~ ZHPDiag v2015.8.26.127 Por Nicolas Coolman (2015/08/26)
~ iniciado por Darcio (Administrator)  (2015/08/27 00:05:56)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão:  Version OK
~ Modo: Scanner
~ Relatório: C:\Users\darcio\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\darcio\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 8.1 Pro, 64-bit  (Build 9600)

---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v44.0.2403.157
MFIE: Mozilla Firefox 40.0.2 (x86 pt-BR) v40.0.2
MSIE: Internet Explorer v11.0.9600.17937

---\\ Informações sobre os produtos Windows (4) - 5s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema (2) - 1s
Trend Micro OfficeScan Client v10.6.5162
Windows Defender  (Deactivate)

---\\ Monitoramento dos softwares (1) - 1s
Adobe Acrobat Reader DC - Português

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 4116.76 MB (59% free)
~ System Restore: Activé (Enable)
~ System drive C: has 384 GB free of 467 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: DIREXE3046_00
~ User Name: Darcio
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (3) - 0s
~ Drive C: has 384 GB free of 467 GB  (System)
~ Drive D: has 3 GB free of 7 GB
~ Drive X: has 0 GB free of 0 GB

---\\ Estado do Centro de Segurança do Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Pesquisa particular de ficheiros genéricos (22) - 1s
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [2501368] ©
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [54784] ©
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\WINDOWS\System32\Wininit.exe [145920] ©
[MD5.C555B5C8142844DED9E3BD94E6313000] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\WINDOWS\System32\wininet.dll [2427904] ©
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [572416] ©
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\WINDOWS\System32\sppcomapi.dll [447488] ©
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [563200] ©
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [26464] ©
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [88576] ©
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [164352] ©
[MD5.D01CAFDD13158FCA1EEC82908A40148B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] ©
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [76800] ©
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [108544] ©
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [142848] ©
[MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [401408] ©
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [282624] ©
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2025792] ©
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\WINDOWS\System32\drivers\Parport.sys [94208] ©
[MD5.1BD3022FD6E450B00DE560265638FD2A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [112640] ©
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [195584] ©
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [107520] ©
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [310080] ©

---\\ Processos lançados (17) - 7s
[MD5.4F440DCDB7C8C14DEDDB1D63B94335D1] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\GbpSv.exe [579896] [PID.608]
[MD5.41800AFD93A8BE7C654AC221B69F6E0A] - (.Trend Micro Inc. - Trend Micro Common Client Real-time Scan Se.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe [3404832] [PID.2308]
[MD5.089F55A23440C0DA7A8A6119ECB05880] - (.Trend Micro Inc. - Trend Micro Common Client Communication Ser.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe [3442640] [PID.4048]
[MD5.725099D6CC2C64C742A33D84E10684DD] - (.Trend Micro Inc. - Trend Micro OfficeScan Client Plug-in Servi.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe [458936] [PID.4696]
[MD5.4F440DCDB7C8C14DEDDB1D63B94335D1] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\GbpSv.exe [579896] [PID.5592]
[MD5.D8FBBDEF3726FE41D64C1B4AF44A874A] - (.Trend Micro Inc. - Trend Micro OfficeScan Monitor.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe [2295992] [PID.7000]
[MD5.7F67026666BB0BF066FB5743A9331980] - (.Trend Micro Inc. - Trend Micro Personal Firewall Service.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [596736] [PID.8248]
[MD5.D9A646E8BC99F0383E9BC0D3A96C4501] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.4172] ©
[MD5.20439D6410920993BC6CF12983E25028] - (.Trend Micro Inc. - Manages the Trend Micro unauthorized change.) -- C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [571928] [PID.7184]
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.2072] ©
[MD5.842DCC07124924D945D8F17C7768074B] - (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe [858424] [PID.13148]
[MD5.749C9E51E6D5A5AC23D2B4B8B63CAFE9] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.1280] ©
[MD5.9130F710B265D46FAB1E2EBF12603783] - (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FormatFactory\FormatFactory.exe [6196040] [PID.7936] ©
[MD5.4D928A269342AF9F397520C200583452] - (.(C) 2000-2011 MPlayer Team - MEncoder - Media Encoder.) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\mencoder.exe [8240142] [PID.8560]
[MD5.4D928A269342AF9F397520C200583452] - (.(C) 2000-2011 MPlayer Team - MEncoder - Media Encoder.) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\mencoder.exe [8240142] [PID.2192]
[MD5.4D928A269342AF9F397520C200583452] - (.(C) 2000-2011 MPlayer Team - MEncoder - Media Encoder.) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\mencoder.exe [8240142] [PID.4864]
[MD5.E7EDF5F9D988069C62495EF24F419B32] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\darcio\Downloads\ZHPDiag3.exe [1908224] [PID.11196] ©

---\\ Google Chrome, Arranque,Pesquisa,Extensões (10) - 1s
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Docs
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [olghjjajidfdflkafeekiojnfmiolccp] __MSG_extensionName__
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (2) - 1s
P2 - EXT FILE: (...) -- C:\Users\darcio\AppData\Roaming\Mozilla\Firefox\Profiles\ht6hh6b8.default\extensions\@77E82E99556D832B98361C623E48489C77E8.xpi
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©

---\\ Internet Explorer, Arranque, Pesquisa, Phishing (16) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S3PWBER6_ST500LT012-1DG142&tm=1440107229
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S3PWBER6_ST500LT012-1DG142&tm=1440107229
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S3PWBER6_ST500LT012-1DG142&tm=1440107229
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=s3pwber6_st500lt012-1dg142&tm=1440107229
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=s3pwber6_st500lt012-1dg142&tm=1440107229
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=s3pwber6_st500lt012-1dg142&tm=1440107229
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestão do Proxy (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Objects do navegador (1) - 0s
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL ©

---\\ Aplicações iniciadas por registo & pastas (20) - 4s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ©
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe ©
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe ©
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [TrueColor UI] . (.Entertainment Experience - True Color.) -- C:\Program Files\TrueColor\TrueColorUI.exe
O4 - HKLM\..\Run: [Diebold - Warsaw] . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe
O4 - HKCU\..\Run: [ISUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
O4 - HKLM\..\Wow6432Node\Run: [DropboxOEM] . (.Copyright ©  2014 - DropboxOEM.) -- C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
O4 - HKLM\..\Wow6432Node\Run: [OfficeScanNT Monitor] . (.Trend Micro Inc. - Trend Micro OfficeScan Monitor.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe ©
O4 - HKLM\..\Wow6432Node\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe ©
O4 - HKLM\..\Wow6432Node\Run: [PDFHook] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe ©
O4 - HKLM\..\Wow6432Node\Run: [PDF5 Registry Controller] . (.Nuance Communications, Inc. - PDF Converter Registry Controller.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe ©
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe ©
O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe ©
O4 - HKLM\..\Wow6432Node\Run: [DoroServer] . (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_br_006010072]  (Orphean)
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-3469486405-3119757674-2814306058-1215\..\Run: [ISUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

---\\ Alteração Dominio/Clientes DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 191.253.71.250 191.253.71.251 191.253.71.250 191.253.71.251
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.42.0.251 10.42.0.252
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = vcp.amer.dell.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 191.253.71.250 191.253.71.251 191.253.71.250 191.253.71.251
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.42.0.251 10.42.0.252
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = vcp.amer.dell.com

