadManager.ORG.) [HKLM][64Bits] -- Free Download Manager_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}
O42 - Logiciel: K-Lite Codec Pack 10.7.1 Full - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM][64Bits] -- Marvell Miniport Driver
O42 - Logiciel: Mozilla Firefox 39.0 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mp3tag v2.66 - (.Florian Heidenreich.) [HKLM][64Bits] -- Mp3tag
O42 - Logiciel: musikCube 1.1 - (.Casey Langen.) [HKLM][64Bits] -- musikCube
O42 - Logiciel: Photodex Presenter - (.Photodex Corporation.) [HKLM][64Bits] -- Photodex Presenter
O42 - Logiciel: ProShow Producer - (.Photodex Corporation.) [HKLM][64Bits] -- ProShow Producer
O42 - Logiciel: Raptr - (...) [HKLM][64Bits] -- Raptr
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: Hitman: Absolution - (.IO Interactive.) [HKLM][64Bits] -- Steam App 203140
O42 - Logiciel: Styx: Master of Shadows - (.Cyanide Studio.) [HKLM][64Bits] -- Steam App 242640
O42 - Logiciel: Pool Nation - (.Cherry Pop Games.) [HKLM][64Bits] -- Steam App 254440
O42 - Logiciel: Sleeping Dogs: Definitive Edition - (.United Front Games.) [HKLM][64Bits] -- Steam App 307690
O42 - Logiciel: Darksiders - (.Vigil Games.) [HKLM][64Bits] -- Steam App 50620
O42 - Logiciel: Techgzone DX2 1.00 - (.Techgzone.com.) [HKLM][64Bits] -- Techgzone DX2 1.00
O42 - Logiciel: TRC-Brasil 14.12 2014-12-24 - (.Projeto Tracksource Brasil.) [HKLM][64Bits] -- Tracksource Roteável Completo - TRC-Brasil_is1
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay
O42 - Logiciel: Assassin's Creed Rogue - (.Ubisoft.) [HKLM][64Bits] -- Uplay Install 895
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Nero MediaHome - (.Nero AG.) [HKLM][64Bits] -- {0215ACE5-DEC8-4486-A3EA-B8B08A6CF5FD}
O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM][64Bits] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A}
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {0B67C0D3-AE80-40A0-8727-32D22230A693}
O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {0C262DA4-9A45-4154-976D-7AE94109DC4F}
O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {0db152f6-3b8d-4363-aedd-374ee54d33ba}
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47}
O42 - Logiciel: Nero Abstract Themes - (.Nero AG.) [HKLM][64Bits] -- {150D88F1-40AF-4678-A39D-BCE2332F34E5}
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D}
O42 - Logiciel: Aplicativo Itau - (.Banco Itau.) [HKLM][64Bits] -- {21E81FB2-C9F3-4F6E-B475-C03B8D4F0CA4}
O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {22124B84-93B2-4603-B212-146665E4B6B1}
O42 - Logiciel: Nero Video Transitions 1 - (.Nero AG.) [HKLM][64Bits] -- {22856BC3-F893-4CBF-95F2-E1F63CD2B1AB}
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0}
O42 - Logiciel: Java(TM) 6 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216045FF}
O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF}
O42 - Logiciel: Nero Cliparts - (.Nero AG.) [HKLM][64Bits] -- {29E2C1C6-D76A-41D3-980F-6E346AA9A6A8}
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B}
O42 - Logiciel: Nero Burning Core - (.Nero AG.) [HKLM][64Bits] -- {2B3D9A2C-581B-4CE4-B16A-82BB2A8A0A39}
O42 - Logiciel: Garmin BaseCamp - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {31A67F6C-D79D-47B9-9F0B-13C0FCF3C3A8}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {38BC5B60-4E70-470A-AE76-E06C15700C68}
O42 - Logiciel: Garmin USB Drivers - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}
O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {3ee9d193-ab0b-47f1-a31c-cce4678679ce}
O42 - Logiciel: Nero PiP Effects 1 - (.Nero AG.) [HKLM][64Bits] -- {4D25D881-7183-462F-95C8-990CA1944E0B}
O42 - Logiciel: Nero Holiday and Sports Themes - (.Nero AG.) [HKLM][64Bits] -- {504D84ED-AE75-4F85-A68B-BB3D4CB3E169}
O42 - Logiciel: Nero 2015 Content Pack - (.Nero AG.) [HKLM][64Bits] -- {55192BC6-EDBA-4F48-A2C4-3D164E41AF55}
O42 - Logiciel: Garmin Express Tray - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {557486A3-48C6-426E-A717-358A75DD27D9}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Nero Disc to Device - (.Nero AG.) [HKLM][64Bits] -- {6662156E-31EE-4A90-A49A-26E30BF7A6F2}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6EEF61AB-CC0B-4917-A3F2-97902CD11073}
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {6F6873E3-5C92-4049-B511-231A138DD090}
O42 - Logiciel: Nero 2015 - (.Nero AG.) [HKLM][64Bits] -- {763EF8DC-4CC0-47CA-BE1C-BDE731462250}
