~ ZHPDiag v2015.9.7.137 Por Nicolas Coolman (2015/09/7) ~ iniciado por Usuario (Administrator) (2015/09/08 01:03:45) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Status da versão: Version OK ~ Modo: Scanner ~ Relatório: C:\Users\Usuario\Desktop\ZHPDiag.txt ~ Relatório: C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Inicialização do sistema: Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Navegadores Internet (3) - 0s GCIE: Google Chrome v45.0.2454.85 MFIE: Mozilla Firefox 40.0.3 (x86 pt-BR) v40.0.3 MSIE: Internet Explorer v11.0.9600.17031 ---\\ Informações sobre os produtos Windows (4) - 1s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Key Management Service client information : KO Windows Automatic Updates : KO ---\\ Softwares de proteçao do sistema (2) - 3s Avast Free Antivirus v10.3.2225 Windows Defender (Deactivate) ---\\ Monitoramento dos softwares (2) - 4s Adobe Flash Player 13 ActiveX Adobe Reader XI ---\\ Informações sobre o sistema (6) - 0s ~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 7816.86 MB (85% free) ~ System Restore: Activé (Enable) ~ System drive C: has 218 GB free of 476 GB ---\\ Modo de conexão ao sistema (3) - 0s ~ Computer Name: USER-PC ~ User Name: Usuario ~ Logged in as Administrator ---\\ Enumeração das unidades dos discos (2) - 0s ~ Drive C: has 218 GB free of 476 GB (System) ~ Drive E: has GB free of 5 GB ---\\ Estado do Centro de Segurança do Windows (10) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Pesquisa particular de ficheiros genéricos (24) - 1s [MD5.4CE0C733CDCF1D2F78532BBD9CE3441D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2373784] © [MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736] © [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [144384] © [MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2262016] © [MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [562176] © [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [447488] © [MD5.5A2020DDCCBB0ED08BAC2355A075F303] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\System32\dnsapi.dll [656384] © [MD5.2B9EED6835D269F35B310DC03D0F5768] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\Syswow64\dnsapi.dll [492544] © [MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [567296] © [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464] © [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576] © [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352] © [MD5.414686EF104910BA41DF66E83BDCD495] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134656] © [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [78336] © [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520] © [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848] © [MD5.16FFC07D36FD83ACA189A641385168B3] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402944] © [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624] © [MD5.9AEB38B451A7B84ACB7CD3D664F87BF0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2013016] © [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [94208] © [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832] © [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584] © [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520] © [MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [311640] © ---\\ Processos lançados (27) - 3s [MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.928] [MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1232] © [MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1096] © [MD5.6EB87FDB59AABF6D19C927492DEA0D36] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128] [PID.2132] © [MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.2156] © [MD5.1512820A57E2FF6F4103242EE7F39F1C] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp [721920] [PID.2608] =>PUP.Optional.CrossRider [MD5.6BAE8D679B877E2DF99EFB18435D908B] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp [721920] [PID.2884] =>PUP.Optional.CrossRider [MD5.4635935FC972C582632BF45C26BFCB0E] - (...) -- C:\Windows\SysWOW64\srvany.exe [8192] [PID.3056] [MD5.BCA43E19E7013331D99FF788EA6B42A0] - (...) -- C:\Windows\KMService.exe [151552] [PID.2052] [MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [786256] [PID.1444] © [MD5.4C5A162F20C58B523B29795291BEE6CC] - (.TODO: <公司名> - TODO: <文件说明>.) -- C:\Program Files (x86)\SFK\SSFK.exe [411648] [PID.2896] [MD5.3AF1E5ADFC3E0DEE256FF115259B0AF1] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112] [PID.2940] [MD5.CFC9B7B465283378D374D5E380D5D244] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280] [PID.1500] © [MD5.D342D91C92AC6DEDC692B183B1887652] - (.Copyright (C) 2015 - The Desktop Weather Service.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe [76264] [PID.2216] [MD5.A8334B73F0DB3E0B9612E6120A205A25] - (.ShenZhen Enode Techology co,.Ltd - Windows weather tool.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\weather.exe [1594856] [PID.1512] © [MD5.E0DA271341411C06CD94035AEA6D008F] - (.DTools LIMITED - DTools.) -- C:\ProgramData\5WdsManPro5\WdsManPro.exe [709288] [PID.3172] =>PUP.Optional.WdsManPro [MD5.28B2F630A8D33CC953A3F42A779B7876] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp [663040] [PID.3196] =>PUP.Optional.CrossRider [MD5.3375EFA8964C402A11A0593E7FB41269] - (...) -- C:\Program Files (x86)\SFK\SFKEX64.exe [122880] [PID.3208] [MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.4052] [MD5.838258B7655F2309F7BE63F844AF51BB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [170256] [PID.1460] © [MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4156] © [MD5.E8D96F840994291789F0CDE6800AC1A4] - (.Apple Inc. - iPodService Module (64-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [644880] [PID.4212] © [MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [6111824] [PID.5072] © [MD5.BC357FBB821D5B30F801ED59C2EC7602] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848] [PID.3696] [MD5.E912744B9E45C9D44845AB49FDC3B14A] - (.Goobzo LTD - .) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1111984] [PID.1812] =>PUP.Optional.ShopperPro [MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.4276] © [MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.1308] © ---\\ Google Chrome, Arranque,Pesquisa,Extensões (20) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.thanksearch.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://deliver.goo.mx/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://odin.goo.mx/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://static.zoom.com.br/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com/ G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (20) - 4s M0 - MFSP: prefs.js [Usuario - wy9su83x.default] http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9g3z8b&from=cmi&uid=ST500LM012XHN-M500MBB_S2ZYJ9BF301169 =>PUP.Optional.StartSearch P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\bing-.xml P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo_ff.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - EXT: (. - bestadblocker.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\0Mk@YEBUIS.com P2 - EXT: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\1441508975_xpi P2 - EXT: (.Microsoft Corporation - Bing Search.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bingsearch.full@microsoft.com © P2 - EXT: (. - PriceMinuS.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bX@of1.org P2 - EXT: (.roc - Default SearchProtected .) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\defsearchp@gmail.com P2 - EXT: (.lightningnewtab.com - deskCut.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab P2 - EXT: (.Goobzo - Shopper-Pro.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo P2 - EXT: (. - Web Protector.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{8a167a0d-2593-78be-dffa-baa301a8d989} P2 - FPN: [HKCU] [@hola.org/vlc] - (.Hola.) -- C:\Users\Usuario\AppData\Local\Hola\firefox\app\vlc\npvlc.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb64] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll © P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate ---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://br.yahoo.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Gestão do Proxy (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ---\\ Redireção do ficheiro Hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Objects do navegador (7) - 0s O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL © O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll © O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll © O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll © O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL © O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll © ---\\ Aplicações iniciadas por registo & pastas (23) - 2s O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe © O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe © O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe © O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe © O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE © O4 - HKCU\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe © O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe © O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe © O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe © O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe © O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE © O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe © ---\\ Atalhos globais Startup (3) - 2s O4 - GS\Desktop [Administrador]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect O4 - GS\Desktop [Convidado]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect O4 - GS\Desktop [Usuario]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect ---\\ Alteração Dominio/Clientes DNS (8) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = oficina.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = oficina.local ---\\ Protocolo adicional (22) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL © ---\\ Serviços NT não Microsoft e não desativados (24) - 3s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe © O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe © O23 - Service: Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider O23 - Service: Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © O23 - Service: Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe (.not file.) =>PUP.Optional.Office O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe © O23 - Service: NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © O23 - Service: SSFK (SSFK) . (.TODO: <公司名> - TODO: <文件说明>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe © O23 - Service: TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015 - The Desktop Weather Service.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe O23 - Service: Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider O23 - Service: Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe O23 - Service: Util Steel Cut (Util Steel Cut) . (...) - C:\Program Files (x86)\Steel Cut\bin\utilSteelCut.exe (.not file.) =>PUP.Optional.SteelCut* O23 - Service: WdsManPro Service (WdsManPro) . (.DTools LIMITED - DTools.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager O23 - Service: Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider ---\\ Listagem dos dados do BootExecute (1) - 0s O34 - HKLM BootExecute: (aswBoot.exe /M:54d3bb1c /wow /dir:"C:\Program Files\AVAST Software\Avast") ---\\ Software instalados (75) - 23s O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1 © O42 - Logiciel: DriverEasy 4.9.2 - (.Easeware.) [HKLM][64Bits] -- DriverEasy_is1 © O42 - Logiciel: The Desktop Weather 1.2 - (.ShenZhen Enode Techology co,.Ltd.) [HKLM][64Bits] -- WeatherTool © O42 - Logiciel: Web Protector Plus (uninstall only) - (...) [HKLM][64Bits] -- WebProtectorPlus =>PUP.Optional.WebProtector O42 - Logiciel: Java 7 Update 60 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417060FF} © O42 - Logiciel: SolidWorks eDrawings 2013 x64 - (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] -- {3F831724-DD10-4BC1-A1C3-92DD69169674} © O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {5CA7FC9B-8508-4494-B365-6FBCBAEB8E89} © O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4} © O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9} © O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {BFEAB774-C7DC-4032-B05A-DA5F7CB7B365} © O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX © O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.Optional.AnyProtect O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast © O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- br.com.nextel.apps.Fatura3G O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite © O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome © O42 - Logiciel: K-Lite Mega Codec Pack 1.38 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: LiveUpdateWPP - (.Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats..) [HKLM][64Bits] -- LiveUpdateWPP =>PUP.Optional.WebProtector O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 pt-BR) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService © O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.Optional.StartSearch O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin © O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer © O42 - Logiciel: The Sims 4 Spa Day Addon Pack with Bonus - (...) [HKLM][64Bits] -- VGhlU2ltczQ=_is1 O42 - Logiciel: Web Protector IE - (.WebProtector.) [HKLM][64Bits] -- WebProtector =>PUP.Optional.WebProtector O42 - Logiciel: Arquivo do WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM][64Bits] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A} © O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D} © O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {22124B84-93B2-4603-B212-146665E4B6B1} © O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0} © O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} © O42 - Logiciel: MPC-HC 1.6.3.5818 - (.MPC-HC Team.) [HKLM][64Bits] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 © O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF} © O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B} © O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {38BC5B60-4E70-470A-AE76-E06C15700C68} © O42 - Logiciel: Intel(R) Driver Update Utility 2.2 - (.Intel.) [HKLM][64Bits] -- {3EE9923D-3045-46AB-9CAA-E375993AEB4A} © O42 - Logiciel: The Sims™ 4 - (.Electronic Arts Inc..) [HKLM][64Bits] -- {48EBEBBF-B9F8-4520-A3CF-89A730721917} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} © O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} © O42 - Logiciel: Nero MediaHome - (.Nero AG.) [HKLM][64Bits] -- {62CFAD8C-4A87-490F-95F7-D10ED7501AD0} © O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} © O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {6B14A50A-389F-4628-BE69-DC56122F982B} © O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} © O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6EEF61AB-CC0B-4917-A3F2-97902CD11073} © O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- {7426D890-3D8D-37E1-F7D4-CACE0F69A967} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} © O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} © O42 - Logiciel: Nero Disc to Device - (.Nero AG.) [HKLM][64Bits] -- {82BF7616-508E-44A5-848F-41FE2C0829F1} © O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D} O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {98f335cd-0a32-4b3f-b74c-ef9480e834f0} © O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {9D780839-6E97-4E2A-A5F7-711AF221B609} © O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} © O42 - Logiciel: Nero Device Updates - (.Nero AG.) [HKLM][64Bits] -- {ABA7F64A-8CEB-4B59-84D9-B4D98CCD32D4} © O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} © O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001} © O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26} © O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {AF604D6A-9BE8-45FE-855E-B1AF13BEE88C} © O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {B3756FCF-13D3-460B-88D5-33CB88CE6CFA} © O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} © O42 - Logiciel: The Sims™ 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8} © O42 - Logiciel: Intel Driver Update Utility - (.Intel.) [HKLM][64Bits] -- {ca4bc3a8-b99c-4416-90d8-351a8ceab458} © O42 - Logiciel: SoundDown version 0.1 - (.NK Software.) [HKLM][64Bits] -- {DAFD1AE9-61A0-4B35-B4C6-D2367D77633A}_is1 O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74} © O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13} © O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © O42 - Logiciel: Nero 2015 - (.Nero AG.) [HKLM][64Bits] -- {F9592BA0-AA0D-454C-95AA-9782DF00CB4B} © O42 - Logiciel: Nero Burning Core - (.Nero AG.) [HKLM][64Bits] -- {FB41E96F-CE95-4181-9488-A501E9240978} © O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} © O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent O42 - Logiciel: WindowsAndroid version 4.0.3 - (.SocketeQ, Inc..) [HKCU][64Bits] -- {7E07052F-A4CE-4932-B066-B9203888439F}_is1 ---\\ HKCU & HKLM Software Keys (161) - 23s HKLM\SOFTWARE\Wow6432Node\3ivx HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\baidu HKLM\SOFTWARE\Wow6432Node\Baidu Security HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos HKLM\SOFTWARE\Wow6432Node\Canneverbe Limited HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\Claro 3G HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\Cyberlink HKLM\SOFTWARE\Wow6432Node\Disc Soft HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Maxis HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday HKLM\SOFTWARE\Wow6432Node\MyBrowser HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\On2 Technologies HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\Origin HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Reg HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro HKLM\SOFTWARE\Wow6432Node\Sims HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\Wow6432Node\TeamViewer HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch HKLM\SOFTWARE\Wow6432Node\TuneUp HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Virtools HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches HKLM\SOFTWARE\Wow6432Node\WebZen HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\3ivx HKCU\SOFTWARE\AC3filter HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\Ares HKCU\SOFTWARE\AutoHelpDesk HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Baidu Security HKCU\SOFTWARE\Baixaki HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser HKCU\SOFTWARE\btr7psaa4s7 HKCU\SOFTWARE\Canneverbe Limited HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\DriverToolkit HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\eDrawings HKCU\SOFTWARE\Electronic Arts HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo HKCU\SOFTWARE\GbAs HKCU\SOFTWARE\GbPlugin HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GSpot Appliance Corp HKCU\SOFTWARE\Haali HKCU\SOFTWARE\HaaliMkx HKCU\SOFTWARE\hGbZpg9u7J7ijJ HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\Hola HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday HKCU\SOFTWARE\MyBrowser HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser HKCU\SOFTWARE\Nero HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\OuhSUVFd7E6x7cWHF HKCU\SOFTWARE\PDFConvert HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\QuickTime Alternative HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Reg HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\shockwave.com HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Softland HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\teras games HKCU\SOFTWARE\Torch =>PUP.Optional.Torch HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TuneUp HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\UA7ucDhV HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera HKCU\SOFTWARE\WeatherTool HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\Webzen HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Adobe HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Macromedia ---\\ Conteúdo das pastas Programs (269) - 39s O43 - CFD: 2015/09/07 18:27:13 - [] D -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider O43 - CFD: 2015/09/06 13:53:35 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2014/10/16 23:13:51 - [] D -- C:\Program Files (x86)\Apple Software Update O43 - CFD: 2015/04/23 11:48:28 - [] D -- C:\Program Files (x86)\Baidu Security O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker O43 - CFD: 2015/08/01 02:20:09 - [] D -- C:\Program Files (x86)\Bonjour O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Claro 3G O43 - CFD: 2015/08/10 07:22:46 - [] D -- C:\Program Files (x86)\Cliente MuVenon O43 - CFD: 2015/09/06 13:53:38 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2015/09/05 20:42:23 - [] D -- C:\Program Files (x86)\Convertor O43 - CFD: 2014/12/31 16:56:48 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Deal Keeper O43 - CFD: 2014/08/01 00:12:25 - [] D -- C:\Program Files (x86)\Devworks O43 - CFD: 2015/04/15 11:33:39 - [] HD -- C:\Program Files (x86)\Diebold O43 - CFD: 2015/07/09 00:12:10 - [] D -- C:\Program Files (x86)\DriverToolkit O43 - CFD: 2015/08/15 15:09:15 - [] D -- C:\Program Files (x86)\Electronic Arts O43 - CFD: 2015/09/08 00:55:09 - [] AD -- C:\Program Files (x86)\GbPlugin O43 - CFD: 2015/09/05 22:53:10 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2014/07/07 13:05:43 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\InstallAffixationInfo O43 - CFD: 2015/09/04 11:51:14 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2015/06/08 02:10:27 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2015/09/05 23:11:25 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility O43 - CFD: 2014/03/18 08:09:47 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2015/08/13 20:25:40 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 2014/07/07 13:06:22 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2014/07/07 13:07:26 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 2015/06/23 13:24:16 - [] D -- C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector O43 - CFD: 2015/09/05 23:00:28 - [] D -- C:\Program Files (x86)\mbot_br_014010080 O43 - CFD: 2014/07/07 13:10:26 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2014/07/07 13:12:03 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2014/09/12 18:22:40 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 2014/07/07 13:10:41 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2014/09/23 22:09:15 - [] D -- C:\Program Files (x86)\Microsoft WSE O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/09/06 00:33:22 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/06/04 18:55:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\Program Files (x86)\MPC-HC O43 - CFD: 2014/07/07 13:12:21 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2015/04/20 21:10:48 - [] D -- C:\Program Files (x86)\MuLosT O43 - CFD: 2015/08/10 18:43:03 - [] D -- C:\Program Files (x86)\Nero O43 - CFD: 2015/04/21 11:54:41 - [] D -- C:\Program Files (x86)\Nextel Fatura Web 3.0 O43 - CFD: 2015/09/04 13:00:07 - [] D -- C:\Program Files (x86)\Opera O43 - CFD: 2015/09/05 18:34:33 - [] D -- C:\Program Files (x86)\Origin O43 - CFD: 2015/09/05 18:37:20 - [0] D -- C:\Program Files (x86)\Origin Games O43 - CFD: 2015/09/05 20:25:39 - [0] D -- C:\Program Files (x86)\predm =>PUP.Optional.Downware O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\Real O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\RealNetworks O43 - CFD: 2014/07/07 12:53:08 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/09/08 00:55:00 - [] D -- C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch O43 - CFD: 2015/09/05 22:58:50 - [] D -- C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro O43 - CFD: 2014/07/29 21:08:14 - [0] D -- C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup O43 - CFD: 2015/08/05 00:53:47 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\Program Files (x86)\SoundDown O43 - CFD: 2015/08/22 11:10:27 - [] D -- C:\Program Files (x86)\TeamViewer O43 - CFD: 2015/08/17 01:33:32 - [] D -- C:\Program Files (x86)\The Sims 4 O43 - CFD: 2015/09/05 23:27:57 - [] D -- C:\Program Files (x86)\UPCleaner O43 - CFD: 2014/07/29 21:21:49 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 2015/04/30 15:33:16 - [] D -- C:\Program Files (x86)\WeatherTool O43 - CFD: 2015/09/05 21:09:18 - [] D -- C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect O43 - CFD: 2015/09/05 21:09:19 - [] D -- C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2013/08/22 12:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 2014/07/07 13:07:39 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 2015/09/05 20:42:27 - [] D -- C:\Program Files (x86)\Winsta O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/01/01 00:16:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/02/16 18:22:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 2015/09/05 20:22:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro 3G O43 - CFD: 2014/12/31 16:56:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7 O43 - CFD: 2015/06/08 01:06:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy O43 - CFD: 2014/09/24 11:22:40 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/05/14 23:39:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gametrack O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2015/08/15 19:08:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 2015/09/05 23:11:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility O43 - CFD: 2015/08/13 20:26:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 2014/07/07 13:06:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2014/09/12 18:22:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC O43 - CFD: 2015/09/04 12:52:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday O43 - CFD: 2015/08/10 18:43:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero O43 - CFD: 2015/09/05 18:34:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 2014/10/10 