---\\ Protocolo adicional (21) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ©

---\\ Serviços NT não Microsoft e não desativados (31) - 4s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe ©
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe ©
O23 - Service: Dell Customer Connect (Dell Customer Connect) . (.Dell Inc. - OTBSurvey.) - C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
O23 - Service: Dell Data Services (Dell Data Services) . (.Dell - Dell.DDS.Agent.WinService.) - C:\Program Files\Dell\Dell Data Services\DDSSvc.exe ©
O23 - Service: Dell Foundation Services (Dell Foundation Services) . (.Dell - Dell.DFS.Agent.WinService.) - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe ©
O23 - Service: Dell Update Service (DellUpdate) . (.Dell Inc. - Dell Update Windows Service.) - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: ADSL Line Drawing (devyberu) . (...) - C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\knsn7070.tmpfs  =>PUP.Optional.CrossRider
O23 - Service: @oem68.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAM (DptfParticipantProcessorService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\WINDOWS\system32\DptfParticipantProcessorService.exe ©
O23 - Service: @oem68.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME (DptfPolicyCriticalService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\WINDOWS\system32\DptfPolicyCriticalService.exe ©
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\darcio\AppData\Local\4C4C4544-1440622420-4E10-8037-C2C04F353432\snsx51D1.tmp (.not file.)  =>PUP.Optional.CrossRider
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ©
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\system32\igfxCUIService.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\jnsiE161.tmp  =>PUP.Optional.CrossRider
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
O23 - Service: Net.Tcp Service Handler (NetTcpHandler) . (...) - C:\Users\darcio\AppData\Roaming\NetService\netservice.exe
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) . (.Trend Micro Inc. - Trend Micro Common Client Real-time Scan Se.) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe
O23 - Service: OCS Inventory Service (OCS Inventory Service) . (.OCS Inventory NG - OCS Inventory NG Service.) - C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
O23 - Service: PDFProFiltSrvPP (PDFProFiltSrvPP) . (.Nuance Communications, Inc. - PDFPro IFilter Service.) - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe ©
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ©
O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: OfficeScan NT Listener (tmlisten) . (.Trend Micro Inc. - Trend Micro Common Client Communication Ser.) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
O23 - Service: Delete Exit (totyseku) . (...) - C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\hnsa1A55.tmp  =>PUP.Optional.CrossRider
O23 - Service: TrueColorALS (TrueColorALS) . (...) - C:\Program Files\TrueColor\TrueColorALS.exe
O23 - Service: Update Super Great (Update Super Great) . (...) - C:\Program Files (x86)\Super Great\updateSuperGreat.exe (.not file.)  =>PUP.Optional.SuperGreat*
O23 - Service: uvnc_service (uvnc_service) . (.UltraVNC - VNC server for win32.) - C:\Program Files\UltraVNC\winvnc.exe
O23 - Service: Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) - C:\Program Files\Diebold\Warsaw\core.exe

---\\ Tarefas planificadas automaticamente (21) - 9s
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [998104] ©
[MD5.00000000000000000000000000000000] [APT] [B11C8802-3DCB-43B8-A54B-1A75D42DC2E] (...) -- C:\Users\darcio\AppData\Local\B11C8802-3DCB-43B8-A54B-1A75D42DC2E\B11C8802-3DCB-43B8-A54B-1A75D42DC2E.exe (.not file.)   [0]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [107848] ©
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [107848] ©
[MD5.8A3A1B1D58C43A45517321BC8C650752] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe   [1175040]
[MD5.00000000000000000000000000000000] [APT] [new tab helper oursurfing] (...) -- C:\Users\darcio\AppData\Roaming\oursurfing\newtab_hlpr.exe (.not file.)   [0]  =>PUP.Optional.OurSurfing
[MD5.CEF76A106D5A43A41C448AA929D920C4] [APT] [RtHDVBg_PushButton] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe   [1393520] ©
[MD5.E7D9B291A1094A2DA28A5CB57B4F064F] [APT] [ToolsUpdatePlatform_ScheduledTask] (.Copyright (C) 2015.) -- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe   [635128]
[MD5.C6F268F8A91671D163028D16495AE244] [APT] [{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}] (...) -- C:\Users\darcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe   [1188328]
[MD5.00000000000000000000000000000000] [APT] [{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}] (...) -- C:\Program Files (x86)\WeatherTool\1.2.3.9736\InstallHelper.exe (.not file.)   [0]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job   [1098] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job   [1102] ©
O39 - APT: ToolsUpdatePlatform_ScheduledTask - (.Copyright (C) 2015.) -- C:\WINDOWS\Tasks\ToolsUpdatePlatform_ScheduledTask.job   [450]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task   [3886] ©
O39 - APT: B11C8802-3DCB-43B8-A54B-1A75D42DC2E - (...) -- C:\WINDOWS\System32\Tasks\B11C8802-3DCB-43B8-A54B-1A75D42DC2E   [4290]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore   [3838] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA   [4074] ©
O39 - APT: klcp_update - (...) -- C:\WINDOWS\System32\Tasks\klcp_update   [3798]
O39 - APT: new tab helper oursurfing - (...) -- C:\WINDOWS\System32\Tasks\new tab helper oursurfing   [4132]  =>PUP.Optional.OurSurfing
O39 - APT: RtHDVBg_PushButton - (.Realtek Semiconductor.) -- C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton   [3132] ©
O39 - APT: ToolsUpdatePlatform_ScheduledTask - (.Copyright (C) 2015.) -- C:\WINDOWS\System32\Tasks\ToolsUpdatePlatform_ScheduledTask   [3516]