O42 - Logiciel: Nero Football (Soccer) Themes - (.Nero AG.) [HKLM][64Bits] -- {7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {80407BA7-7763-4395-AB98-5233F1B34E65}
O42 - Logiciel: Nero Retro Film Themes - (.Nero AG.) [HKLM][64Bits] -- {83A4E573-E2C2-46FB-9DA6-6A2BBBF5A588}
O42 - Logiciel: Nero Platinum Effects 12 - (.Nero AG.) [HKLM][64Bits] -- {8B5AD338-7ABC-4ECB-9C2C-687F84AEDDB1}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: Nero Family and Events Themes - (.Nero AG.) [HKLM][64Bits] -- {955BF340-C379-4375-AA2F-F3BCB2A498AB}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {9D780839-6E97-4E2A-A5F7-711AF221B609}
O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {A6227383-A4A9-4486-BB79-34AEBC34D987}
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {A8E6436B-9B20-4764-98C1-5A09FD39553E}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}
O42 - Logiciel: Nero Device Updates - (.Nero AG.) [HKLM][64Bits] -- {ABA7F64A-8CEB-4B59-84D9-B4D98CCD32D4}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Adobe Acrobat XI Pro - (.Adobe Systems.) [HKLM][64Bits] -- {AC76BA86-1033-FFFF-7760-000000000006}
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26}
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {B3756FCF-13D3-460B-88D5-33CB88CE6CFA}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM][64Bits] -- {B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}
O42 - Logiciel: Nero Info - (.Nero AG.) [HKLM][64Bits] -- {B791E0AB-87A9-41A4-8D98-D13C2E37D928}
O42 - Logiciel: DarksidersInstaller - (.THQ.) [HKLM][64Bits] -- {B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}
O42 - Logiciel: SmartShare - (.LG Electronics Inc..) [HKLM][64Bits] -- {BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Image Samples - (.Nero AG.) [HKLM][64Bits] -- {C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A}
O42 - Logiciel: Nero Disc Menus 3 - (.Nero AG.) [HKLM][64Bits] -- {CE675FBD-75C3-45F1-B6AF-8D250861D536}
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74}
O42 - Logiciel: Nero Disc Menus 1 - (.Nero AG.) [HKLM][64Bits] -- {EEBF1676-AF87-4266-93D8-0C14A34C4217}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Nero Disc Menus 2 - (.Nero AG.) [HKLM][64Bits] -- {FE81E6B5-652B-40E7-B3B2-7171C6F297DA}

---\\ HKCU & HKLM Software Keys (147) - 7s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\Bigasoft
HKLM\SOFTWARE\Wow6432Node\CLSID
HKLM\SOFTWARE\Wow6432Node\Cyberlink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\DT Soft
HKLM\SOFTWARE\Wow6432Node\Faasoft
HKLM\SOFTWARE\Wow6432Node\Filseclab
HKLM\SOFTWARE\Wow6432Node\Florian Heidenreich
HKLM\SOFTWARE\Wow6432Node\FreeDownloadManager.ORG
HKLM\SOFTWARE\Wow6432Node\Garmin
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\GOG.com
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Helios
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\LAV64
HKLM\SOFTWARE\Wow6432Node\LG Electronics Inc.
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Marvell
HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Photodex Media Sources
HKLM\SOFTWARE\Wow6432Node\Photodex Presenter
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\Raptr
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\square enix
HKLM\SOFTWARE\Wow6432Node\Time4Popcorn
HKLM\SOFTWARE\Wow6432Node\Ubisoft
HKLM\SOFTWARE\Wow6432Node\Unwinder
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\Windows
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\4kdownload.com
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Aplicativo Itau
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\BcmSetup
HKCU\SOFTWARE\Bigasoft
HKCU\SOFTWARE\Bitdefender
HKCU\SOFTWARE\Bogosoft
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Crystal Dynamics
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DarkEnergy
HKCU\SOFTWARE\Deep Silver
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DT Soft
HKCU\SOFTWARE\EMU
HKCU\SOFTWARE\EvJOSoft
HKCU\SOFTWARE\Faasoft
HKCU\SOFTWARE\FreeDownloadManager.ORG
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Garmin
HKCU\SOFTWARE\GbAs
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\GOG.com
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\IO Interactive
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\LAV
HKCU\SOFTWARE\LGE
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\musikCube
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Northcode Inc
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Photodex
HKCU\SOFTWARE\Photodex Media Sources
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Plex, Inc.