22:58:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013 O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDown O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2014/03/18 07:03:09 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2015/06/23 00:52:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2015/06/08 01:17:21 - [] D -- C:\ProgramData\18145712802912383320 O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 2015/06/23 00:11:28 - [] D -- C:\ProgramData\3DVIA O43 - CFD: 2015/09/07 12:56:05 - [] D -- C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro O43 - CFD: 2015/09/07 22:58:22 - [] D -- C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro O43 - CFD: 2015/04/21 11:54:47 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2014/10/16 23:13:43 - [] D -- C:\ProgramData\Apple O43 - CFD: 2014/10/16 23:21:30 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2015/06/10 20:32:10 - [] D -- C:\ProgramData\Ashampoo O43 - CFD: 2015/09/05 20:03:34 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 2015/04/29 15:11:09 - [] D -- C:\ProgramData\baidu O43 - CFD: 2015/05/27 13:53:10 - [] D -- C:\ProgramData\Baidu Security O43 - CFD: 2015/03/22 16:20:57 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 2015/04/15 12:01:09 - [0] D -- C:\ProgramData\boost_interprocess O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser O43 - CFD: 2015/04/23 13:19:03 - [] D -- C:\ProgramData\Canneverbe Limited O43 - CFD: 2015/04/23 13:23:08 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\ProgramData\Convertor O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Dados de Aplicativos O43 - CFD: 2014/12/31 18:29:16 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2014/09/24 11:10:09 - [] D -- C:\ProgramData\EA Core O43 - CFD: 2015/09/05 18:34:36 - [] D -- C:\ProgramData\Electronic Arts O43 - CFD: 2015/04/15 11:29:58 - [] D -- C:\ProgramData\GAS Tecnologia O43 - CFD: 2015/08/29 19:22:26 - [] D -- C:\ProgramData\GbPlugin O43 - CFD: 2015/09/05 23:11:33 - [] D -- C:\ProgramData\Intel O43 - CFD: 2015/09/05 23:19:13 - [] D -- C:\ProgramData\IntelDLM O43 - CFD: 2015/09/05 23:28:31 - [] D -- C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro O43 - CFD: 2015/06/08 01:15:32 - [] D -- C:\ProgramData\koifhalnfoonpogbgiickmiggnkkhflf O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Menu Iniciar O43 - CFD: 2014/09/12 18:22:58 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2014/07/07 13:13:30 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Modelos O43 - CFD: 2014/07/07 13:04:51 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2015/09/05 20:09:20 - [] D -- C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro O43 - CFD: 2015/08/10 18:43:15 - [] D -- C:\ProgramData\Nero O43 - CFD: 2015/09/05 18:37:25 - [] D -- C:\ProgramData\Origin O43 - CFD: 2015/09/05 23:23:36 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2014/07/29 21:41:07 - [] D -- C:\ProgramData\Real O43 - CFD: 2014/07/29 21:35:09 - [] D -- C:\ProgramData\RealNetworks O43 - CFD: 2014/03/18 07:03:09 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 2015/09/06 00:12:10 - [] D -- C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro O43 - CFD: 2015/09/04 12:50:09 - [] D -- C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro O43 - CFD: 2015/08/05 00:53:46 - [] D -- C:\ProgramData\Skype O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2014/07/07 13:06:31 - [] D -- C:\ProgramData\Sun O43 - CFD: 2015/04/15 12:01:38 - [] D -- C:\ProgramData\Temp O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/04/23 13:25:32 - [] D -- C:\ProgramData\TuneUp Software O43 - CFD: 2015/06/08 01:20:22 - [] D -- C:\ProgramData\{f53b1ccf-bc55-15c7-f53b-b1ccfbc5733e} O43 - CFD: 2015/04/23 13:23:16 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 2014/07/07 13:05:09 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2015/06/04 14:11:13 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller O43 - CFD: 2014/07/07 13:06:30 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2014/07/07 13:12:25 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 2015/08/15 15:23:52 - [] D -- C:\Program Files (x86)\Common Files\Nero O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2014/10/10 22:58:07 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 2014/07/07 13:10:33 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2015/04/21 11:54:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Adobe O43 - CFD: 2015/09/06 00:15:47 - [] SHD -- C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2015/08/01 02:23:33 - [] D -- C:\Users\Usuario\AppData\Roaming\Apple Computer O43 - CFD: 2015/05/10 18:25:14 - [] D -- C:\Users\Usuario\AppData\Roaming\Ashampoo O43 - CFD: 2015/09/07 17:15:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASP O43 - CFD: 2015/09/05 22:50:50 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage O43 - CFD: 2015/09/05 20:24:50 - [] D -- C:\Users\Usuario\AppData\Roaming\AVAST Software O43 - CFD: 2015/04/21 11:54:51 - [] D -- C:\Users\Usuario\AppData\Roaming\br.com.nextel.apps.Fatura3G O43 - CFD: 2015/04/23 13:14:17 - [] D -- C:\Users\Usuario\AppData\Roaming\Canneverbe Limited O43 - CFD: 2014/12/31 18:29:13 - [] D -- C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 2015/06/08 01:06:24 - [] D -- C:\Users\Usuario\AppData\Roaming\Easeware O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\Users\Usuario\AppData\Roaming\help_images_otherUI O43 - CFD: 2015/08/15 15:08:44 - [0] D -- C:\Users\Usuario\AppData\Roaming\Hola O43 - CFD: 2015/09/04 22:12:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Identities O43 - CFD: 2014/07/18 23:41:07 - [] D -- C:\Users\Usuario\AppData\Roaming\Macromedia O43 - CFD: 2014/07/07 13:43:28 - [] D -- C:\Users\Usuario\AppData\Roaming\Media Player Classic O43 - CFD: 2015/07/01 02:02:28 - [] SD -- C:\Users\Usuario\AppData\Roaming\Microsoft O43 - CFD: 2014/07/30 21:26:13 - [] D -- C:\Users\Usuario\AppData\Roaming\Mozilla O43 - CFD: 2015/09/07 22:58:04 - [] D -- C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch O43 - CFD: 2015/02/16 15:00:42 - [] D -- C:\Users\Usuario\AppData\Roaming\Nero O43 - CFD: 2015/06/02 10:59:19 - [] D -- C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy O43 - CFD: 2014/07/30 21:32:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\Opera Software O43 - CFD: 2015/09/05 18:36:18 - [] D -- C:\Users\Usuario\AppData\Roaming\Origin O43 - CFD: 2015/09/05 20:42:21 - [] D -- C:\Users\Usuario\AppData\Roaming\PDFConvert O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\Users\Usuario\AppData\Roaming\PlusN O43 - CFD: 2014/07/29 21:41:00 - [] D -- C:\Users\Usuario\AppData\Roaming\Real O43 - CFD: 2014/07/29 21:36:06 - [] D -- C:\Users\Usuario\AppData\Roaming\RealNetworks O43 - CFD: 2014/07/29 21:08:04 - [0] D -- C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon O43 - CFD: 2015/08/05 01:09:41 - [] D -- C:\Users\Usuario\AppData\Roaming\Skype O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\Users\Usuario\AppData\Roaming\Softland O43 - CFD: 2015/09/05 20:08:42 - [] D -- C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage O43 - CFD: 2015/09/07 17:38:54 - [0] D -- C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak O43 - CFD: 2015/04/17 22:33:39 - [] D -- C:\Users\Usuario\AppData\Roaming\TeamViewer O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Roaming\TuneUp Software O43 - CFD: 2015/08/27 00:51:10 - [] D -- C:\Users\Usuario\AppData\Roaming\uTorrent O43 - CFD: 2014/08/04 09:34:35 - [] D -- C:\Users\Usuario\AppData\Roaming\vlc O43 - CFD: 2015/09/08 00:55:06 - [] D -- C:\Users\Usuario\AppData\Roaming\WeatherTool O43 - CFD: 2015/06/23 00:51:53 - [0] D -- C:\Users\Usuario\AppData\Roaming\WebExtend O43 - CFD: 2014/09/24 11:02:58 - [0] D -- C:\Users\Usuario\AppData\Roaming\WinRAR O43 - CFD: 2015/09/08 01:03:58 - [] D -- C:\Users\Usuario\AppData\Roaming\ZHP O43 - CFD: 2015/06/29 04:50:34 - [] SHD -- C:\Users\Usuario\AppData\Local\.# O43 - CFD: 2015/09/05 07:18:39 - [] D -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600 O43 - CFD: 2015/04/21 11:52:05 - [] D -- C:\Users\Usuario\AppData\Local\Adobe O43 - CFD: 2014/10/16 23:13:53 - [] D -- C:\Users\Usuario\AppData\Local\Apple O43 - CFD: 2014/10/16 23:22:22 - [] D -- C:\Users\Usuario\AppData\Local\Apple Computer O43 - CFD: 2015/08/08 22:27:00 - [] D -- C:\Users\Usuario\AppData\Local\Ares O43 - CFD: 2015/05/10 18:25:19 - [] D -- C:\Users\Usuario\AppData\Local\ashampoo O43 - CFD: 2015/09/04 12:50:42 - [] D -- C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper O43 - CFD: 2015/09/04 12:48:36 - [] D -- C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 2015/09/08 00:06:11 - [] D -- C:\Users\Usuario\AppData\Local\cu O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Dados de Aplicativos O43 - CFD: 2015/09/04 12:20:25 - [] D -- C:\Users\Usuario\AppData\Local\Diagnostics O43 - CFD: 2014/09/20 21:37:06 - [0] D -- C:\Users\Usuario\AppData\Local\DriverToolkit O43 - CFD: 2015/08/15 14:59:05 - [] D -- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieSiteList O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieUserList O43 - CFD: 2015/04/29 15:13:13 - [] D -- C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo O43 - CFD: 2015/04/15 12:01:09 - [] D -- C:\Users\Usuario\AppData\Local\GAS Tecnologia O43 - CFD: 2015/09/04 12:50:36 - [] D -- C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/08/02 08:38:59 - [] D -- C:\Users\Usuario\AppData\Local\Google O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Histórico O43 - CFD: 2015/08/10 15:12:34 - [] D -- C:\Users\Usuario\AppData\Local\Hola O43 - CFD: 2015/09/04 12:48:38 - [] D -- C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia O43 - CFD: 2015/09/05 23:12:15 - [] D -- C:\Users\Usuario\AppData\Local\Intel O43 - CFD: 2015/09/04 12:58:07 - [] D -- C:\Users\Usuario\AppData\Local\macasoft O43 - CFD: 2015/09/05 22:45:55 - [] D -- C:\Users\Usuario\AppData\Local\mbot_br_014010080 O43 - CFD: 2015/09/04 22:12:10 - [] D -- C:\Users\Usuario\AppData\Local\Microsoft O43 - CFD: 2014/07/07 13:10:20 - [0] D -- C:\Users\Usuario\AppData\Local\Microsoft Help O43 - CFD: 2014/07/30 21:26:16 - [] D -- C:\Users\Usuario\AppData\Local\Mozilla O43 - CFD: 2015/02/16 16:05:12 - [] D -- C:\Users\Usuario\AppData\Local\Nero O43 - CFD: 2015/02/16 15:01:03 - [] D -- C:\Users\Usuario\AppData\Local\Nero_AG O43 - CFD: 2015/09/04 12:59:57 - [0] D -- C:\Users\Usuario\AppData\Local\Opera Software O43 - CFD: 2015/09/05 18:36:33 - [] D -- C:\Users\Usuario\AppData\Local\Origin O43 - CFD: 2014/07/07 11:42:14 - [] D -- C:\Users\Usuario\AppData\Local\Packages O43 - CFD: 2014/07/07 13:02:31 - [] D -- C:\Users\Usuario\AppData\Local\Programs O43 - CFD: 2014/07/07 13:07:16 - [] D -- C:\Users\Usuario\AppData\Local\Skype O43 - CFD: 2015/07/01 22:46:01 - [] D -- C:\Users\Usuario\AppData\Local\TeamViewer O43 - CFD: 2015/09/08 01:05:00 - [] D -- C:\Users\Usuario\AppData\Local\Temp O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Temporary Internet Files O43 - CFD: 2014/11/08 01:47:51 - [] D -- C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Local\TuneUp Software O43 - CFD: 2015/06/29 04:46:42 - [] D -- C:\Users\Usuario\AppData\Local\VirtualStore O43 - CFD: 2015/09/04 13:01:42 - [] D -- C:\Users\Usuario\AppData\Local\VLCUpdate O43 - CFD: 2015/09/08 00:05:58 - [] D -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F} O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage O43 - CFD: 2013/08/22 12:36:32 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/06/03 06:06:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Invasion Season 6 Epi1 O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/03/22 16:48:30 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Últimos arquivos criados no Windows Prefetcher (7) - 25s O45 - LFCP:[MD5.1F15B736DC5B7E8A2EA95EA81F91B3B2] 2015/09/07 23:24:10 A -- C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect O45 - LFCP:[MD5.35221E842637E064BC8C0EE06632A727] 2015/09/04 12:51:43 A -- C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser O45 - LFCP:[MD5.71EDFEDF1BA780205B1467988F66A393] 2015/09/04 12:53:20 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate O45 - LFCP:[MD5.C633A403FD75D637B814535A927A1FF0] 2015/09/04 13:00:33 A -- C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser O45 - LFCP:[MD5.863DE1C0CE7452AB52F2B125D626CE01] 2015/09/05 20:26:27 A -- C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware O45 - LFCP:[MD5.D637D86E43BE665ABD492D563B8FB20D] 2015/09/05 20:38:34 A -- C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware O45 - LFCP:[MD5.7FB87DDD43AD25E61B6EB8FED3EFB826] 2015/09/07 17:14:32 A -- C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak ---\\ Lista dos drivers do sistema (50) - 6s O58 - SDL:2013/08/22 09:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] © O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] © O58 - SDL:2013/08/22 09:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] © O58 - SDL:2013/08/22 09:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] © O58 - SDL:2013/08/22 09:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] © O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] © O58 - SDL:2015/09/05 20:20:25 