---\\ Software instalados (52) - 30s
O42 - Logiciel: My Dell - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows
O42 - Logiciel: UltraVnc - (.uvnc bvba.) [HKLM][64Bits] -- Ultravnc2_is1
O42 - Logiciel: Warsaw 1.8.0.10356 64 bits - (.GAS Tecnologia.) [HKLM][64Bits] -- {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000} ©
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {27DEA29A-222C-45F8-B70D-0A7B303FC71B} ©
O42 - Logiciel: True Color - (.Entertainment Experience LLC.) [HKLM][64Bits] -- {33D499E3-73E8-44D5-8D1F-FEA39535E9F2}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} ©
O42 - Logiciel: PaperPort Image Printer 64-bit - (.Nuance Communications, Inc..) [HKLM][64Bits] -- {715CAACC-579B-4831-A5F4-A83A8DE3EFE2} ©
O42 - Logiciel: QuickSet64 - (.Dell Inc..) [HKLM][64Bits] -- {87CF757E-C1F1-4D22-865C-00C6950B5258}
O42 - Logiciel: Dell Foundation Services - (.Dell Inc..) [HKLM][64Bits] -- {90B2EE35-59D0-4A1F-B125-9F678D46A955}
O42 - Logiciel: Dell Data Services - (.Dell Inc..) [HKLM][64Bits] -- {90F9BFC9-A2A9-403F-9A40-1063FAD035BA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7} ©
O42 - Logiciel: DSC/AA Factory Installer - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {F7A70D00-F283-45C8-B163-49EC365D7E27}
O42 - Logiciel: Intel(R) Virtual Buttons - (.Intel Corporation.) [HKLM][64Bits] -- 1992736F-C90A-481C-B21B-EE34CAD07387 ©
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR ©
O42 - Logiciel: Doro 1.60 - (.CompSoft.) [HKLM][64Bits] -- Doro_is1
O42 - Logiciel: FormatFactory 3.7.0.1 - (.Free Time.) [HKLM][64Bits] -- FormatFactory ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: jFinanças Pessoal 2015 - (.Cenize.) [HKLM][64Bits] -- jFinanças Pessoal 2015
O42 - Logiciel: Magical Jelly Bean KeyFinder - (.Magical Jelly Bean.) [HKLM][64Bits] -- KeyFinder_is1 ©
O42 - Logiciel: K-Lite Mega Codec Pack 11.3.6 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Mozilla Firefox 40.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.2 (x86 pt-BR) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM][64Bits] -- NoIPDUC
O42 - Logiciel: OCS Inventory NG Agent 2.0.4.0 - (.OCS Inventory NG Team.) [HKLM][64Bits] -- OCS Inventory NG Agent
O42 - Logiciel: Trend Micro OfficeScan Client - (.Trend Micro Inc..) [HKLM][64Bits] -- OfficeScanNT
O42 - Logiciel: Dell Backup and Recovery - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04}
O42 - Logiciel: Dell Product Registration - (.Aviata Inc..) [HKLM][64Bits] -- {17FFE63C-6734-4950-B488-134B5A2505F7}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} ©
O42 - Logiciel: Java 8 Update 51 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218051F0} ©
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Nuance PDF Viewer Plus - (.Nuance Communications, Inc.) [HKLM][64Bits] -- {28656860-4728-433C-8AD4-D1A930437BC8}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {31B9D218-FED2-4C6C-B19F-7294FFC130B0} ©
O42 - Logiciel: Pandion - (.Pandion Team.) [HKLM][64Bits] -- {35846BA4-5A5A-433B-B65E-41C324AEFFA4}
O42 - Logiciel: Brother MFL-Pro Suite DCP-8157DN - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {37372D85-4945-4B6B-AC87-7BC5D1AB9F5C} ©
O42 - Logiciel: True Color - (.Entertainment Experience.) [HKLM][64Bits] -- {55c734b2-fcff-447e-81cc-a6f04ebf09fc}
O42 - Logiciel: Dropbox 20 GB - (.Dropbox, Inc..) [HKLM][64Bits] -- {597A58EC-42D6-4940-8739-FB94491B013C} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} ©
O42 - Logiciel: Tools Update Platform - (.Beijing Zhihuimen Techology co,.Ltd.) [HKLM][64Bits] -- {6A128791-4857-4484-9BB2-71D4C1257200}
O42 - Logiciel: Nuance PaperPort 12 - (.Nuance Communications, Inc..) [HKLM][64Bits] -- {88B5FBDC-967D-4B1F-B291-39284AE12201} ©
O42 - Logiciel: Dell Update - (.Dell Inc..) [HKLM][64Bits] -- {90437913-9D4D-4D9D-B438-B8664DF851E9}
O42 - Logiciel: ST Microelectronics 3 Axis Digital Accelerometer Solution - (.ST Microelectronics.) [HKLM][64Bits] -- {9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215} ©
O42 - Logiciel: Adobe Acrobat Reader DC - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AC0F074E4100} ©
O42 - Logiciel: Dell Digital Delivery - (.Dell Products, LP.) [HKLM][64Bits] -- {BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}
O42 - Logiciel: Citrix Presentation Server Client - (.Citrix Systems, Inc..) [HKLM][64Bits] -- {E89956F9-5B89-470E-818D-BD46102D0A01} ©
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: HP LaserJet Professional CP1020 Series - (.Hewlett-Packard.) [HKLM][64Bits] -- {F2918DE9-8F79-44c8-85D8-CAD1245B95D3} ©
O42 - Logiciel: Dell Customer Connect - (.Dell Inc..) [HKLM][64Bits] -- {FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}
O42 - Logiciel: Kingdom Extension - (.Component Total corp.) [HKCU][64Bits] -- {9563BC59-9556-4805-8CD4-886781779D8D}

---\\ HKCU & HKLM Software Keys (104) - 30s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\ATHEROS
HKLM\SOFTWARE\Wow6432Node\Aviata
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Brother
HKLM\SOFTWARE\Wow6432Node\Brother Industries, Ltd.
HKLM\SOFTWARE\Wow6432Node\Cenize
HKLM\SOFTWARE\Wow6432Node\Citrix
HKLM\SOFTWARE\Wow6432Node\CompSoft
HKLM\SOFTWARE\Wow6432Node\Dell
HKLM\SOFTWARE\Wow6432Node\Dell Inc.
HKLM\SOFTWARE\Wow6432Node\DellBackupandRecovery
HKLM\SOFTWARE\Wow6432Node\Dell_Wlan
HKLM\SOFTWARE\Wow6432Node\Dropbox
HKLM\SOFTWARE\Wow6432Node\EVP
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GPL Ghostscript
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\Icaros
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NetTcpHandler
HKLM\SOFTWARE\Wow6432Node\NtIObits
HKLM\SOFTWARE\Wow6432Node\NtSvcHandler
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PC-Doctor
HKLM\SOFTWARE\Wow6432Node\ProtectedHp
HKLM\SOFTWARE\Wow6432Node\Reg
HKLM\SOFTWARE\Wow6432Node\ScanSoft
HKLM\SOFTWARE\Wow6432Node\seekmix
HKLM\SOFTWARE\Wow6432Node\seekmx
HKLM\SOFTWARE\Wow6432Node\SoftThinks
HKLM\SOFTWARE\Wow6432Node\ST Microelectronics
HKLM\SOFTWARE\Wow6432Node\SuppHelpDir
HKLM\SOFTWARE\Wow6432Node\ToolsUpdatePlatform
HKLM\SOFTWARE\Wow6432Node\TrendMicro
HKLM\SOFTWARE\Wow6432Node\Visioneer
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\ZEON
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKLM\SOFTWARE\Wow6432Node\VolDellBackupAndRecovery
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\AutoHelpDesk
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Cenize
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Citrix
HKCU\SOFTWARE\CompSoft
HKCU\SOFTWARE\FLEXnet
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\InstallShield
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\ORL
HKCU\SOFTWARE\Pandion
HKCU\SOFTWARE\PC-Doctor
HKCU\SOFTWARE\ProtectedHp
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\ScanSoft
HKCU\SOFTWARE\Vitalwerks
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zeon
HKCU\SOFTWARE\AppDataLow\Software