HKCU\SOFTWARE\Raptr
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Tribo Gamer
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VooFoo Studios
HKCU\SOFTWARE\Widcomm
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Xirrus
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Macromedia

---\\ Conteudo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) (242) - 4s
O43 - CFD: 2015/03/07 08:52:46 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/03/16 20:32:08 - [] D -- C:\Program Files (x86)\AMD
O43 - CFD: 2014/05/02 12:51:51 - [] D -- C:\Program Files (x86)\AMD AVT
O43 - CFD: 2014/05/02 12:51:30 - [] D -- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 2015/07/21 20:37:21 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/05/02 13:13:34 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 2014/09/13 16:45:08 - [] D -- C:\Program Files (x86)\Dead Rising 3
O43 - CFD: 2015/04/23 21:05:45 - [] D -- C:\Program Files (x86)\Diebold
O43 - CFD: 2014/05/02 14:34:42 - [] D -- C:\Program Files (x86)\Free Download Manager
O43 - CFD: 2015/01/07 12:41:54 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/07/24 18:34:35 - [] D -- C:\Program Files (x86)\Garmin
O43 - CFD: 2015/04/23 21:05:45 - [] D -- C:\Program Files (x86)\GAS Tecnologia
O43 - CFD: 2014/07/02 22:39:40 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2014/05/05 22:48:39 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 2015/05/28 21:40:07 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2014/05/02 18:25:28 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/15 22:05:01 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/05/20 20:25:32 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/09/17 19:53:08 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2014/05/10 10:00:15 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2015/01/10 20:31:55 - [] D -- C:\Program Files (x86)\LG Software
O43 - CFD: 2015/07/18 15:14:41 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/02/19 20:05:52 - [] D -- C:\Program Files (x86)\Marvell
O43 - CFD: 2014/05/05 22:50:44 - [0] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 2014/05/02 13:19:29 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2014/05/02 13:19:27 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/05/13 19:41:14 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/05/02 13:20:15 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2014/08/11 20:25:12 - [] D -- C:\Program Files (x86)\Microsoft XNA
O43 - CFD: 2014/05/13 20:23:20 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/08 19:24:11 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/11 09:46:52 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/12/16 09:42:12 - [] D -- C:\Program Files (x86)\MP3Gain
O43 - CFD: 2014/12/16 09:55:11 - [] D -- C:\Program Files (x86)\Mp3tag
O43 - CFD: 2014/02/28 19:30:14 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2014/10/07 19:35:02 - [] D -- C:\Program Files (x86)\MSI Afterburner
O43 - CFD: 2015/02/21 16:38:42 - [] D -- C:\Program Files (x86)\musikCube_1.1
O43 - CFD: 2015/01/15 18:51:04 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2014/05/02 14:26:14 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information
O43 - CFD: 2014/08/12 21:46:18 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2014/12/25 17:44:16 - [] D -- C:\Program Files (x86)\Photodex
O43 - CFD: 2014/12/25 17:46:51 - [] D -- C:\Program Files (x86)\Photodex Presenter
O43 - CFD: 2014/08/02 15:30:30 - [] D -- C:\Program Files (x86)\Plex
O43 - CFD: 2015/05/18 20:43:50 - [] D -- C:\Program Files (x86)\Raptr
O43 - CFD: 2014/09/16 21:02:57 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2014/02/28 19:30:14 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/07/25 13:22:54 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2014/08/11 20:22:04 - [] D -- C:\Program Files (x86)\Techgzone.com
O43 - CFD: 2014/09/16 21:03:23 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2015/02/19 21:04:13 - [] D -- C:\Program Files (x86)\THQ
O43 - CFD: 2014/05/14 20:34:52 - [] D -- C:\Program Files (x86)\Time4Popcorn
O43 - CFD: 2015/01/08 08:30:02 - [] D -- C:\Program Files (x86)\Tracksource
O43 - CFD: 2015/06/13 13:21:46 - [] D -- C:\Program Files (x86)\Tribo Gamer
O43 - CFD: 2015/03/07 10:25:52 - [] D -- C:\Program Files (x86)\Ubisoft
O43 - CFD: 2015/02/28 16:25:12 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/03/10 21:54:58 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 12:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/03/16 18:31:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/03/16 18:31:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/09 22:03:18 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/03/16 20:32:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 2015/03/16 20:33:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
O43 - CFD: 2015/03/16 20:24:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/05/02 14:19:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft
O43 - CFD: 2014/05/02 13:13:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2014/09/13 16:44:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Rising 3
O43 - CFD: 2014/05/02 14:34:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
O43 - CFD: 2015/07/24 18:34:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
O43 - CFD: 2014/07/02 22:39:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2014/12/21 16:55:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
O43 - CFD: 2014/08/16 16:26:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2014/05/20 19:54:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/09/17 19:53:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2015/01/10 20:32:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Software