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] © O58 - SDL:2015/09/05 22:52:22 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] © O58 - SDL:2013/08/12 20:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] © O58 - SDL:2013/08/22 09:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] © O58 - SDL:2014/12/31 16:56:48 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283064] © O58 - SDL:2013/08/22 09:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] © O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240] © O58 - SDL:2013/08/22 09:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] © O58 - SDL:2013/07/30 15:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] © O58 - SDL:2013/07/25 16:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] © O58 - SDL:2013/08/09 21:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] © O58 - SDL:2013/08/22 09:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] © O58 - SDL:2015/05/26 21:02:50 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5375448] © O58 - SDL:2012/10/02 09:34:28 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528] © O58 - SDL:2013/04/26 04:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880] O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] © O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] © O58 - SDL:2013/08/22 09:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] © O58 - SDL:2015/01/16 17:22:32 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl64.sys [23040] © O58 - SDL:2013/06/18 11:46:02 A . (.JMicron Technology Corp. - JMicron NDIS6.30 Driver.) -- C:\Windows\System32\drivers\NETJME.sys [137728] O58 - SDL:2013/08/22 09:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] © O58 - SDL:2013/08/22 09:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] © O58 - SDL:2014/02/18 17:43:42 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3867224] © O58 - SDL:2014/01/10 07:08:56 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [3068120] © O58 - SDL:2013/08/22 12:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] © O58 - SDL:2015/06/04 03:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984] O58 - SDL:2013/08/22 09:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] © O58 - SDL:2013/08/22 09:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] © O58 - SDL:2013/08/22 09:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] © O58 - SDL:2013/08/22 09:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] © O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] © O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] © O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] © O58 - SDL:2013/08/22 09:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] © ---\\ Últimos ficheiros alterados ou criados (Utilizador) (43) - 92s O61 - LFC: 2015/09/08 00:05:34 A . (..) -- C:\Users\Usuario\AppData\Roaming\5.exe [1587531] O61 - LFC: 2015/09/07 04:36:52 A . (.TODO: .) -- C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe [375808] =>PUP.Optional.StartSearch O61 - LFC: 2015/09/05 20:44:08 A . (..) -- C:\Users\Usuario\AppData\Local\opeline.exe [77312] O61 - LFC: 2015/09/08 00:05:58 A . (.Alexander Roshal.) -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F}\Unrar.exe [309848] O61 - LFC: 2015/09/06 01:22:55 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992] O61 - LFC: 2015/09/07 12:56:08 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\cb369ad7b027b8588a356348424ef3c4[1].exe [85598] O61 - LFC: 2015/09/04 12:48:28 A . (.C.L.A.R.A.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe [152688] =>PUP.Optional.SupTab O61 - LFC: 2015/09/07 12:56:22 A . (.CinePlus-1.44V07.09.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\setup[1].exe [13889904] O61 - LFC: 2015/09/04 13:01:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\vlcDisN[1].exe [257184] O61 - LFC: 2015/09/04 12:56:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe [1079196] =>PUP.Optional.Downware O61 - LFC: 2015/09/06 23:27:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\W1[1].exe [1587531] O61 - LFC: 2015/09/07 12:56:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\4bbda52393b575e64d530bd478a6717b[1].exe [59769] O61 - LFC: 2015/09/07 23:03:12 A . (.AnyProtect.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe [6434816] =>PUP.Optional.AnyProtect O61 - LFC: 2015/09/04 12:47:51 A . (.ClaraLabs.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe [926832] =>PUP.Optional.BoBrowser O61 - LFC: 2015/09/05 20:13:23 A . (.YFFGH.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe [284672] =>PUP.Optional.ReImageRepair O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\runasu[1].exe [479232] O61 - LFC: 2015/09/07 22:58:33 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\setup_362[2].exe [254464] O61 - LFC: 2015/09/07 12:54:26 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\tiwr[1].exe [82914] O61 - LFC: 2015/09/07 23:00:33 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Validate[1].exe [61981] O61 - LFC: 2015/09/07 12:54:35 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4ba4c7c85b016c4112353cb428af62e9[1].exe [67295] O61 - LFC: 2015/09/06 23:02:51 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4diXZO[1].exe [1628019] O61 - LFC: 2015/09/05 23:27:42 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\bc595c310903369e50e3e112aefc06dc[1].exe [67786] O61 - LFC: 2015/09/07 23:00:16 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\BiTool[1].dll [0] O61 - LFC: 2015/09/07 22:58:11 A . (.WillLink.net.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe [350328] =>PUP.Optional.StartSearch O61 - LFC: 2015/09/07 22:58:15 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\df4a6a3ed77e60d6758afca091ca0c1f[1].exe [83223] O61 - LFC: 2015/09/04 12:55:16 A . (.OperaChecker.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\OperaChecker25-6[1].exe [50225] O61 - LFC: 2015/09/04 12:56:42 A . (.Optimal Software s.r.o..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\pcspeedup[1].exe [2889583] O61 - LFC: 2015/09/07 17:13:08 A . (.systweak.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\rcpsetup_17970[1].exe [4445480] O61 - LFC: 2015/09/05 20:13:55 A . (.MEIDX.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe [112640] =>PUP.Optional.ReImageRepair O61 - LFC: 2015/09/07 22:58:02 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\SearchUpdater[1].exe [124154] O61 - LFC: 2015/09/07 23:00:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\smt[2].exe [211114] O61 - LFC: 2015/09/05 23:27:00 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\8a919eab391df79420aa04a8eab4a225[1].exe [74207] O61 - LFC: 2015/09/07 23:02:31 A . (.CMI Limited.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe [613255] =>PUP.Optional.AnyProtect O61 - LFC: 2015/09/05 20:42:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\pdfconv[1].exe [2380368] O61 - LFC: 2015/09/04 12:55:45 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\setup[1].exe [298960] O61 - LFC: 2015/09/04 12:51:58 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Update_Notifier[1].exe [514560] O61 - LFC: 2015/09/07 00:15:19 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Validate[1].exe [61981] O61 - LFC: 2015/09/07 23:00:34 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe [228302] =>PUP.Optional.VuuPC O61 - LFC: 2015/09/05 18:32:50 A . (..) -- C:\Users\Usuario\AppData\Local\mbot_br_014010080\Download\myoffergroup_br4.exe [4191432] O61 - LFC: 2015/09/02 04:08:21 A . (..) -- C:\Users\Usuario\AppData\Local\macasoft\ntsvc.exe [109440] O61 - LFC: 2015/09/08 01:05:00 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\rnsmC3B5.exe [479232] O61 - LFC: 2015/09/04 12:51:59 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\Uninstall.exe [51745] ---\\ Associações Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de inicialização Internet (12) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/ © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Pesquisa de infeção nos navegadores da Internet (15) - 1s O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.newtab.url", "http://www.mystartsearch.com/newtab/?type=nt&ts=1441677446&z=c166da768c5193ed39bc5fdg7z3zdg7qdm3m[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.uid", "ST500LM012XHN-M500MBB_S2ZYJ9BF301169"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1441677446&z=c166da768c5193ed39bc5fdg7z[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.startup.homepage", "http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9[...] =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {86c83f9e-48a4-4cd2-a763-64fea5df35f7} - (Baixaki) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Yahoo! (Avast)) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {9B7E7224-E90A-4DDC-BAB5-3E1BA9B10F1E} - (Yahoo) - http://search.yahoo.com/ O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser ---\\ Listagem dos serviços iniciados pelo Svchost (36) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [208896] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [324608] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1311744] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1104384] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [903168] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [109568] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [150528] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [107008] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1214976] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [70656] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [220160] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [326656] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [81408] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [97792] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [339456] © O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Estrutura de Localização do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] © O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1576960] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [50688] © O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] © O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\Windows\System32\ncasvc.dll [164352] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [101376] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [534528] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [223744] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\sens.dll [71680] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [433664] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [306688] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3408384] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\Windows\System32\qmgr.dll [1017856] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [629760] © O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [183296] © O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464] © ---\\ Lista das exceções do FireWall (FirewallRules) (37) - 8s O87 - FAEL: "{E1BD2A40-E2F6-48C6-AD02-8805BA0903F2}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{210D7DAE-88DC-481D-B7CC-7C61048BEE39}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{4814FCF4-5096-4833-8EEC-2D5C29A4DE17}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{4C6C616A-271E-4712-BE9E-4B8A64F387CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{9A267A55-90BA-401E-AF47-1945D175F233}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{7F1E6C94-F340-4C5D-BED1-E580ACA0C93B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{74EF8B76-583A-4A14-A4E2-8D824C30D57C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{F7774D6D-28F3-4781-8C3C-739B3B3D2AEF}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{43121148-DD49-4804-B7E5-C719A8035EAA}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{F7AA6F13-24C2-401C-9F9D-B0A5AF20A410}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{A5F6F663-0C61-4ADD-8673-908455629424}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.) O87 - FAEL: "{1A800430-B91B-4B6E-8B1D-75E922A08A68}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.) O87 - FAEL: "{F99ACA02-C991-405A-8D86-64C141263A2B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.) O87 - FAEL: "{2B7F5B03-057B-4E7B-B19C-DB7B06D2E4D3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.) O87 - FAEL: "TCP Query User{3A6FA88F-05D0-4510-9195-A31F15627317}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "UDP Query User{F1D1E0BF-D43E-427B-89D4-6540A772DEB5}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "TCP Query User{DB08F5CE-7CF0-4C9F-97FF-664B3D6DEC11}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "UDP Query User{5B3B67C0-97E6-43FE-A879-4D37DC8333BC}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "{3E681E18-277A-40C1-A4BA-B75FEEAACC91}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.) O87 - FAEL: "{578000EB-97D7-4048-8A3F-930CF8FC9152}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.) O87 - FAEL: "{A16C3730-7DA6-4B45-A73D-9B08F267E6A8}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Chromium\Application\chrome.exe (.not file.) O87 - FAEL: "{257D6602-4544-4CFF-BBF7-727797B61911}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.) O87 - FAEL: "{48A77A51-0A68-42E5-9F61-CFEFF06EC89C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.) O87 - FAEL: "{B5C4D06D-7F12-4EE6-B34F-C07F8C908109}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.) O87 - FAEL: "{430C7100-78AE-41EE-9D72-2E51D1EACEDB}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.) O87 - FAEL: "{67C7A295-EBF6-4059-93BC-00A2F399CE1F}" [In-None-P6-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.) O87 - FAEL: "{EF7DD9D1-81AF-4FD4-A932-330FDAFD3A00}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.) O87 - FAEL: "TCP Query User{AF42ED1A-3D18-43C9-AC9D-D18E71D9E4CA}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "UDP Query User{B59305B2-5B2E-4CEB-96AE-ED593DEDF0F8}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "{D2B90792-A79F-48C8-AD7C-F0DB8930377B}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{2F45F081-A080-4EF7-9488-9DA287CD30BA}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{1EEC1E25-6F12-46D6-ADF2-528F3F13C3D7}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{EA10A06B-493F-45C2-8510-498486DA31DA}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{11F60FB4-C41B-4157-8833-FF5AD674AA2B}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{62323EE3-D449-4B28-AAD7-5DF38B19E086}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "TCP Query User{0C6489BA-5BB8-4491-878F-2161790978D3}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "UDP Query User{36096AC1-D582-43A2-81B7-0582EBB890E7}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) ---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (29) - 74s SR - Auto [2014/12/03 03:31:16] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SR - Auto [2015/05/29 18:51:26] [ 77128] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe © SR - Auto [2015/09/05 20:20:12] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © SR - Auto [2011/08/30 23:05:32] [ 462184] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe © SR - Auto [2015/09/07 13:12:18] [ 721920] Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider SS - Demand [2015/06/04 22:21:38] [ 280680] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe © SR - Auto [2015/07/16 05:52:52] [ 413848] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe SR - Auto [2015/08/12 18:25:54] [ 587576] Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe SS - Auto [2015/09/05 20:43:50] [ 120832] Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider SR - Auto [2015/09/07 16:52:32] [ 721920] Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider SS - Auto [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [2012/04/24 14:37:56] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe © SR - Demand [2015/08/13 02:43:14] [ 644880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe © SS - Auto [2015/09/05 20:43:52] [ 227328] Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider SS - Disabled [2015/06/04 15:40:20] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe © SR - Auto [2014/07/15 08:46:00] [ 786256] Nero Update (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe © SS - Auto [2015/09/05 20:43:57] [ 379904] NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © SR - Auto [2015/09/07 22:58:18] [ 411648] SSFK (SSFK) . (.TODO: <公司名>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch SR - Auto [2015/07/16 05:45:02] [ 105112] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe SR - Auto [2015/08/07 03:30:32] [ 5611280] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe © SR - Auto [2015/04/23 06:52:54] [ 76264] TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe SS - Auto [2015/09/05 20:44:02] [ 137728] Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider SS - Auto [2015/09/05 20:44:08] [ 77312] Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe SS - Demand [2015/07/16 05:52:52] [ 413848] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe SR - Auto [2015/09/07 22:58:12] [ 709288] WdsManPro Service (WdsManPro) . (.DTools LIMITED.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager SR - Auto [2015/09/06 16:32:50] [ 663040] Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider ---\\ Claves Tracing (2) - 5s HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam ---\\ Scâner Aditional (134) - 0s C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WdsManPro C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.Optional.ShopperPro C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro HKLM\SYSTEM\CurrentControlSet\Services\cikepiqu =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\goxezecy =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\jimocoso =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office HKLM\SYSTEM\CurrentControlSet\Services\NixSrv =>PUP.Optional.Amonetize C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize HKLM\SYSTEM\CurrentControlSet\Services\SSFK =>PUP.Optional.MyWebSearch C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch HKLM\SYSTEM\CurrentControlSet\Services\totyseku =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\Util Steel Cut =>PUP.Optional.SteelCut* HKLM\SYSTEM\CurrentControlSet\Services\WdsManPro =>PUP.Optional.WpManager C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager HKLM\SYSTEM\CurrentControlSet\Services\wimikimo =>PUP.Optional.CrossRider HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebProtectorPlus =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect =>PUP.Optional.AnyProtect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdateWPP =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebProtector =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\Torch =>PUP.Optional.Torch HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector C:\Program Files (x86)\predm =>PUP.Optional.Downware C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe =>PUP.Optional.StartSearch C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe =>PUP.Optional.SupTab C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe =>PUP.Optional.Downware C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe =>PUP.Optional.BoBrowser C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe =>PUP.Optional.ReImageRepair C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe =>PUP.Optional.StartSearch C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe =>PUP.Optional.ReImageRepair C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe =>PUP.Optional.VuuPC HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam ---\\ Resumo dos elementos encontrados na sua estação de trabalho (56) - 0s http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>PUP.Optional.WdsManPro http://www.nicolascoolman.fr/pup-shopperpro/ =>PUP.Optional.ShopperPro http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/blog =>PUP.Optional.BoBrowser http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect http://www.nicolascoolman.fr/hijacker-office/ =>PUP.Optional.Office http://www.nicolascoolman.fr/pup-amonetize/ =>PUP.Optional.Amonetize http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.SteelCut* http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtector http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse http://www.nicolascoolman.fr/blog =>PUP.Optional.DownChecker http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBestOffersToday http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak http://www.nicolascoolman.fr/pup-termBlazer/ =>PUP.Optional.TermBlazer http://www.nicolascoolman.fr/pup-optional-termcoach =>PUP.Optional.TermCoach http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive http://www.nicolascoolman.fr/pup-bprotector/ =>PUP.Optional.BProtector http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser http://www.nicolascoolman.fr/blog =>PUP.Optional.Gameo http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBrowser http://www.nicolascoolman.fr/adware-installcore/ =>Adware.InstallCore http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtect http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser http://www.nicolascoolman.fr/blog =>PUP.Optional.ASPackage http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserHelper http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair http://www.nicolascoolman.fr/pup-vuupc/ =>PUP.Optional.VuuPC http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser http://www.nicolascoolman.fr/pup-kmspico/ =>HackTool.KMSpico http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam ~ End of the scan, 20432 items in 346 seconds (1210)(0)() ---\\ Navegadores Internet (3) - 0s GCIE: Google Chrome v45.0.2454.85 MFIE: Mozilla Firefox 40.0.3 (x86 pt-BR) v40.0.3 MSIE: Internet Explorer v11.0.9600.17031 ---\\ Informações sobre os produtos Windows (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Key Management Service client information : KO Windows Automatic Updates : KO ---\\ Softwares de proteçao do sistema (2) - 3s Avast Free Antivirus v10.3.2225 Windows Defender (Deactivate) ---\\ Monitoramento dos softwares (2) - 4s Adobe Flash Player 13 ActiveX Adobe Reader XI ---\\ Informações sobre o sistema (6) - 0s ~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 7816.86 MB (85% free) ~ System Restore: Activé (Enable) ~ System drive C: has 218 GB free of 476 GB ---\\ Modo de conexão ao sistema (3) - 0s ~ Computer Name: USER-PC ~ User Name: Usuario ~ Logged in as Administrator ---\\ Enumeração das unidades dos discos (2) - 0s ~ Drive C: has 218 GB free of 476 GB (System) ~ Drive E: has GB free of 5 GB ---\\ Estado do Centro de Segurança do Windows (10) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Pesquisa particular de ficheiros genéricos (24) - 1s [MD5.4CE0C733CDCF1D2F78532BBD9CE3441D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2373784] © [MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736] © [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [144384] © [MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2262016] © [MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [562176] © [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [447488] © [MD5.5A2020DDCCBB0ED08BAC2355A075F303] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\System32\dnsapi.dll [656384] © [MD5.2B9EED6835D269F35B310DC03D0F5768] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\Syswow64\dnsapi.dll [492544] © [MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [567296] © [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464] © [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576] © [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352] © [MD5.414686EF104910BA41DF66E83BDCD495] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134656] © [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [78336] © [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520] © [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848] © [MD5.16FFC07D36FD83ACA189A641385168B3] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402944] © [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624] © [MD5.9AEB38B451A7B84ACB7CD3D664F87BF0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2013016] © [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [94208] © [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832] © [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584] © [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520] © [MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [311640] © ---\\ Processos lançados (27) - 2s [MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.928] [MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1232] © [MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1096] © [MD5.6EB87FDB59AABF6D19C927492DEA0D36] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128] [PID.2132] © [MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.2156] © [MD5.1512820A57E2FF6F4103242EE7F39F1C] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp [721920] [PID.2608] =>PUP.Optional.CrossRider [MD5.6BAE8D679B877E2DF99EFB18435D908B] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp [721920] [PID.2884] =>PUP.Optional.CrossRider [MD5.4635935FC972C582632BF45C26BFCB0E] - (...) -- C:\Windows\SysWOW64\srvany.exe [8192] [PID.3056] [MD5.BCA43E19E7013331D99FF788EA6B42A0] - (...) -- C:\Windows\KMService.exe [151552] [PID.2052] [MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [786256] [PID.1444] © [MD5.4C5A162F20C58B523B29795291BEE6CC] - (.TODO: <公司名> - TODO: <文件说明>.) -- C:\Program Files (x86)\SFK\SSFK.exe [411648] [PID.2896] [MD5.3AF1E5ADFC3E0DEE256FF115259B0AF1] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112] [PID.2940] [MD5.CFC9B7B465283378D374D5E380D5D244] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280] [PID.1500] © [MD5.D342D91C92AC6DEDC692B183B1887652] - (.Copyright (C) 2015 - The Desktop Weather Service.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe [76264] [PID.2216] [MD5.A8334B73F0DB3E0B9612E6120A205A25] - (.ShenZhen Enode Techology co,.Ltd - Windows weather tool.