---\\ Conteúdo das pastas Programs (194) - 30s
O43 - CFD: 2015/08/26 20:53:32 - [] D -- C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432  =>PUP.Optional.CrossRider
O43 - CFD: 2015/08/11 10:07:54 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/26 22:03:53 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 2015/08/11 09:17:27 - [] D -- C:\Program Files (x86)\Brother
O43 - CFD: 2015/08/11 09:17:23 - [] D -- C:\Program Files (x86)\Browny02
O43 - CFD: 2015/07/25 19:07:01 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 2015/08/26 22:23:13 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/08/11 09:17:20 - [] D -- C:\Program Files (x86)\ControlCenter4
O43 - CFD: 2015/08/26 21:38:00 - [] D -- C:\Program Files (x86)\Dell Backup and Recovery
O43 - CFD: 2015/08/14 08:18:47 - [] D -- C:\Program Files (x86)\Dell Customer Connect
O43 - CFD: 2015/08/10 16:45:25 - [] D -- C:\Program Files (x86)\Dell Digital Delivery
O43 - CFD: 2015/07/25 19:21:03 - [] D -- C:\Program Files (x86)\Dell Product Registration
O43 - CFD: 2015/08/10 16:54:57 - [] D -- C:\Program Files (x86)\Dell Update
O43 - CFD: 2015/07/25 19:10:33 - [] D -- C:\Program Files (x86)\Dell Wireless
O43 - CFD: 2015/08/18 11:30:46 - [] HD -- C:\Program Files (x86)\Diebold
O43 - CFD: 2015/08/11 14:11:46 - [] D -- C:\Program Files (x86)\DoroPDFWriter
O43 - CFD: 2015/07/25 19:22:03 - [] D -- C:\Program Files (x86)\Dropbox
O43 - CFD: 2015/08/26 19:06:22 - [] D -- C:\Program Files (x86)\FormatFactory
O43 - CFD: 2015/08/18 11:30:46 - [] HD -- C:\Program Files (x86)\GAS Tecnologia
O43 - CFD: 2015/08/26 21:29:43 - [] AD -- C:\Program Files (x86)\GbPlugin
O43 - CFD: 2015/08/11 08:53:02 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/08/11 14:05:24 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 2015/08/11 09:16:29 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/07/25 19:12:52 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/08/12 11:57:08 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/11 09:00:00 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2015/08/18 16:31:30 - [] D -- C:\Program Files (x86)\jFinanças Pessoal 2015
O43 - CFD: 2015/08/11 09:02:49 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2015/08/11 10:24:30 - [] D -- C:\Program Files (x86)\Magical Jelly Bean
O43 - CFD: 2015/08/10 17:41:26 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2015/08/10 17:44:56 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/10 17:44:56 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/08/26 19:06:38 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/08/18 11:25:24 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/01/05 04:40:13 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/11 09:11:07 - [] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 2015/08/11 11:42:02 - [] D -- C:\Program Files (x86)\No-IP
O43 - CFD: 2015/08/11 09:14:02 - [] D -- C:\Program Files (x86)\Nuance
O43 - CFD: 2015/08/11 10:31:35 - [] D -- C:\Program Files (x86)\OCS Inventory Agent
O43 - CFD: 2015/08/19 23:51:08 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/08/26 22:13:49 - [] D -- C:\Program Files (x86)\PicosmosTools
O43 - CFD: 2015/01/05 04:40:13 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/07/25 19:12:06 - [] D -- C:\Program Files (x86)\ST Microelectronics
O43 - CFD: 2015/08/11 16:51:36 - [] D -- C:\Program Files (x86)\ToolsUpdatePlatform
O43 - CFD: 2015/08/10 17:34:08 - [] D -- C:\Program Files (x86)\Trend Micro
O43 - CFD: 2015/08/12 11:56:43 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2014/11/22 07:35:49 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2014/11/22 07:35:49 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2014/11/22 07:35:49 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2014/11/22 07:35:49 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/11/22 07:35:49 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 12:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/08/11 09:10:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2014/11/22 07:36:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/25 23:35:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/12 11:57:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/11 09:18:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
O43 - CFD: 2015/07/25 19:08:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
O43 - CFD: 2015/08/11 10:09:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix
O43 - CFD: 2015/08/14 08:18:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
O43 - CFD: 2015/07/25 19:22:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB
O43 - CFD: 2015/08/26 20:20:16 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/25 19:05:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/08/11 09:00:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/08/11 21:29:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jFinanças Pessoal 2015
O43 - CFD: 2015/08/11 09:03:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2015/08/11 10:24:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/10 17:45:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/08/11 09:14:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
O43 - CFD: 2015/08/11 10:31:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2014/11/22 07:36:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/11/21 23:21:02 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/08/10 17:34:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro OfficeScan Client
O43 - CFD: 2015/07/25 19:11:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueColor
O43 - CFD: 2015/08/11 10:27:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC
O43 - CFD: 2015/08/26 22:52:48 - [0] D -- C:\ProgramData\2WinManPro2
O43 - CFD: 2015/08/11 10:08:01 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/10 16:53:50 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 2015/07/25 19:21:03 - [] D -- C:\ProgramData\Aviata
O43 - CFD: 2015/08/26 22:52:48 - [] D -- C:\ProgramData\aWinManProa
O43 - CFD: 2015/08/11 09:18:21 - [] D -- C:\ProgramData\Brother
O43 - CFD: 2015/08/11 09:17:20 - [] D -- C:\ProgramData\ControlCenter4
O43 - CFD: 2015/08/10 16:43:48 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 2015/08/14 08:18:37 - [] D -- C:\ProgramData\Dell
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/08/10 16:43:48 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/08/11 09:12:49 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2015/08/11 15:26:09 - [] D -- C:\ProgramData\GAS Tecnologia
O43 - CFD: 2015/08/26 20:32:27 - [] D -- C:\ProgramData\GbPlugin
O43 - CFD: 2015/08/11 14:07:41 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2015/08/11 14:07:24 - [] D -- C:\ProgramData\HP
O43 - CFD: 2015/07/25 19:05:01 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/08/11 09:22:32 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/08/10 16:43:48 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2015/08/22 19:02:29 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/08/10 17:51:26 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/08/10 16:43:48 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2015/08/17 09:03:00 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/08/11 09:28:15 - [] D -- C:\ProgramData\Nuance