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/18 15:14:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/17 21:13:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/05/12 22:01:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2014/07/12 20:44:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseCraft [GOG.com]
O43 - CFD: 2014/12/16 09:42:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
O43 - CFD: 2014/12/16 09:55:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
O43 - CFD: 2015/02/21 16:38:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\musikCube
O43 - CFD: 2015/01/15 18:51:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 2014/05/14 20:34:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
O43 - CFD: 2014/12/27 11:54:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
O43 - CFD: 2015/01/15 18:58:12 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2014/05/02 15:40:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2015/03/16 18:31:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/09/30 00:54:53 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/04/14 19:59:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TextPad
O43 - CFD: 2015/02/19 21:04:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
O43 - CFD: 2015/01/08 08:30:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackSource
O43 - CFD: 2015/06/13 13:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer
O43 - CFD: 2015/02/28 16:25:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2014/05/02 14:09:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/03/07 08:52:46 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/03/16 20:32:29 - [] D -- C:\ProgramData\AMD
O43 - CFD: 2014/08/02 14:54:38 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/03/16 20:32:02 - [] D -- C:\ProgramData\ATI
O43 - CFD: 2015/04/23 18:55:18 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2015/05/28 21:40:03 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2014/05/02 12:10:58 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 2014/05/02 13:17:44 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2014/05/02 12:10:58 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/05/02 14:34:46 - [] D -- C:\ProgramData\Free Download Manager
O43 - CFD: 2015/07/24 18:34:31 - [] D -- C:\ProgramData\Garmin
O43 - CFD: 2015/07/01 19:17:18 - [] D -- C:\ProgramData\GAS Tecnologia
O43 - CFD: 2015/04/30 23:14:23 - [] D -- C:\ProgramData\gbas
O43 - CFD: 2014/05/05 22:50:13 - [] D -- C:\ProgramData\HP
O43 - CFD: 2014/05/05 22:48:43 - [] D -- C:\ProgramData\HP Product Assistant
O43 - CFD: 2014/05/02 18:25:29 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/07/25 13:22:48 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2015/01/10 20:32:31 - [] D -- C:\ProgramData\LG Software
O43 - CFD: 2014/08/14 20:12:04 - [] D -- C:\ProgramData\Logs
O43 - CFD: 2015/07/18 15:14:40 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/05/02 12:10:58 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2015/04/14 22:15:59 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/17 23:44:53 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/05/02 12:10:58 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2014/05/02 13:49:59 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/01/15 19:19:21 - [] D -- C:\ProgramData\Nero
O43 - CFD: 2014/07/07 20:02:56 - [] D -- C:\ProgramData\Orbit
O43 - CFD: 2015/03/14 07:50:21 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2015/07/24 18:34:23 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/05/02 14:26:15 - [] D -- C:\ProgramData\PDVD
O43 - CFD: 2014/12/25 20:28:56 - [] D -- C:\ProgramData\Photodex
O43 - CFD: 2015/03/07 08:53:07 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/05/02 17:46:02 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2014/05/17 14:56:23 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/05/28 21:39:32 - [] D -- C:\ProgramData\SUPPORTDIR
O43 - CFD: 2015/03/15 14:03:12 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/05/05 22:49:36 - [] D -- C:\ProgramData\WEBREG
O43 - CFD: 2015/05/22 20:28:15 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 2015/03/07 08:53:07 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/05/02 12:51:51 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 2014/05/03 18:57:26 - [] D -- C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 2014/05/05 22:48:28 - [] D -- C:\Program Files (x86)\Common Files\HP
O43 - CFD: 2014/05/02 12:32:36 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2014/05/20 19:54:29 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/08/11 20:25:12 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/01/15 18:51:14 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2014/05/02 18:25:02 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/07/25 13:22:57 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2015/03/16 18:31:41 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2014/10/12 09:56:26 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2015/02/24 20:14:56 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Adobe
O43 - CFD: 2015/03/18 22:24:45 - [] D -- C:\Users\SoulReaver\AppData\Roaming\AMD
O43 - CFD: 2014/11/13 19:25:10 - [] D -- C:\Users\SoulReaver\AppData\Roaming\AnvSoft
O43 - CFD: 2014/08/02 14:55:05 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Apple Computer
O43 - CFD: 2014/05/02 12:54:06 - [] D -- C:\Users\SoulReaver\AppData\Roaming\ATI
O43 - CFD: 2014/11/12 19:41:04 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Bigasoft Audio Converter 4
O43 - CFD: 2015/02/24 20:14:53 - [] D -- C:\Users\SoulReaver\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
O43 - CFD: 2014/06/15 12:43:06 - [] D -- C:\Users\SoulReaver\AppData\Roaming\CyberLink
O43 - CFD: 2015/06/12 19:49:54 - [] D -- C:\Users\SoulReaver\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2014/11/13 18:57:58 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Faasoft Audio Converter