O43 - CFD: 2015/08/11 10:30:45 - [] D -- C:\ProgramData\OCS Inventory NG
O43 - CFD: 2015/08/11 09:00:54 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/25 19:11:55 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/07/25 19:13:07 - [] D -- C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 2015/08/10 17:07:43 - [] D -- C:\ProgramData\PCDr
O43 - CFD: 2015/08/10 17:38:01 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/08/11 09:13:10 - [] D -- C:\ProgramData\ScanSoft
O43 - CFD: 2015/08/10 16:58:48 - [] D -- C:\ProgramData\softthinks
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/08/11 09:00:57 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/26 21:30:11 - [] D -- C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 2015/08/26 20:34:41 - [0] D -- C:\ProgramData\update
O43 - CFD: 2015/08/11 09:14:02 - [] D -- C:\ProgramData\zeon
O43 - CFD: 2015/07/25 19:07:39 - [] D -- C:\ProgramData\{00991343-0669-45F0-9AFA-661A55DC65D2}
O43 - CFD: 2015/08/11 21:43:33 - [] D -- C:\ProgramData\{691BDA7C-EEE7-4107-9100-B22AB0654434}
O43 - CFD: 2015/08/11 08:51:37 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/11 10:10:39 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2015/07/25 19:08:08 - [] D -- C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 2015/08/10 17:45:02 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/07/25 19:11:33 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/07/25 19:05:26 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2015/08/11 09:00:56 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/08/12 11:56:27 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/07/25 19:05:25 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2015/08/11 09:12:51 - [] D -- C:\Program Files (x86)\Common Files\ScanSoft Shared
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/08/10 17:47:50 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/11 14:10:51 - [] D -- C:\Users\darcio\AppData\Roaming\Adobe
O43 - CFD: 2015/08/10 16:53:37 - [] D -- C:\Users\darcio\AppData\Roaming\Atheros
O43 - CFD: 2015/08/11 09:25:09 - [] D -- C:\Users\darcio\AppData\Roaming\ControlCenter4
O43 - CFD: 2015/08/11 20:38:54 - [] D -- C:\Users\darcio\AppData\Roaming\DropboxOEM
O43 - CFD: 2015/08/11 09:24:30 - [] D -- C:\Users\darcio\AppData\Roaming\FLEXnet
O43 - CFD: 2015/08/12 11:20:33 - [] D -- C:\Users\darcio\AppData\Roaming\ICAClient
O43 - CFD: 2015/08/11 09:08:09 - [] D -- C:\Users\darcio\AppData\Roaming\Identities
O43 - CFD: 2015/08/10 17:07:38 - [] D -- C:\Users\darcio\AppData\Roaming\InstallShield
O43 - CFD: 2015/08/10 16:54:46 - [] D -- C:\Users\darcio\AppData\Roaming\Intel Corporation
O43 - CFD: 2015/08/11 09:39:20 - [] D -- C:\Users\darcio\AppData\Roaming\Macromedia
O43 - CFD: 2015/08/25 15:59:38 - [] D -- C:\Users\darcio\AppData\Roaming\Mactowebise
O43 - CFD: 2015/08/22 19:06:58 - [] SD -- C:\Users\darcio\AppData\Roaming\Microsoft
O43 - CFD: 2015/08/17 09:03:19 - [] D -- C:\Users\darcio\AppData\Roaming\Mozilla
O43 - CFD: 2015/08/21 18:41:31 - [] D -- C:\Users\darcio\AppData\Roaming\MPC-HC
O43 - CFD: 2015/08/19 23:09:36 - [] D -- C:\Users\darcio\AppData\Roaming\NetService
O43 - CFD: 2015/08/11 09:13:26 - [] D -- C:\Users\darcio\AppData\Roaming\Nuance
O43 - CFD: 2015/08/19 23:29:19 - [] D -- C:\Users\darcio\AppData\Roaming\Opera Software
O43 - CFD: 2015/08/11 11:10:26 - [] D -- C:\Users\darcio\AppData\Roaming\Pandion
O43 - CFD: 2015/08/11 16:27:23 - [] D -- C:\Users\darcio\AppData\Roaming\PCDr
O43 - CFD: 2015/08/20 18:47:01 - [] D -- C:\Users\darcio\AppData\Roaming\RunDir
O43 - CFD: 2015/08/20 18:47:12 - [] D -- C:\Users\darcio\AppData\Roaming\shortCutStore
O43 - CFD: 2015/08/19 09:22:54 - [] D -- C:\Users\darcio\AppData\Roaming\Zeon
O43 - CFD: 2015/08/27 00:06:29 - [] D -- C:\Users\darcio\AppData\Roaming\ZHP
O43 - CFD: 2015/08/11 10:25:07 - [] D -- C:\Users\darcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
O43 - CFD: 2015/08/11 14:11:09 - [] D -- C:\Users\darcio\AppData\Local\Adobe
O43 - CFD: 2015/08/10 16:55:40 - [] D -- C:\Users\darcio\AppData\Local\Aviata
O43 - CFD: 2015/08/10 16:53:50 - [] D -- C:\Users\darcio\AppData\Local\BMExplorer
O43 - CFD: 2015/08/11 14:11:09 - [] D -- C:\Users\darcio\AppData\Local\CEF
O43 - CFD: 2015/08/11 21:35:13 - [] D -- C:\Users\darcio\AppData\Local\Cenize
O43 - CFD: 2015/08/25 08:41:20 - [] D -- C:\Users\darcio\AppData\Local\CrashDumps
O43 - CFD: 2015/08/10 16:41:37 - [0] SHD -- C:\Users\darcio\AppData\Local\Dados de Aplicativos
O43 - CFD: 2015/08/10 16:53:46 - [] D -- C:\Users\darcio\AppData\Local\DropboxOEM
O43 - CFD: 2015/08/12 15:37:24 - [0] SHD -- C:\Users\darcio\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/08/12 15:37:24 - [0] SHD -- C:\Users\darcio\AppData\Local\EmieSiteList
O43 - CFD: 2015/08/12 15:37:24 - [0] SHD -- C:\Users\darcio\AppData\Local\EmieUserList
O43 - CFD: 2015/08/11 09:01:04 - [] D -- C:\Users\darcio\AppData\Local\Google
O43 - CFD: 2015/08/10 16:41:37 - [0] SHD -- C:\Users\darcio\AppData\Local\Histórico
O43 - CFD: 2015/08/26 19:06:38 - [] D -- C:\Users\darcio\AppData\Local\Kingdom Extension
O43 - CFD: 2015/08/18 10:50:55 - [] D -- C:\Users\darcio\AppData\Local\Microsoft
O43 - CFD: 2015/08/10 17:41:12 - [0] D -- C:\Users\darcio\AppData\Local\Microsoft Help
O43 - CFD: 2015/08/17 09:03:20 - [] D -- C:\Users\darcio\AppData\Local\Mozilla
O43 - CFD: 2015/08/19 23:29:19 - [] D -- C:\Users\darcio\AppData\Local\Opera Software
O43 - CFD: 2015/08/26 18:43:05 - [] D -- C:\Users\darcio\AppData\Local\Packages
O43 - CFD: 2015/08/11 11:09:23 - [] D -- C:\Users\darcio\AppData\Local\Pandion
O43 - CFD: 2015/08/11 09:01:21 - [] D -- C:\Users\darcio\AppData\Local\Programs
O43 - CFD: 2015/08/10 16:58:08 - [0] D -- C:\Users\darcio\AppData\Local\softthinks
O43 - CFD: 2015/08/27 00:05:52 - [] D -- C:\Users\darcio\AppData\Local\Temp
O43 - CFD: 2015/08/10 16:41:37 - [0] SHD -- C:\Users\darcio\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/08/11 15:29:53 - [] D -- C:\Users\darcio\AppData\Local\VirtualStore
O43 - CFD: 2015/08/11 11:42:07 - [] D -- C:\Users\darcio\AppData\Local\Vitalwerks
O43 - CFD: 2015/08/11 21:30:34 - [] D -- C:\Users\darcio\AppData\Local\{691BDA7C-EEE7-4107-9100-B22AB0654434}
O43 - CFD: 2014/11/22 07:36:31 - [] RD -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2014/11/22 07:36:31 - [] RD -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/26 20:41:56 - [] RD -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/26 21:30:20 - [] RD -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
O43 - CFD: 2015/08/26 19:06:22 - [] D -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/08/11 14:07:23 - [] D -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2015/08/11 21:29:17 - [0] D -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jFinanças Pessoal 2015
O43 - CFD: 2013/08/22 12:36:32 - [] D -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/11 11:42:02 - [] D -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
O43 - CFD: 2015/08/26 22:23:30 - [] RD -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/25 23:35:56 - [] RD -- C:\Users\darcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

---\\ Lista dos drivers do sistema (72) - 10s
O58 - SDL:2013/08/22 09:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys   [108896] ©
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys   [782176] ©
O58 - SDL:2013/08/22 09:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys   [79200] ©
O58 - SDL:2013/08/22 09:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys   [259424] ©
O58 - SDL:2013/08/22 09:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys   [25952] ©
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys   [114016] ©
O58 - SDL:2014/07/11 22:21:10 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athwbx.sys   [3903488] ©
O58 - SDL:2013/08/12 20:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys   [17624] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\WINDOWS\System32\drivers\btath_a2dp.sys   [338120] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\WINDOWS\System32\drivers\btath_avdt.sys   [118984] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\WINDOWS\System32\drivers\btath_bus.sys   [35016] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\WINDOWS\System32\drivers\btath_flt.sys   [89800] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\WINDOWS\System32\drivers\btath_hcrp.sys   [179432] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\WINDOWS\System32\drivers\btath_lwflt.sys   [77464] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\WINDOWS\System32\drivers\btath_rcp.sys   [137928] ©
O58 - SDL:2014/08/14 04:54:20 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys   [598728] ©
O58 - SDL:2013/08/22 09:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys   [531296] ©
O58 - SDL:2013/01/24 23:12:08 A . (.OSR Open Systems Resources, Inc. - Airplane Mode Switch Driver.) -- C:\WINDOWS\System32\drivers\DellRbtn.sys   [10752]
O58 - SDL:2014/05/16 16:13:54 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevDisplay.sys   [70752] ©
O58 - SDL:2014/05/16 16:13:54 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevDram.sys   [145640] ©
O58 - SDL:2014/05/16 16:13:54 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevFan.sys   [50640] ©
O58 - SDL:2014/05/16 16:13:54 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevGen.sys   [78504] ©
O58 - SDL:2014/05/16 16:13:54 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevPch.sys   [116752] ©
O58 - SDL:2014/05/16 16:13:54 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevPower.sys   [71808] ©
O58 - SDL:2014/05/16 16:13:56 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfDevProc.sys   [290256] ©
O58 - SDL:2014/05/16 16:13:56 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\System32\drivers\DptfManager.sys   [494808] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys   [3357024] ©
O58 - SDL:2010/12/14 18:52:12 A . (.Hewlett Packard - LEDM BULK.) -- C:\WINDOWS\System32\drivers\hppdbulkio.sys   [22328] ©
O58 - SDL:2010/12/14 18:52:12 A . (.Hewlett Packard - LEDM USB Composite Support Driver.) -- C:\WINDOWS\System32\drivers\hppdgenio.sys   [32056] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys   [64352] ©
O58 - SDL:2013/07/30 15:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys   [24568] ©
O58 - SDL:2013/07/25 16:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys   [99320] ©
O58 - SDL:2013/08/08 20:17:30 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver.) -- C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys   [24568] ©
O58 - SDL:2013/08/08 20:17:30 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys   [99320] ©
O58 - SDL:2013/08/08 20:17:30 A . (.Intel Corporation - Intel(R) Serial IO SPI Driver.) -- C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys   [83960] ©
O58 - SDL:2013/08/08 20:17:30 A . (.Intel Corporation - Intel(R) Serial IO UART Driver.) -- C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys   [129528] ©
O58 - SDL:2014/02/26 17:43:24 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys   [632168] ©
O58 - SDL:2013/08/09 21:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys   [651248] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys   [412000] ©
O58 - SDL:2014/09/30 22:12:02 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys   [3826320] ©
O58 - SDL:2014/09/23 23:51:24 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys   [454416] ©
O58 - SDL:2014/08/01 17:18:33 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys   [38296] ©
O58 - SDL:2014/01/10 05:36:46 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\WINDOWS\System32\drivers\iqvw64e.sys   [33616] ©
O58 - SDL:2014/08/01 17:18:33 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys   [27032] ©
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys   [109408] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2.sys   [93536] ©
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3.sys   [81760] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys   [82784] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys   [56672] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys   [575840] ©
O58 - SDL:2013/08/22 09:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys   [63840] ©
O58 - SDL:2013/08/22 09:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys   [150368] ©
O58 - SDL:2013/08/22 09:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys   [168288] ©
O58 - SDL:2014/08/06 22:38:30 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys   [4023920] ©
O58 - SDL:2013/10/09 22:20:30 A . (.Realtek - Realtek USB GBE NIC NDIS6.30 64-bit Driver.) -- C:\WINDOWS\System32\drivers\rtu30x64w8.sys   [92376] ©
O58 - SDL:2013/08/22 12:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys   [23040] ©
O58 - SDL:2013/08/22 09:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys   [44896] ©
O58 - SDL:2013/08/22 09:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys   [81760] ©
O58 - SDL:2013/08/22 09:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys   [31072] ©
O58 - SDL:2013/12/04 09:37:04 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys   [100824] ©
O58 - SDL:2013/06/13 11:02:36 A . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) -- C:\WINDOWS\System32\drivers\tmactmon.sys   [85376]
O58 - SDL:2013/06/27 03:38:06 A . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\WINDOWS\System32\drivers\tmcomm.sys   [173992]
O58 - SDL:2012/12/08 01:33:04 A . (.Trend Micro Inc. - Trend Micro EagleEye Driver (VW) (amd64-fre.) -- C:\WINDOWS\System32\drivers\tmeevw.sys   [94520]
O58 - SDL:2013/06/13 11:02:28 A . (.Trend Micro Inc. - TrendMicro Event Management Module.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys   [65336]
O58 - SDL:2012/06/21 15:50:12 A . (.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (amd64-f.) -- C:\WINDOWS\System32\drivers\tmlwf.sys   [197432]
O58 - SDL:2013/01/31 16:42:02 A . (.Trend Micro Inc. - Trend Micro Osprey Scanner Driver (amd64-fr.) -- C:\WINDOWS\System32\drivers\tmusa.sys   [92456]
O58 - SDL:2012/06/21 14:51:00 A . (.Trend Micro Inc. - Trend Micro WFP callout Driver (amd64-fre).) -- C:\WINDOWS\System32\drivers\tmwfp.sys   [338232]
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\drivers\viaide.sys   [19808] ©
O58 - SDL:2013/10/04 14:57:16 A . (.Intel Corporation - Intel(R) Virtual Buttons.) -- C:\WINDOWS\System32\drivers\VirtualButtons.sys   [32024] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys   [168800] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS   [305504] ©
O58 - SDL:2014/07/11 02:21:10 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\athwbx.sys   [3903488] ©