O43 - CFD: 2015/07/23 20:20:58 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Free Download Manager
O43 - CFD: 2015/01/08 08:38:34 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Garmin
O43 - CFD: 2015/04/14 19:59:46 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Helios
O43 - CFD: 2014/05/05 22:49:37 - [] D -- C:\Users\SoulReaver\AppData\Roaming\HP
O43 - CFD: 2015/03/16 20:17:48 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Identities
O43 - CFD: 2014/05/02 13:09:48 - [] D -- C:\Users\SoulReaver\AppData\Roaming\InstallShield
O43 - CFD: 2014/05/02 12:52:36 - [] D -- C:\Users\SoulReaver\AppData\Roaming\library_dir
O43 - CFD: 2014/05/02 12:37:09 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Macromedia
O43 - CFD: 2015/06/20 14:47:16 - [] SD -- C:\Users\SoulReaver\AppData\Roaming\Microsoft
O43 - CFD: 2014/05/09 22:47:08 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Mozilla
O43 - CFD: 2015/07/03 21:09:15 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Mp3tag
O43 - CFD: 2015/01/15 19:19:22 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Nero
O43 - CFD: 2014/05/09 22:47:08 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Netscape
O43 - CFD: 2014/05/09 22:46:23 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Photodex
O43 - CFD: 2015/07/03 20:55:43 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Raptr
O43 - CFD: 2014/09/13 16:46:14 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Steam
O43 - CFD: 2015/03/07 10:43:07 - [] D -- C:\Users\SoulReaver\AppData\Roaming\uplay
O43 - CFD: 2015/07/03 20:32:16 - [] D -- C:\Users\SoulReaver\AppData\Roaming\vlc
O43 - CFD: 2014/05/02 17:46:02 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Wayforward Technologies
O43 - CFD: 2014/05/02 14:09:30 - [] D -- C:\Users\SoulReaver\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/25 13:26:04 - [] D -- C:\Users\SoulReaver\AppData\Roaming\ZHP
O43 - CFD: 2015/05/15 22:17:38 - [] D -- C:\Users\SoulReaver\AppData\Local\4kdownload.com
O43 - CFD: 2015/07/01 19:16:08 - [] D -- C:\Users\SoulReaver\AppData\Local\Adobe
O43 - CFD: 2014/08/02 14:55:05 - [] D -- C:\Users\SoulReaver\AppData\Local\Apple Computer
O43 - CFD: 2014/05/02 12:54:06 - [] D -- C:\Users\SoulReaver\AppData\Local\ATI
O43 - CFD: 2014/05/02 13:02:36 - [] D -- C:\Users\SoulReaver\AppData\Local\Broadcom
O43 - CFD: 2015/07/21 20:40:12 - [] D -- C:\Users\SoulReaver\AppData\Local\CEF
O43 - CFD: 2015/07/21 20:37:47 - [0] D -- C:\Users\SoulReaver\AppData\Local\Comodo
O43 - CFD: 2014/05/02 14:26:15 - [] D -- C:\Users\SoulReaver\AppData\Local\CyberLink
O43 - CFD: 2014/05/02 12:14:46 - [0] SHD -- C:\Users\SoulReaver\AppData\Local\Dados de Aplicativos
O43 - CFD: 2015/02/19 21:07:55 - [] D -- C:\Users\SoulReaver\AppData\Local\Darksiders
O43 - CFD: 2014/05/10 10:29:04 - [] D -- C:\Users\SoulReaver\AppData\Local\Darksiders2
O43 - CFD: 2015/05/26 21:34:04 - [0] D -- C:\Users\SoulReaver\AppData\Local\Diagnostics
O43 - CFD: 2015/04/21 10:15:26 - [] D -- C:\Users\SoulReaver\AppData\Local\Downloaded Installations
O43 - CFD: 2015/07/18 15:40:26 - [0] D -- C:\Users\SoulReaver\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/01/08 08:43:16 - [] D -- C:\Users\SoulReaver\AppData\Local\Garmin
O43 - CFD: 2015/01/08 08:38:33 - [] D -- C:\Users\SoulReaver\AppData\Local\GARMIN_Corp
O43 - CFD: 2015/07/24 18:36:00 - [] D -- C:\Users\SoulReaver\AppData\Local\Garmin_Ltd._or_its_subsid
O43 - CFD: 2014/07/31 18:58:17 - [] D -- C:\Users\SoulReaver\AppData\Local\GAS Tecnologia
O43 - CFD: 2015/07/21 20:37:47 - [] D -- C:\Users\SoulReaver\AppData\Local\Google
O43 - CFD: 2014/05/02 12:14:46 - [0] SHD -- C:\Users\SoulReaver\AppData\Local\Historico
O43 - CFD: 2014/05/05 22:49:37 - [] D -- C:\Users\SoulReaver\AppData\Local\HP
O43 - CFD: 2014/05/02 13:53:12 - [] D -- C:\Users\SoulReaver\AppData\Local\Macromedia
O43 - CFD: 2015/03/17 22:05:54 - [] D -- C:\Users\SoulReaver\AppData\Local\MetaGeek,_LLC
O43 - CFD: 2015/03/16 20:17:48 - [] D -- C:\Users\SoulReaver\AppData\Local\Microsoft
O43 - CFD: 2015/07/03 21:09:15 - [0] D -- C:\Users\SoulReaver\AppData\Local\Microsoft Help
O43 - CFD: 2015/03/11 20:52:59 - [] D -- C:\Users\SoulReaver\AppData\Local\MinhaBox.br
O43 - CFD: 2014/05/02 13:50:05 - [] D -- C:\Users\SoulReaver\AppData\Local\Mozilla
O43 - CFD: 2015/01/15 19:19:25 - [] D -- C:\Users\SoulReaver\AppData\Local\Nero
O43 - CFD: 2015/07/14 20:03:40 - [] D -- C:\Users\SoulReaver\AppData\Local\Packages
O43 - CFD: 2014/08/02 15:30:37 - [] D -- C:\Users\SoulReaver\AppData\Local\Plex Media Server
O43 - CFD: 2014/05/17 20:46:36 - [] D -- C:\Users\SoulReaver\AppData\Local\Popcorn-Time
O43 - CFD: 2014/05/02 12:26:49 - [] D -- C:\Users\SoulReaver\AppData\Local\Programs
O43 - CFD: 2014/08/12 21:47:36 - [] D -- C:\Users\SoulReaver\AppData\Local\Risen3
O43 - CFD: 2014/05/22 18:52:07 - [] D -- C:\Users\SoulReaver\AppData\Local\SKIDROW
O43 - CFD: 2015/02/19 20:36:59 - [] D -- C:\Users\SoulReaver\AppData\Local\Steam
O43 - CFD: 2015/07/21 20:39:02 - [0] D -- C:\Users\SoulReaver\AppData\Local\Temp
O43 - CFD: 2014/05/02 12:14:46 - [0] SHD -- C:\Users\SoulReaver\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/05/23 20:53:27 - [] D -- C:\Users\SoulReaver\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 2015/04/03 08:08:43 - [] D -- C:\Users\SoulReaver\AppData\Local\VirtualStore
O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/17 18:54:08 - [] RD -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/06/20 14:40:44 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itau
O43 - CFD: 2015/01/07 12:42:02 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2013/08/22 12:36:32 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/12/16 09:42:12 - [0] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
O43 - CFD: 2015/02/21 16:38:42 - [0] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\musikCube
O43 - CFD: 2015/07/17 18:54:08 - [] RD -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/06/12 22:17:03 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/05/23 20:49:10 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