---\\ Últimos ficheiros alterados ou criados (Utilizador) (46) - 47s
O61 - LFC: 2015/08/19 23:07:49 A . (..) -- C:\Users\darcio\Downloads\FormatFactory.exe   [703192]
O61 - LFC: 2015/08/19 22:51:54 A . (.Software Installer.) -- C:\Users\darcio\Downloads\k-lite-mega-codec-pack-32-bits.exe   [846280]
O61 - LFC: 2015/08/19 04:31:03 A . (..) -- C:\Users\darcio\AppData\Roaming\RunDir\bn1.exe   [462792]
O61 - LFC: 2015/08/19 05:36:41 A . (..) -- C:\Users\darcio\AppData\Roaming\RunDir\ccec.exe   [129992]
O61 - LFC: 2015/08/19 04:31:03 A . (..) -- C:\Users\darcio\AppData\Roaming\RunDir\temp\bn1.exe   [462792]
O61 - LFC: 2015/08/19 05:36:41 A . (..) -- C:\Users\darcio\AppData\Roaming\RunDir\temp\ccec.exe   [129992]
O61 - LFC: 2015/08/19 18:08:42 A . (..) -- C:\Users\darcio\AppData\Roaming\Mactowebise\explorerEx64.dll   [452608]
O61 - LFC: 2015/08/24 06:56:44 A . (..) -- C:\Users\darcio\AppData\Roaming\Mactowebise\ProtectInstall.exe   [403832]
O61 - LFC: 2015/08/26 17:20:43 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\b33d5cbf-2a14-4713-b452-6b573f79d9b9[1].exe   [1005192]
O61 - LFC: 2015/08/26 20:53:36 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\c8uxO[1].exe   [137728]
O61 - LFC: 2015/08/26 20:51:59 A . (.Copyright 2013.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\check[1].exe   [202653]
O61 - LFC: 2015/08/26 17:18:28 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\fa915fba-7d94-4384-9d89-b0be22b5718a[1].exe   [3314280]
O61 - LFC: 2015/08/26 22:05:50 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\policyname[1].exe   [54658]
O61 - LFC: 2015/08/26 20:31:39 A . (.MyBrowser 1.0.2V26.08.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\quick_run[1].exe   [7717888]
O61 - LFC: 2015/08/26 19:04:05 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\setup[1].exe   [430256]
O61 - LFC: 2015/08/26 19:07:52 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\setup[2].exe   [0]
O61 - LFC: 2015/08/26 22:01:46 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\setup[3].exe   [1965128]
O61 - LFC: 2015/08/26 22:22:50 A . (.InstallMoon.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\setup[4].exe   [11695728]  =>PUP.Optional.CrossRider
O61 - LFC: 2015/08/26 22:00:16 A . (.Copyright 2013.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\Validate[2].exe   [61981]
O61 - LFC: 2015/08/26 22:04:05 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\4bbda52393b575e64d530bd478a6717b[1].exe   [59769]
O61 - LFC: 2015/08/26 19:46:53 A . (.The BoBrowser Authors.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\6ba38a01-4128-406f-9707-475d2124665b[1].exe   [40869496]
O61 - LFC: 2015/08/26 17:20:27 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\df555846-51d0-4437-b7a5-2aca349dd9f7[1].exe   [760456]
O61 - LFC: 2015/08/26 22:22:58 A . (.Cinema PlusV26.08.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\setup[1].exe   [8449024]
O61 - LFC: 2015/08/26 19:06:05 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\setup_gmsd_br[1].exe   [0]
O61 - LFC: 2015/08/26 20:54:09 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\Update_Notifier[1].exe   [514560]
O61 - LFC: 2015/08/26 17:21:43 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\urlblockindex[1].bin   [16]
O61 - LFC: 2015/08/26 22:00:36 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\wiAKkWW[1].exe   [165898]
O61 - LFC: 2015/08/26 19:08:24 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\ML375PAQ\ytaiesmt_smtyc_setup[1].exe   [0]
O61 - LFC: 2015/08/26 17:20:04 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\bd7ad051-5e94-48fa-a300-13d21ea0c3ad[1].exe   [1191592]
O61 - LFC: 2015/08/26 19:47:11 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe   [926832]
O61 - LFC: 2015/08/26 22:00:23 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\cmmdWriter[1].exe   [42510]
O61 - LFC: 2015/08/26 22:01:54 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\fdf809e7420bc26691f9efeb51b17a73[1].exe   [59819]
O61 - LFC: 2015/08/26 19:50:38 A . (.MyBrowser 1.0.2V26.08.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\quick_run[1].exe   [13916704]
O61 - LFC: 2015/08/26 20:53:53 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\runasu[1].exe   [477696]
O61 - LFC: 2015/08/26 20:54:14 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\SU_Srv[1].exe   [120832]
O61 - LFC: 2015/08/26 22:06:38 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\VuuPC_VO2_8907[1].exe   [230012]  =>PUP.Optional.VuuPC
O61 - LFC: 2015/08/26 19:03:41 A . (.Copyright (C) 2014.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\HQ7AOHSZ\BiTool[1].dll   [102912]
O61 - LFC: 2015/08/26 20:53:26 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\HQ7AOHSZ\JOSrv[1].exe   [227328]
O61 - LFC: 2015/08/26 22:03:48 A . (.Oleg N. Scherbakov.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\HQ7AOHSZ\pps001[1].exe   [727583]
O61 - LFC: 2015/08/26 22:13:57 A . (.systweak.com.) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\HQ7AOHSZ\rcpsetup_17970[1].exe   [4445480]
O61 - LFC: 2015/08/26 19:06:00 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\HQ7AOHSZ\setup[1].exe   [0]
O61 - LFC: 2015/08/26 20:53:28 A . (..) -- C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\HQ7AOHSZ\SFSetup[1].exe   [412544]
O61 - LFC: 2015/08/26 19:06:32 A . (..) -- C:\Users\darcio\AppData\Local\Kingdom Extension\Bin\cjwvowlf.dll   [11776]
O61 - LFC: 2015/08/26 19:06:32 A . (..) -- C:\Users\darcio\AppData\Local\Kingdom Extension\Bin\KingdomExtension.dll   [30720]
O61 - LFC: 2015/08/26 22:12:20 A . (..) -- C:\Users\darcio\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [1113849]
O61 - LFC: 2015/08/22 19:18:05 A . (..) -- C:\Users\darcio\AppData\Local\Adobe\Acrobat\DC\UserCache.bin   [74507]