O43 - CFD: 2014/05/02 14:09:21 - [] D -- C:\Users\SoulReaver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Lista dos drivers do sistema (SDL) (O58) (73) - 1s
O58 - SDL:2013/08/22 09:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys   [108896]
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys   [782176]
O58 - SDL:2014/11/20 23:41:36 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys   [294600]
O58 - SDL:2014/03/11 11:19:46 A . (.Windows (R) Win 7 DDK provider - KSL Kernel-Mode Dll.) -- C:\Windows\System32\drivers\amdacpksl.sys   [142848]
O58 - SDL:2012/09/22 20:17:24 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmafd.sys   [21160]
O58 - SDL:2013/08/22 09:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [79200]
O58 - SDL:2013/08/22 09:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [259424]
O58 - SDL:2013/08/22 09:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [25952]
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [114016]
O58 - SDL:2014/03/11 11:20:04 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdWB6.sys   [222720]
O58 - SDL:2014/11/20 23:40:00 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys   [18959360]
O58 - SDL:2014/11/20 23:08:54 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys   [589312]
O58 - SDL:2013/09/04 18:12:38 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys   [170712]
O58 - SDL:2013/08/12 20:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys   [17624]
O58 - SDL:2014/05/02 13:09:46 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL63a.SYS   [7474864]
O58 - SDL:2014/06/30 08:26:32 A . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\drivers\BprotectEx.sys   [90432]
O58 - SDL:2013/09/04 18:12:52 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys   [166104]
O58 - SDL:2012/08/30 10:23:58 A . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\drivers\btwaudio.sys   [186648]
O58 - SDL:2012/08/30 10:23:56 A . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\drivers\btwavdt.sys   [212792]
O58 - SDL:2012/07/27 07:48:26 A . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\drivers\btwl2cap.sys   [40248]
O58 - SDL:2012/08/30 10:23:54 A . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\drivers\btwrchid.sys   [22328]
O58 - SDL:2013/08/22 09:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys   [531296]
O58 - SDL:2012/10/19 04:52:32 A . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\drivers\Dot4.sys   [151968]
O58 - SDL:2012/10/19 04:52:30 A . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\drivers\Dot4Prt.sys   [27040]
O58 - SDL:2014/05/02 13:13:34 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys   [283064]
O58 - SDL:2013/05/01 18:41:54 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1c63x64.sys   [452432]
O58 - SDL:2013/06/18 11:45:28 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G6032E.sys   [147584]
O58 - SDL:2013/06/18 11:45:26 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1i63x64.sys   [460288]
O58 - SDL:2013/08/22 09:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys   [3357024]
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys   [62784]
O58 - SDL:2013/08/22 09:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [64352]
O58 - SDL:2013/07/30 15:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys   [24568]
O58 - SDL:2013/07/25 16:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys   [99320]
O58 - SDL:2013/05/01 18:41:25 A . (.Intel Corporation - NDIS 6.30 Advanced Networking Services..) -- C:\Windows\System32\drivers\iANSW60e.sys   [151936]
O58 - SDL:2013/08/09 21:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys   [651248]
O58 - SDL:2013/08/22 09:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys   [412000]
O58 - SDL:2012/08/15 10:57:12 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\Windows\System32\drivers\iqvw64e.sys   [33616]
O58 - SDL:2014/05/10 10:47:22 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys   [458336]
O58 - SDL:2014/05/10 10:47:22 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klelam.sys   [29792]
O58 - SDL:2014/05/10 10:47:22 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\Windows\System32\drivers\klflt.sys   [115296]
O58 - SDL:2014/05/10 10:47:23 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klif.sys   [625760]
O58 - SDL:2013/10/14 15:33:32 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\drivers\klim6.sys   [30304]
O58 - SDL:2014/05/10 10:47:23 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\Windows\System32\drivers\klkbdflt.sys   [29280]
O58 - SDL:2013/10/14 15:33:34 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klmouflt.sys   [29280]
O58 - SDL:2013/04/12 15:34:48 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys   [15456]
O58 - SDL:2014/05/10 10:47:23 A . (.Kaspersky Lab ZAO - Network filtering component [RC_BUILD_OPT].) -- C:\Windows\System32\drivers\klwfp.sys   [65120]
O58 - SDL:2014/05/10 10:47:23 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\drivers\kneps.sys   [178272]
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [109408]
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [93536]
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys   [81760]
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys   [82784]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys   [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys   [109272]
O58 - SDL:2015/07/25 13:23:06 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys   [113880]
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [56672]
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys   [575840]
O58 - SDL:2013/08/22 09:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys   [63840]
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys   [64216]
O58 - SDL:2013/08/22 09:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [150368]
O58 - SDL:2013/08/22 09:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [168288]
O58 - SDL:2013/06/18 11:46:17 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys   [591360]
O58 - SDL:2013/08/21 12:50:02 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys   [3591000]
O58 - SDL:2013/08/22 12:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [23040]
O58 - SDL:2013/08/22 09:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [44896]
O58 - SDL:2013/08/22 09:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [81760]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys   [108800]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys   [206080]
O58 - SDL:2013/08/22 09:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys   [31072]
O58 - SDL:2013/08/08 13:23:34 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys   [99288]
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [19808]
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [168800]
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS   [305504]
O58 - SDL:2015/04/23 21:15:51 A . (.Basil - WinDivert (web: http://reqrypt.org/windiver.) -- C:\Windows\System32\WinDivert64.sys   [38104]

---\\ Ultimos ficheiros alterados ou criados (Utilizador) (061) (1) - 1s
O61 - LFC: 2015/07/23 21:43:52 A . (..) -- C:\Users\SoulReaver\AppData\Roaming\AMD\GLCache\f5d0a33c8c8537e1_21.bin   [62344]

---\\ Associacoes Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe

---\\ Menu de inicializacao Internet (068) (16) - 0s
O68 - StartMenuInternet: <BaiduSpark.EXE> <Baidu Spark Browser>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe 
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe 
O68 - StartMenuInternet: <BaiduSpark.EXE> <Baidu Spark Browser>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitario de Inicializacao por Usuario do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <BaiduSpark.EXE> <Baidu Spark Browser>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitario de Inicializacao por Usuario do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <BaiduSpark.EXE> <Baidu Spark Browser>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitario de Inicializacao por Usuario do.) -- C:\Windows\System32\ie4uinit.exe

---\\ Pesquisa de infecao nos navegadores da Internet (SBI) (069) (2) - 2s
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Listagem dos servicos iniciados pelo Svchost (SSS) (O83) (36) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Servico de Experiencia com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll   [214528]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Servico de Propagacao de Certificado de Car.) -- C:\Windows\System32\certprop.dll   [156160]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Servico de Propagacao de Certificado de Car.) -- C:\Windows\System32\certprop.dll   [156160]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Servico do Servidor.) -- C:\Windows\system32\srvsvc.dll   [329216]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Politica de Grupo.) -- C:\Windows\System32\gpsvc.dll   [1360896]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensao IKE.) -- C:\Windows\System32\ikeext.dll   [1084416]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Servico que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll   [926208]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de servico de logon secundario.) -- C:\Windows\system32\seclogon.dll   [31744]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Servico de Informacoes de Aplicativos.) -- C:\Windows\System32\appinfo.dll   [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Servico de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll   [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Servico Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll   [110592]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Servico Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll   [1265152]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll   [230400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Servico Agendador de Classes de Multimidia.) -- C:\Windows\system32\mmcss.dll   [71168]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Servico Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll   [135168]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll   [227328]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Servico de Configuracao da Area de Trabalho.) -- C:\Windows\System32\SessEnv.dll   [339968]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatorios de Problemas e Solucoes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Servico de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll   [101376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Servico BDE.) -- C:\Windows\System32\bdesvc.dll   [348672]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Servico de Estrutura de Localizacao do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll   [522240]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Servico Conta da Microsoft®.) -- C:\Windows\system32\wlidsvc.dll   [1639424]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Servico de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll   [59392]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalacao de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll   [206848]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Servico Assistente de Conectividade de Rede.) -- C:\Windows\System32\ncasvc.dll   [166400]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automatica de Acess.) -- C:\Windows\System32\rasauto.dll   [102912]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexao de acesso remoto.) -- C:\Windows\System32\rasmans.dll   [542208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinamica.) -- C:\Windows\System32\mprdim.dll   [226816]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Servico de Notificacao de Eventos do Sistem.) -- C:\Windows\System32\sens.dll   [73728]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll   [452608]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll   [313344]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll   [3701760]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Servico de transferencia inteligente de tel.) -- C:\Windows\System32\qmgr.dll   [933376]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de servicos do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll   [640000]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Servico de instalacao do software.) -- C:\Windows\System32\appmgmts.dll   [187904]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll   [92992]