---\\ Associações Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de inicialização Internet (12) - 1s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.123rede.com?oem=mbtkv5&uid=S3PWBER6_ST500LT012-1DG142&tm=1440107229 
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.seekmx.com/
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Listagem dos serviços iniciados pelo Svchost (36) - 3s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\WINDOWS\System32\aelupsvc.dll   [214528] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll   [156160] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll   [156160] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll   [329216] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll   [1356800] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll   [1084416] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll   [926208] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll   [31744] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll   [110080] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll   [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll   [110592] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll   [1265152] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll   [230400] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\WINDOWS\system32\mmcss.dll   [71168] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll   [135168] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll   [227328] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll   [339968] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll   [84992] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\WINDOWS\system32\kmsvc.dll   [101376] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll   [348672] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Estrutura de Localização do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll   [522240] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll   [1639424] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll   [59392] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll   [206848] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll   [166400] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll   [102912] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll   [542208] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll   [226816] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll   [73728] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll   [452608] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll   [313344] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll   [3704320] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll   [933376] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll   [640000] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll   [187904] ©
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\WINDOWS\System32\KeyboardFilterSvc.dll   [92992] ©

---\\ Lista das exceções do FireWall (FirewallRules) (5) - 6s
O87 - FAEL: "{634C10B6-3609-4514-8C98-27E3BFD9DE6E}" [In-None-P6-TRUE] .(.UltraVNC - VNCViewer.) -- C:\Program Files\UltraVNC\vncviewer.exe
O87 - FAEL: "{898B2A9B-42EA-4C35-8A34-2B5CB3491174}" [In-None-P17-TRUE] .(.UltraVNC - VNCViewer.) -- C:\Program Files\UltraVNC\vncviewer.exe
O87 - FAEL: "{DDB252D9-AEB2-4DEE-A78D-C36886EA3DC5}" [In-None-P6-TRUE] .(.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe
O87 - FAEL: "{3EBA943B-6790-411B-9261-88189F6DD8FC}" [In-None-P17-TRUE] .(...) -- C:\Users\darcio\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.)  =>PUP.Optional.BoBrowser
O87 - FAEL: "{48055C60-6F9E-48FF-9607-86B4147CDE24}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.)  =>PUP.Optional.CrossBrowse

---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (39) - 35s

SS - Auto   [2015/07/07 20:12:28] [   82128]  Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Auto   [2009/11/17 22:14:26] [   98208]  Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe ©
SS - Auto   [2014/08/14 05:19:28] [  322176]  AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe ©
SS - Demand [2012/06/05 15:56:28] [  266240]  BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe ©
SS - Demand [2014/09/30 22:12:06] [  280680]  Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SS - Auto   [2015/04/09 08:38:26] [  145288]  Dell Customer Connect (Dell Customer Connect) . (.Dell Inc..) - C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
SS - Auto   [2014/11/13 11:05:26] [   45936]  Dell Data Services (Dell Data Services) . (.Dell.) - C:\Program Files\Dell\Dell Data Services\DDSSvc.exe ©
SS - Auto   [2015/05/05 14:31:52] [   92528]  Dell Foundation Services (Dell Foundation Services) . (.Dell.) - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe ©
SS - Demand [2014/04/01 12:20:36] [  293440]  Dell Product Registration Manager (DellProdRegManager) . (.Aviata, Inc..) - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
SS - Auto   [2015/06/09 15:13:52] [  237272]  Dell Update Service (DellUpdate) . (.Dell Inc..) - C:\Program Files (x86)\Dell Update\DellUpService.exe
SS - Auto   [2015/08/26 20:11:52] [ 1375744]  ADSL Line Drawing (devyberu) . (...) - C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\knsn7070.tmpfs  =>PUP.Optional.CrossRider
SS - Auto   [2014/05/16 16:13:56] [  115656]  @oem68.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAM (DptfParticipantProcessorService) . (.Intel Corporation.) - C:\WINDOWS\system32\DptfParticipantProcessorService.exe ©
SS - Auto   [2014/05/16 16:13:56] [  148160]  @oem68.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME (DptfPolicyCriticalService) . (.Intel Corporation.) - C:\WINDOWS\system32\DptfPolicyCriticalService.exe ©
SR - Auto   [2015/06/02 13:48:36] [  579896]  Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SS - Auto   [2015/08/11 08:52:25] [  107848]  Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/08/11 08:52:25] [  107848]  Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Auto   [2013/11/21 08:31:44] [   15720]  Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ©
SS - Auto   [2014/09/30 22:12:04] [  318568]  Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\system32\igfxCUIService.exe ©
SR - Auto   [2013/08/27 14:32:14] [  747520]  Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SS - Demand [2013/08/27 14:32:30] [  828376]  Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe ©
SS - Auto   [2013/12/04 09:37:02] [  169432]  Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SS - Auto   [2015/08/26 20:53:26] [  227328]  Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\jnsiE161.tmp  =>PUP.Optional.CrossRider
SR - Auto   [2013/12/04 09:37:08] [  390616]  Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SS - Demand [2015/08/17 09:08:24] [  149160]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Auto   [2015/07/08 22:26:02] [  173088]  Net.Tcp Service Handler (NetTcpHandler) . (...) - C:\Users\darcio\AppData\Roaming\NetService\netservice.exe
SR - Auto   [2013/09/17 19:06:06] [ 3404832]  OfficeScan NT RealTime Scan (ntrtscan) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe
SS - Auto   [2012/01/27 07:49:08] [   35840]  OCS Inventory Service (OCS Inventory Service) . (.OCS Inventory NG.) - C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
SS - Demand [2014/01/10 05:32:50] [   25584]  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Se (PCDSRVC{D3412D80-CF3B4A27-06020200}_0) . (.PC-Doctor, Inc..) - c:\program files\My Dell\pcdsrvc_x64.pkms
SS - Auto   [2011/08/02 16:47:26] [  145256]  PDFProFiltSrvPP (PDFProFiltSrvPP) . (.Nuance Communications, Inc..) - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe ©
SS - Auto   [2014/07/22 03:07:24] [  291032]  Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ©
SS - Auto   [2015/01/23 14:24:24] [ 2020240]  SoftThinks Agent Service (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
SR - Demand [2013/06/13 11:12:04] [  571928]  Trend Micro Unauthorized Change Prevention Service (TMBMServer) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
SR - Auto   [2013/07/23 21:05:02] [ 3442640]  OfficeScan NT Listener (tmlisten) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
SR - Demand [2011/04/15 11:27:06] [  596736]  OfficeScan NT Firewall (TmPfw) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
SS - Auto   [2015/08/26 20:53:36] [  137728]  Delete Exit (totyseku) . (...) - C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\hnsa1A55.tmp  =>PUP.Optional.CrossRider
SS - Auto   [2014/12/24 23:27:12] [   94160]  TrueColorALS (TrueColorALS) . (...) - C:\Program Files\TrueColor\TrueColorALS.exe
SS - Auto   [2012/02/14 23:31:16] [ 2169056]  uvnc_service (uvnc_service) . (.UltraVNC.) - C:\Program Files\UltraVNC\winvnc.exe
SR - Auto   [2015/06/19 15:43:34] [  858424]  Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA.) - C:\Program Files\Diebold\Warsaw\core.exe

---\\ Scâner Aditional (12) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\devyberu  =>PUP.Optional.CrossRider
C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\knsn7070.tmpfs  =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko  =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\jimocoso  =>PUP.Optional.CrossRider
C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\jnsiE161.tmp  =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\totyseku  =>PUP.Optional.CrossRider
C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432\hnsa1A55.tmp  =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\Update Super Great  =>PUP.Optional.SuperGreat*
C:\WINDOWS\System32\Tasks\new tab helper oursurfing  =>PUP.Optional.OurSurfing
C:\Program Files (x86)\4C4C4544-1440633147-4E10-8037-C2C04F353432  =>PUP.Optional.CrossRider
C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\U11EL0LN\setup[4].exe  =>PUP.Optional.CrossRider
C:\Users\darcio\AppData\Local\Microsoft\Windows\INetCache\IE\LUQNU21U\VuuPC_VO2_8907[1].exe  =>PUP.Optional.VuuPC

---\\ Resumo dos elementos encontrados na sua estação de trabalho (6) - 0s
http://www.nicolascoolman.fr/pup-crossrider/  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog  =>PUP.Optional.SuperGreat*
http://www.nicolascoolman.fr/blog  =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/pup-vuupc/  =>PUP.Optional.VuuPC
http://www.nicolascoolman.fr/blog  =>PUP.Optional.BoBrowser
http://www.nicolascoolman.fr/blog  =>PUP.Optional.CrossBrowse

~ End of the scan, 18632 items in 323 seconds (830)(0)()