---\\ Lista das excecoes do FireWall (FirewallRules) (O87) (31) - 0s
O87 - FAEL: "{EBAFA118-2F20-4DA7-93D5-42D3E4BDFAEB}" [In-None-P6-TRUE] .(.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "{3EC705C4-D2B7-49C9-825C-FA9DCC49ADAF}" [In-None-P17-TRUE] .(.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "TCP Query User{FBEB71D6-63A8-49E3-81C7-F0827ADDC004}C:\program files (x86)\free download manager\fdm.exe" [In-None-P6-TRUE] .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files (x86)\free download manager\fdm.exe
O87 - FAEL: "UDP Query User{5F122DA3-009D-4DB2-9D20-9DF3FB2FE82A}C:\program files (x86)\free download manager\fdm.exe" [In-None-P17-TRUE] .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files (x86)\free download manager\fdm.exe
O87 - FAEL: "{B7682C8F-9AC5-4D7E-B9D9-D19A4466DDF6}" [In-None-P6-TRUE] .(.Copyright (C) 2012 - Hitman: Absolution.) -- C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
O87 - FAEL: "{2D41FA42-2B0A-4414-BB61-D06CEA4D215F}" [In-None-P17-TRUE] .(.Copyright (C) 2012 - Hitman: Absolution.) -- C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
O87 - FAEL: "{9BC65AB9-9E40-4CE9-BF38-1042E8C79BCD}" [In-None-P6-TRUE] .(.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
O87 - FAEL: "{B6EB5D0E-1F85-4B09-9578-7BF4593D008C}" [In-None-P17-TRUE] .(.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
O87 - FAEL: "{C3A25BC5-4B0A-4681-86F7-C2C4AE41E860}" [In-None-P6-TRUE] .(...) -- G:\Jogos\Pool Nation\steamapps\common\Pool Nation\Pool.exe
O87 - FAEL: "{A9EF454D-711E-40E2-A9A7-996A137F29FA}" [In-None-P17-TRUE] .(...) -- G:\Jogos\Pool Nation\steamapps\common\Pool Nation\Pool.exe
O87 - FAEL: "{56DCE3C9-5B6D-470E-A17A-8F40CA6FC381}" [In-None-P17-TRUE] .(.LG Electronics Inc. - DMS.) -- C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
O87 - FAEL: "{1AE6DFE8-D1BA-43C4-9735-F217571D26EF}" [In-None-P6-TRUE] .(.LG Electronics Inc. - DMS.) -- C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
O87 - FAEL: "{032FAC8B-7CFA-4B73-8137-4898405A606F}" [In-None-P17-TRUE] .(.LG Electronics Inc. - SmartShare DMR.) -- C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
O87 - FAEL: "{542EA0BC-D9AB-4217-A05A-308798677272}" [In-None-P6-TRUE] .(.LG Electronics Inc. - SmartShare DMR.) -- C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
O87 - FAEL: "{C7E889EE-9FAF-4094-8A52-DF9F7DAA898B}" [In-None-P6-TRUE] .(.Vigil Games - DarksidersPC.) -- G:\Jogos\Pool Nation\steamapps\common\Darksiders\DarksidersPC.exe
O87 - FAEL: "{A931F83D-0A21-432F-9193-42D4B501AF80}" [In-None-P17-TRUE] .(.Vigil Games - DarksidersPC.) -- G:\Jogos\Pool Nation\steamapps\common\Darksiders\DarksidersPC.exe
O87 - FAEL: "{1BA32A78-7827-40FC-872D-D884C8BB47A2}" [In-None-P6-TRUE] .(...) -- G:\Jogos\Assassin's Creed Rogue\ACC.exe
O87 - FAEL: "{A28B1078-3A1E-4892-9A9E-5BA37E409AEA}" [In-None-P17-TRUE] .(...) -- G:\Jogos\Assassin's Creed Rogue\ACC.exe
O87 - FAEL: "{85E6856B-6355-4936-A9A6-A7B7E56A958E}" [In-None-P6-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr.exe
O87 - FAEL: "{F16998CF-ED78-4C71-B493-1D337B61DC40}" [In-None-P17-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr.exe
O87 - FAEL: "{0C210212-942E-40A2-A6BE-A9ADD21B56CA}" [In-None-P6-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr_im.exe
O87 - FAEL: "{43BCE818-E2E3-4E13-A4C1-ADCF0C901DB7}" [In-None-P17-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr_im.exe
O87 - FAEL: "{EAEB809B-F115-48FB-940A-769929632153}" [In-None-P17-TRUE] .(.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe
O87 - FAEL: "{521C17C2-AAF6-4716-B5F4-FD19CDEC5F85}" [In-None-P6-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr.exe
O87 - FAEL: "{AEAAEBAD-3394-425D-B2E0-F38FD76A1EB2}" [In-None-P17-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr.exe
O87 - FAEL: "{DCD774A6-4E45-496C-AF71-237899950517}" [In-None-P6-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr_im.exe
O87 - FAEL: "{91E3C4A4-75C9-4D07-9FC4-787AA4C29326}" [In-None-P17-TRUE] .(.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptr_im.exe
O87 - FAEL: "{077CD047-6911-4FBD-9F16-60A4B2AB869B}" [In-None-P6-TRUE] .(.SQUARE ENIX LIMITED - Sleeping Dogs: Definitive Edition executabl.) -- G:\Jogos\Pool Nation\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe
O87 - FAEL: "{DA93080E-0BE0-41D4-8FE5-DBA73039165B}" [In-None-P17-TRUE] .(.SQUARE ENIX LIMITED - Sleeping Dogs: Definitive Edition executabl.) -- G:\Jogos\Pool Nation\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe
O87 - FAEL: "{79C39184-3BCF-4CA0-9ED6-17F28A7DFC99}" [In-None-P6-TRUE] .(.Epic Games, Inc. - .) -- G:\Jogos\Pool Nation\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
O87 - FAEL: "{5CEBD8E1-BBD0-432B-94F3-5E1916C1E041}" [In-None-P17-TRUE] .(.Epic Games, Inc. - .) -- G:\Jogos\Pool Nation\steamapps\common\Styx\Binaries\Win64\StyxGame.exe

---\\ Scaner Aditional (088) (1) - 0s
C:\Windows\System32\Tasks\AutoPico Daily Restart  =>PUA.KMSpico

---\\ Resumo dos elementos encontrados na sua estacao de trabalho (1) - 0s
http://www.nicolascoolman.fr/pup-kmspico/  =>PUA.KMSpico

~ End of the scan, 41307 items in 37 seconds (920)(0)()