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\weather.exe [1594856] [PID.1512] © [MD5.E0DA271341411C06CD94035AEA6D008F] - (.DTools LIMITED - DTools.) -- C:\ProgramData\5WdsManPro5\WdsManPro.exe [709288] [PID.3172] =>PUP.Optional.WdsManPro [MD5.28B2F630A8D33CC953A3F42A779B7876] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp [663040] [PID.3196] =>PUP.Optional.CrossRider [MD5.3375EFA8964C402A11A0593E7FB41269] - (...) -- C:\Program Files (x86)\SFK\SFKEX64.exe [122880] [PID.3208] [MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.4052] [MD5.838258B7655F2309F7BE63F844AF51BB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [170256] [PID.1460] © [MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4156] © [MD5.E8D96F840994291789F0CDE6800AC1A4] - (.Apple Inc. - iPodService Module (64-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [644880] [PID.4212] © [MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [6111824] [PID.5072] © [MD5.BC357FBB821D5B30F801ED59C2EC7602] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848] [PID.3696] [MD5.E912744B9E45C9D44845AB49FDC3B14A] - (.Goobzo LTD - .) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1111984] [PID.1812] =>PUP.Optional.ShopperPro [MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.4276] © [MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.1308] © ---\\ Google Chrome, Arranque,Pesquisa,Extensões (20) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.thanksearch.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://deliver.goo.mx/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://odin.goo.mx/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://static.zoom.com.br/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com/ G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (20) - 3s M0 - MFSP: prefs.js [Usuario - wy9su83x.default] http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9g3z8b&from=cmi&uid=ST500LM012XHN-M500MBB_S2ZYJ9BF301169 =>PUP.Optional.StartSearch P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\bing-.xml P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo_ff.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - EXT: (. - bestadblocker.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\0Mk@YEBUIS.com P2 - EXT: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\1441508975_xpi P2 - EXT: (.Microsoft Corporation - Bing Search.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bingsearch.full@microsoft.com © P2 - EXT: (. - PriceMinuS.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bX@of1.org P2 - EXT: (.roc - Default SearchProtected .) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\defsearchp@gmail.com P2 - EXT: (.lightningnewtab.com - deskCut.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab P2 - EXT: (.Goobzo - Shopper-Pro.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo P2 - EXT: (. - Web Protector.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{8a167a0d-2593-78be-dffa-baa301a8d989} P2 - FPN: [HKCU] [@hola.org/vlc] - (.Hola.) -- C:\Users\Usuario\AppData\Local\Hola\firefox\app\vlc\npvlc.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb64] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll © P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate ---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://br.yahoo.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Gestão do Proxy (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ---\\ Redireção do ficheiro Hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Objects do navegador (7) - 0s O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL © O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll © O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll © O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll © O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL © O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll © ---\\ Aplicações iniciadas por registo & pastas (23) - 1s O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe © O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe © O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe © O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe © O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE © O4 - HKCU\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe © O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe © O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe © O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe © O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe © O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE © O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe © ---\\ Atalhos globais Startup (3) - 3s O4 - GS\Desktop [Administrador]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect O4 - GS\Desktop [Convidado]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect O4 - GS\Desktop [Usuario]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect ---\\ Alteração Dominio/Clientes DNS (8) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = oficina.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = oficina.local ---\\ Protocolo adicional (22) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL © ---\\ Serviços NT não Microsoft e não desativados (24) - 3s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe © O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe © O23 - Service: Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider O23 - Service: Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © O23 - Service: Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe (.not file.) =>PUP.Optional.Office O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe © O23 - Service: NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © O23 - Service: SSFK (SSFK) . (.TODO: <公司名> - TODO: <文件说明>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe © O23 - Service: TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015 - The Desktop Weather Service.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe O23 - Service: Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider O23 - Service: Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe O23 - Service: Util Steel Cut (Util Steel Cut) . (...) - C:\Program Files (x86)\Steel Cut\bin\utilSteelCut.exe (.not file.) =>PUP.Optional.SteelCut* O23 - Service: WdsManPro Service (WdsManPro) . (.DTools LIMITED - DTools.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager O23 - Service: Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider ---\\ Listagem dos dados do BootExecute (1) - 0s O34 - HKLM BootExecute: (aswBoot.exe /M:54d3bb1c /wow /dir:"C:\Program Files\AVAST Software\Avast") ---\\ Software instalados (75) - 23s O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1 © O42 - Logiciel: DriverEasy 4.9.2 - (.Easeware.) [HKLM][64Bits] -- DriverEasy_is1 © O42 - Logiciel: The Desktop Weather 1.2 - (.ShenZhen Enode Techology co,.Ltd.) [HKLM][64Bits] -- WeatherTool © O42 - Logiciel: Web Protector Plus (uninstall only) - (...) [HKLM][64Bits] -- WebProtectorPlus =>PUP.Optional.WebProtector O42 - Logiciel: Java 7 Update 60 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417060FF} © O42 - Logiciel: SolidWorks eDrawings 2013 x64 - (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] -- {3F831724-DD10-4BC1-A1C3-92DD69169674} © O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {5CA7FC9B-8508-4494-B365-6FBCBAEB8E89} © O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4} © O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9} © O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {BFEAB774-C7DC-4032-B05A-DA5F7CB7B365} © O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX © O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.Optional.AnyProtect O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast © O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- br.com.nextel.apps.Fatura3G O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite © O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome © O42 - Logiciel: K-Lite Mega Codec Pack 1.38 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: LiveUpdateWPP - (.Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats..) [HKLM][64Bits] -- LiveUpdateWPP =>PUP.Optional.WebProtector O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 pt-BR) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService © O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.Optional.StartSearch O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin © O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer © O42 - Logiciel: The Sims 4 Spa Day Addon Pack with Bonus - (...) [HKLM][64Bits] -- VGhlU2ltczQ=_is1 O42 - Logiciel: Web Protector IE - (.WebProtector.) [HKLM][64Bits] -- WebProtector =>PUP.Optional.WebProtector O42 - Logiciel: Arquivo do WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM][64Bits] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A} © O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D} © O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {22124B84-93B2-4603-B212-146665E4B6B1} © O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0} © O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} © O42 - Logiciel: MPC-HC 1.6.3.5818 - (.MPC-HC Team.) [HKLM][64Bits] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 © O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF} © O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B} © O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {38BC5B60-4E70-470A-AE76-E06C15700C68} © O42 - Logiciel: Intel(R) Driver Update Utility 2.2 - (.Intel.) [HKLM][64Bits] -- {3EE9923D-3045-46AB-9CAA-E375993AEB4A} © O42 - Logiciel: The Sims™ 4 - (.Electronic Arts Inc..) [HKLM][64Bits] -- {48EBEBBF-B9F8-4520-A3CF-89A730721917} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} © O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} © O42 - Logiciel: Nero MediaHome - (.Nero AG.) [HKLM][64Bits] -- {62CFAD8C-4A87-490F-95F7-D10ED7501AD0} © O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} © O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {6B14A50A-389F-4628-BE69-DC56122F982B} © O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} © O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6EEF61AB-CC0B-4917-A3F2-97902CD11073} © O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- {7426D890-3D8D-37E1-F7D4-CACE0F69A967} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} © O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} © O42 - Logiciel: Nero Disc to Device - (.Nero AG.) [HKLM][64Bits] -- {82BF7616-508E-44A5-848F-41FE2C0829F1} © O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D} O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {98f335cd-0a32-4b3f-b74c-ef9480e834f0} © O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {9D780839-6E97-4E2A-A5F7-711AF221B609} © O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} © O42 - Logiciel: Nero Device Updates - (.Nero AG.) [HKLM][64Bits] -- {ABA7F64A-8CEB-4B59-84D9-B4D98CCD32D4} © O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} © O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001} © O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26} © O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {AF604D6A-9BE8-45FE-855E-B1AF13BEE88C} © O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {B3756FCF-13D3-460B-88D5-33CB88CE6CFA} © O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} © O42 - Logiciel: The Sims™ 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8} © O42 - Logiciel: Intel Driver Update Utility - (.Intel.) [HKLM][64Bits] -- {ca4bc3a8-b99c-4416-90d8-351a8ceab458} © O42 - Logiciel: SoundDown version 0.1 - (.NK Software.) [HKLM][64Bits] -- {DAFD1AE9-61A0-4B35-B4C6-D2367D77633A}_is1 O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74} © O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13} © O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © O42 - Logiciel: Nero 2015 - (.Nero AG.) [HKLM][64Bits] -- {F9592BA0-AA0D-454C-95AA-9782DF00CB4B} © O42 - Logiciel: Nero Burning Core - (.Nero AG.) [HKLM][64Bits] -- {FB41E96F-CE95-4181-9488-A501E9240978} © O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} © O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent O42 - Logiciel: WindowsAndroid version 4.0.3 - (.SocketeQ, Inc..) [HKCU][64Bits] -- {7E07052F-A4CE-4932-B066-B9203888439F}_is1 ---\\ HKCU & HKLM Software Keys (161) - 23s HKLM\SOFTWARE\Wow6432Node\3ivx HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\baidu HKLM\SOFTWARE\Wow6432Node\Baidu Security HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos HKLM\SOFTWARE\Wow6432Node\Canneverbe Limited HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\Claro 3G HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\Cyberlink HKLM\SOFTWARE\Wow6432Node\Disc Soft HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Maxis HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday HKLM\SOFTWARE\Wow6432Node\MyBrowser HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\On2 Technologies HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\Origin HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Reg HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro HKLM\SOFTWARE\Wow6432Node\Sims HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\Wow6432Node\TeamViewer HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch HKLM\SOFTWARE\Wow6432Node\TuneUp HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Virtools HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches HKLM\SOFTWARE\Wow6432Node\WebZen HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\3ivx HKCU\SOFTWARE\AC3filter HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\Ares HKCU\SOFTWARE\AutoHelpDesk HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Baidu Security HKCU\SOFTWARE\Baixaki HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser HKCU\SOFTWARE\btr7psaa4s7 HKCU\SOFTWARE\Canneverbe Limited HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\DriverToolkit HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\eDrawings HKCU\SOFTWARE\Electronic Arts HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo HKCU\SOFTWARE\GbAs HKCU\SOFTWARE\GbPlugin HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GSpot Appliance Corp HKCU\SOFTWARE\Haali HKCU\SOFTWARE\HaaliMkx HKCU\SOFTWARE\hGbZpg9u7J7ijJ HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\Hola HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday HKCU\SOFTWARE\MyBrowser HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser HKCU\SOFTWARE\Nero HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\OuhSUVFd7E6x7cWHF HKCU\SOFTWARE\PDFConvert HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\QuickTime Alternative HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Reg HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\shockwave.com HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Softland HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\teras games HKCU\SOFTWARE\Torch =>PUP.Optional.Torch HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TuneUp HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\UA7ucDhV HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera HKCU\SOFTWARE\WeatherTool HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\Webzen HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Adobe HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Macromedia ---\\ Conteúdo das pastas Programs (269) - 39s O43 - CFD: 2015/09/07 18:27:13 - [] D -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider O43 - CFD: 2015/09/06 13:53:35 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2014/10/16 23:13:51 - [] D -- C:\Program Files (x86)\Apple Software Update O43 - CFD: 2015/04/23 11:48:28 - [] D -- C:\Program Files (x86)\Baidu Security O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker O43 - CFD: 2015/08/01 02:20:09 - [] D -- C:\Program Files (x86)\Bonjour O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Claro 3G O43 - CFD: 2015/08/10 07:22:46 - [] D -- C:\Program Files (x86)\Cliente MuVenon O43 - CFD: 2015/09/06 13:53:38 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2015/09/05 20:42:23 - [] D -- C:\Program Files (x86)\Convertor O43 - CFD: 2014/12/31 16:56:48 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Deal Keeper O43 - CFD: 2014/08/01 00:12:25 - [] D -- C:\Program Files (x86)\Devworks O43 - CFD: 2015/04/15 11:33:39 - [] HD -- C:\Program Files (x86)\Diebold O43 - CFD: 2015/07/09 00:12:10 - [] D -- C:\Program Files (x86)\DriverToolkit O43 - CFD: 2015/08/15 15:09:15 - [] D -- C:\Program Files (x86)\Electronic Arts O43 - CFD: 2015/09/08 00:55:09 - [] AD -- C:\Program Files (x86)\GbPlugin O43 - CFD: 2015/09/05 22:53:10 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2014/07/07 13:05:43 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\InstallAffixationInfo O43 - CFD: 2015/09/04 11:51:14 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2015/06/08 02:10:27 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2015/09/05 23:11:25 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility O43 - CFD: 2014/03/18 08:09:47 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2015/08/13 20:25:40 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 2014/07/07 13:06:22 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2014/07/07 13:07:26 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 2015/06/23 13:24:16 - [] D -- C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector O43 - CFD: 2015/09/05 23:00:28 - [] D -- C:\Program Files (x86)\mbot_br_014010080 O43 - CFD: 2014/07/07 13:10:26 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2014/07/07 13:12:03 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2014/09/12 18:22:40 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 2014/07/07 13:10:41 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2014/09/23 22:09:15 - [] D -- C:\Program Files (x86)\Microsoft WSE O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/09/06 00:33:22 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/06/04 18:55:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\Program Files (x86)\MPC-HC O43 - CFD: 2014/07/07 13:12:21 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2015/04/20 21:10:48 - [] D -- C:\Program Files (x86)\MuLosT O43 - CFD: 2015/08/10 18:43:03 - [] D -- C:\Program Files (x86)\Nero O43 - CFD: 2015/04/21 11:54:41 - [] D -- C:\Program Files (x86)\Nextel Fatura Web 3.0 O43 - CFD: 2015/09/04 13:00:07 - [] D -- C:\Program Files (x86)\Opera O43 - CFD: 2015/09/05 18:34:33 - [] D -- C:\Program Files (x86)\Origin O43 - CFD: 2015/09/05 18:37:20 - [0] D -- C:\Program Files (x86)\Origin Games O43 - CFD: 2015/09/05 20:25:39 - [0] D -- C:\Program Files (x86)\predm =>PUP.Optional.Downware O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\Real O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\RealNetworks O43 - CFD: 2014/07/07 12:53:08 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/09/08 00:55:00 - [] D -- C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch O43 - CFD: 2015/09/05 22:58:50 - [] D -- C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro O43 - CFD: 2014/07/29 21:08:14 - [0] D -- C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup O43 - CFD: 2015/08/05 00:53:47 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\Program Files (x86)\SoundDown O43 - CFD: 2015/08/22 11:10:27 - [] D -- C:\Program Files (x86)\TeamViewer O43 - CFD: 2015/08/17 01:33:32 - [] D -- C:\Program Files (x86)\The Sims 4 O43 - CFD: 2015/09/05 23:27:57 - [] D -- C:\Program Files (x86)\UPCleaner O43 - CFD: 2014/07/29 21:21:49 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 2015/04/30 15:33:16 - [] D -- C:\Program Files (x86)\WeatherTool O43 - CFD: 2015/09/05 21:09:18 - [] D -- C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect O43 - CFD: 2015/09/05 21:09:19 - [] D -- C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2013/08/22 12:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 2014/07/07 13:07:39 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 2015/09/05 20:42:27 - [] D -- C:\Program Files (x86)\Winsta O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/01/01 00:16:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/02/16 18:22:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 2015/09/05 20:22:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro 3G O43 - CFD: 2014/12/31 16:56:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7 O43 - CFD: 2015/06/08 01:06:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy O43 - CFD: 2014/09/24 11:22:40 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/05/14 23:39:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gametrack O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2015/08/15 19:08:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 2015/09/05 23:11:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility O43 - CFD: 2015/08/13 20:26:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 2014/07/07 13:06:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2014/09/12 18:22:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC O43 - CFD: 2015/09/04 12:52:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday O43 - CFD: 2015/08/10 18:43:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero O43 - CFD: 2015/09/05 18:34:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 2014/10/10 22:58:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013 O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDown O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2014/03/18 07:03:09 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2015/06/23 00:52:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2015/06/08 01:17:21 - [] D -- C:\ProgramData\18145712802912383320 O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 2015/06/23 00:11:28 - [] D -- C:\ProgramData\3DVIA O43 - CFD: 2015/09/07 12:56:05 - [] D -- C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro O43 - CFD: 2015/09/07 22:58:22 - [] D -- C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro O43 - CFD: 2015/04/21 11:54:47 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2014/10/16 23:13:43 - [] D -- C:\ProgramData\Apple O43 - CFD: 2014/10/16 23:21:30 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2015/06/10 20:32:10 - [] D -- C:\ProgramData\Ashampoo O43 - CFD: 2015/09/05 20:03:34 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 2015/04/29 15:11:09 - [] D -- C:\ProgramData\baidu O43 - CFD: 2015/05/27 13:53:10 - [] D -- C:\ProgramData\Baidu Security O43 - CFD: 2015/03/22 16:20:57 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 2015/04/15 12:01:09 - [0] D -- C:\ProgramData\boost_interprocess O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser O43 - CFD: 2015/04/23 13:19:03 - [] D -- C:\ProgramData\Canneverbe Limited O43 - CFD: 2015/04/23 13:23:08 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\ProgramData\Convertor O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Dados de Aplicativos O43 - CFD: 2014/12/31 18:29:16 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2014/09/24 11:10:09 - [] D -- C:\ProgramData\EA Core O43 - CFD: 2015/09/05 18:34:36 - [] D -- C:\ProgramData\Electronic Arts O43 - CFD: 2015/04/15 11:29:58 - [] D -- C:\ProgramData\GAS Tecnologia O43 - CFD: 2015/08/29 19:22:26 - [] D -- C:\ProgramData\GbPlugin O43 - CFD: 2015/09/05 23:11:33 - [] D -- C:\ProgramData\Intel O43 - CFD: 2015/09/05 23:19:13 - [] D -- C:\ProgramData\IntelDLM O43 - CFD: 2015/09/05 23:28:31 - [] D -- C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro O43 - CFD: 2015/06/08 01:15:32 - [] D -- C:\ProgramData\koifhalnfoonpogbgiickmiggnkkhflf O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Menu Iniciar O43 - CFD: 2014/09/12 18:22:58 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2014/07/07 13:13:30 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Modelos O43 - CFD: 2014/07/07 13:04:51 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2015/09/05 20:09:20 - [] D -- C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro O43 - CFD: 2015/08/10 18:43:15 - [] D -- C:\ProgramData\Nero O43 - CFD: 2015/09/05 18:37:25 - [] D -- C:\ProgramData\Origin O43 - CFD: 2015/09/05 23:23:36 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2014/07/29 21:41:07 - [] D -- C:\ProgramData\Real O43 - CFD: 2014/07/29 21:35:09 - [] D -- C:\ProgramData\RealNetworks O43 - CFD: 2014/03/18 07:03:09 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 2015/09/06 00:12:10 - [] D -- C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro O43 - CFD: 2015/09/04 12:50:09 - [] D -- C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro O43 - CFD: 2015/08/05 00:53:46 - [] D -- C:\ProgramData\Skype O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2014/07/07 13:06:31 - [] D -- C:\ProgramData\Sun O43 - CFD: 2015/04/15 12:01:38 - [] D -- C:\ProgramData\Temp O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/04/23 13:25:32 - [] D -- C:\ProgramData\TuneUp Software O43 - CFD: 2015/06/08 01:20:22 - [] D -- C:\ProgramData\{f53b1ccf-bc55-15c7-f53b-b1ccfbc5733e} O43 - CFD: 2015/04/23 13:23:16 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 2014/07/07 13:05:09 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2015/06/04 14:11:13 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller O43 - CFD: 2014/07/07 13:06:30 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2014/07/07 13:12:25 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 2015/08/15 15:23:52 - [] D -- C:\Program Files (x86)\Common Files\Nero O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2014/10/10 22:58:07 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 2014/07/07 13:10:33 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2015/04/21 11:54:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Adobe O43 - CFD: 2015/09/06 00:15:47 - [] SHD -- C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2015/08/01 02:23:33 - [] D -- C:\Users\Usuario\AppData\Roaming\Apple Computer O43 - CFD: 2015/05/10 18:25:14 - [] D -- C:\Users\Usuario\AppData\Roaming\Ashampoo O43 - CFD: 2015/09/07 17:15:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASP O43 - CFD: 2015/09/05 22:50:50 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage O43 - CFD: 2015/09/05 20:24:50 - [] D -- C:\Users\Usuario\AppData\Roaming\AVAST Software O43 - CFD: 2015/04/21 11:54:51 - [] D -- C:\Users\Usuario\AppData\Roaming\br.com.nextel.apps.Fatura3G O43 - CFD: 2015/04/23 13:14:17 - [] D -- C:\Users\Usuario\AppData\Roaming\Canneverbe Limited O43 - CFD: 2014/12/31 18:29:13 - [] D -- C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 2015/06/08 01:06:24 - [] D -- C:\Users\Usuario\AppData\Roaming\Easeware O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\Users\Usuario\AppData\Roaming\help_images_otherUI O43 - CFD: 2015/08/15 15:08:44 - [0] D -- C:\Users\Usuario\AppData\Roaming\Hola O43 - CFD: 2015/09/04 22:12:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Identities O43 - CFD: 2014/07/18 23:41:07 - [] D -- C:\Users\Usuario\AppData\Roaming\Macromedia O43 - CFD: 2014/07/07 13:43:28 - [] D -- C:\Users\Usuario\AppData\Roaming\Media Player Classic O43 - CFD: 2015/07/01 02:02:28 - [] SD -- C:\Users\Usuario\AppData\Roaming\Microsoft O43 - CFD: 2014/07/30 21:26:13 - [] D -- C:\Users\Usuario\AppData\Roaming\Mozilla O43 - CFD: 2015/09/07 22:58:04 - [] D -- C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch O43 - CFD: 2015/02/16 15:00:42 - [] D -- C:\Users\Usuario\AppData\Roaming\Nero O43 - CFD: 2015/06/02 10:59:19 - [] D -- C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy O43 - CFD: 2014/07/30 21:32:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\Opera Software O43 - CFD: 2015/09/05 18:36:18 - [] D -- C:\Users\Usuario\AppData\Roaming\Origin O43 - CFD: 2015/09/05 20:42:21 - [] D -- C:\Users\Usuario\AppData\Roaming\PDFConvert O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\Users\Usuario\AppData\Roaming\PlusN O43 - CFD: 2014/07/29 21:41:00 - [] D -- C:\Users\Usuario\AppData\Roaming\Real O43 - CFD: 2014/07/29 21:36:06 - [] D -- C:\Users\Usuario\AppData\Roaming\RealNetworks O43 - CFD: 2014/07/29 21:08:04 - [0] D -- C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon O43 - CFD: 2015/08/05 01:09:41 - [] D -- C:\Users\Usuario\AppData\Roaming\Skype O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\Users\Usuario\AppData\Roaming\Softland O43 - CFD: 2015/09/05 20:08:42 - [] D -- C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage O43 - CFD: 2015/09/07 17:38:54 - [0] D -- C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak O43 - CFD: 2015/04/17 22:33:39 - [] D -- C:\Users\Usuario\AppData\Roaming\TeamViewer O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Roaming\TuneUp Software O43 - CFD: 2015/08/27 00:51:10 - [] D -- C:\Users\Usuario\AppData\Roaming\uTorrent O43 - CFD: 2014/08/04 09:34:35 - [] D -- C:\Users\Usuario\AppData\Roaming\vlc O43 - CFD: 2015/09/08 00:55:06 - [] D -- C:\Users\Usuario\AppData\Roaming\WeatherTool O43 - CFD: 2015/06/23 00:51:53 - [0] D -- C:\Users\Usuario\AppData\Roaming\WebExtend O43 - CFD: 2014/09/24 11:02:58 - [0] D -- C:\Users\Usuario\AppData\Roaming\WinRAR O43 - CFD: 2015/09/08 01:03:58 - [] D -- C:\Users\Usuario\AppData\Roaming\ZHP O43 - CFD: 2015/06/29 04:50:34 - [] SHD -- C:\Users\Usuario\AppData\Local\.# O43 - CFD: 2015/09/05 07:18:39 - [] D -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600 O43 - CFD: 2015/04/21 11:52:05 - [] D -- C:\Users\Usuario\AppData\Local\Adobe O43 - CFD: 2014/10/16 23:13:53 - [] D -- C:\Users\Usuario\AppData\Local\Apple O43 - CFD: 2014/10/16 23:22:22 - [] D -- C:\Users\Usuario\AppData\Local\Apple Computer O43 - CFD: 2015/08/08 22:27:00 - [] D -- C:\Users\Usuario\AppData\Local\Ares O43 - CFD: 2015/05/10 18:25:19 - [] D -- C:\Users\Usuario\AppData\Local\ashampoo O43 - CFD: 2015/09/04 12:50:42 - [] D -- C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper O43 - CFD: 2015/09/04 12:48:36 - [] D -- C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 2015/09/08 00:06:11 - [] D -- C:\Users\Usuario\AppData\Local\cu O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Dados de Aplicativos O43 - CFD: 2015/09/04 12:20:25 - [] D -- C:\Users\Usuario\AppData\Local\Diagnostics O43 - CFD: 2014/09/20 21:37:06 - [0] D -- C:\Users\Usuario\AppData\Local\DriverToolkit O43 - CFD: 2015/08/15 14:59:05 - [] D -- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieSiteList O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieUserList O43 - CFD: 2015/04/29 15:13:13 - [] D -- C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo O43 - CFD: 2015/04/15 12:01:09 - [] D -- C:\Users\Usuario\AppData\Local\GAS Tecnologia O43 - CFD: 2015/09/04 12:50:36 - [] D -- C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/08/02 08:38:59 - [] D -- C:\Users\Usuario\AppData\Local\Google O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Histórico O43 - CFD: 2015/08/10 15:12:34 - [] D -- C:\Users\Usuario\AppData\Local\Hola O43 - CFD: 2015/09/04 12:48:38 - [] D -- C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia O43 - CFD: 2015/09/05 23:12:15 - [] D -- C:\Users\Usuario\AppData\Local\Intel O43 - CFD: 2015/09/04 12:58:07 - [] D -- C:\Users\Usuario\AppData\Local\macasoft O43 - CFD: 2015/09/05 22:45:55 - [] D -- C:\Users\Usuario\AppData\Local\mbot_br_014010080 O43 - CFD: 2015/09/04 22:12:10 - [] D -- C:\Users\Usuario\AppData\Local\Microsoft O43 - CFD: 2014/07/07 13:10:20 - [0] D -- C:\Users\Usuario\AppData\Local\Microsoft Help O43 - CFD: 2014/07/30 21:26:16 - [] D -- C:\Users\Usuario\AppData\Local\Mozilla O43 - CFD: 2015/02/16 16:05:12 - [] D -- C:\Users\Usuario\AppData\Local\Nero O43 - CFD: 2015/02/16 15:01:03 - [] D -- C:\Users\Usuario\AppData\Local\Nero_AG O43 - CFD: 2015/09/04 12:59:57 - [0] D -- C:\Users\Usuario\AppData\Local\Opera Software O43 - CFD: 2015/09/05 18:36:33 - [] D -- C:\Users\Usuario\AppData\Local\Origin O43 - CFD: 2014/07/07 11:42:14 - [] D -- C:\Users\Usuario\AppData\Local\Packages O43 - CFD: 2014/07/07 13:02:31 - [] D -- C:\Users\Usuario\AppData\Local\Programs O43 - CFD: 2014/07/07 13:07:16 - [] D -- C:\Users\Usuario\AppData\Local\Skype O43 - CFD: 2015/07/01 22:46:01 - [] D -- C:\Users\Usuario\AppData\Local\TeamViewer O43 - CFD: 2015/09/08 01:05:00 - [] D -- C:\Users\Usuario\AppData\Local\Temp O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Temporary Internet Files O43 - CFD: 2014/11/08 01:47:51 - [] D -- C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Local\TuneUp Software O43 - CFD: 2015/06/29 04:46:42 - [] D -- C:\Users\Usuario\AppData\Local\VirtualStore O43 - CFD: 2015/09/04 13:01:42 - [] D -- C:\Users\Usuario\AppData\Local\VLCUpdate O43 - CFD: 2015/09/08 00:05:58 - [] D -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F} O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage O43 - CFD: 2013/08/22 12:36:32 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/06/03 06:06:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Invasion Season 6 Epi1 O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/03/22 16:48:30 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Últimos arquivos criados no Windows Prefetcher (7) - 25s O45 - LFCP:[MD5.1F15B736DC5B7E8A2EA95EA81F91B3B2] 2015/09/07 23:24:10 A -- C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect O45 - LFCP:[MD5.35221E842637E064BC8C0EE06632A727] 2015/09/04 12:51:43 A -- C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser O45 - LFCP:[MD5.71EDFEDF1BA780205B1467988F66A393] 2015/09/04 12:53:20 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate O45 - LFCP:[MD5.C633A403FD75D637B814535A927A1FF0] 2015/09/04 13:00:33 A -- C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser O45 - LFCP:[MD5.863DE1C0CE7452AB52F2B125D626CE01] 2015/09/05 20:26:27 A -- C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware O45 - LFCP:[MD5.D637D86E43BE665ABD492D563B8FB20D] 2015/09/05 20:38:34 A -- C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware O45 - LFCP:[MD5.7FB87DDD43AD25E61B6EB8FED3EFB826] 2015/09/07 17:14:32 A -- C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak ---\\ Lista dos drivers do sistema (50) - 6s O58 - SDL:2013/08/22 09:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] © O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] © O58 - SDL:2013/08/22 09:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] © O58 - SDL:2013/08/22 09:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] © O58 - SDL:2013/08/22 09:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] © O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] © O58 - SDL:2015/09/05 20:20:25 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] © O58 - SDL:2015/09/05 22:52:22 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] © O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] © O58 - SDL:2013/08/12 20:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] © O58 - SDL:2013/08/22 09:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] © O58 - SDL:2014/12/31 16:56:48 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283064] © O58 - SDL:2013/08/22 09:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] © O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240] © O58 - SDL:2013/08/22 09:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] © O58 - SDL:2013/07/30 15:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] © O58 - SDL:2013/07/25 16:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] © O58 - SDL:2013/08/09 21:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] © O58 - SDL:2013/08/22 09:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] © O58 - SDL:2015/05/26 21:02:50 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5375448] © O58 - SDL:2012/10/02 09:34:28 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528] © O58 - SDL:2013/04/26 04:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880] O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] © O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] © O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] © O58 - SDL:2013/08/22 09:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] © O58 - SDL:2015/01/16 17:22:32 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl64.sys [23040] © O58 - SDL:2013/06/18 11:46:02 A . (.JMicron Technology Corp. - JMicron NDIS6.30 Driver.) -- C:\Windows\System32\drivers\NETJME.sys [137728] O58 - SDL:2013/08/22 09:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] © O58 - SDL:2013/08/22 09:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] © O58 - SDL:2014/02/18 17:43:42 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3867224] © O58 - SDL:2014/01/10 07:08:56 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [3068120] © O58 - SDL:2013/08/22 12:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] © O58 - SDL:2015/06/04 03:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984] O58 - SDL:2013/08/22 09:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] © O58 - SDL:2013/08/22 09:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] © O58 - SDL:2013/08/22 09:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] © O58 - SDL:2013/08/22 09:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] © O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] © O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] © O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] © O58 - SDL:2013/08/22 09:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] © ---\\ Últimos ficheiros alterados ou criados (Utilizador) (43) - 92s O61 - LFC: 2015/09/08 00:05:34 A . (..) -- C:\Users\Usuario\AppData\Roaming\5.exe [1587531] O61 - LFC: 2015/09/07 04:36:52 A . (.TODO: .) -- C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe [375808] =>PUP.Optional.StartSearch O61 - LFC: 2015/09/05 20:44:08 A . (..) -- C:\Users\Usuario\AppData\Local\opeline.exe [77312] O61 - LFC: 2015/09/08 00:05:58 A . (.Alexander Roshal.) -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F}\Unrar.exe [309848] O61 - LFC: 2015/09/06 01:22:55 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992] O61 - LFC: 2015/09/07 12:56:08 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\cb369ad7b027b8588a356348424ef3c4[1].exe [85598] O61 - LFC: 2015/09/04 12:48:28 A . (.C.L.A.R.A.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe [152688] =>PUP.Optional.SupTab O61 - LFC: 2015/09/07 12:56:22 A . (.CinePlus-1.44V07.09.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\setup[1].exe [13889904] O61 - LFC: 2015/09/04 13:01:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\vlcDisN[1].exe [257184] O61 - LFC: 2015/09/04 12:56:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe [1079196] =>PUP.Optional.Downware O61 - LFC: 2015/09/06 23:27:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\W1[1].exe [1587531] O61 - LFC: 2015/09/07 12:56:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\4bbda52393b575e64d530bd478a6717b[1].exe [59769] O61 - LFC: 2015/09/07 23:03:12 A . (.AnyProtect.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe [6434816] =>PUP.Optional.AnyProtect O61 - LFC: 2015/09/04 12:47:51 A . (.ClaraLabs.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe [926832] =>PUP.Optional.BoBrowser O61 - LFC: 2015/09/05 20:13:23 A . (.YFFGH.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe [284672] =>PUP.Optional.ReImageRepair O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\runasu[1].exe [479232] O61 - LFC: 2015/09/07 22:58:33 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\setup_362[2].exe [254464] O61 - LFC: 2015/09/07 12:54:26 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\tiwr[1].exe [82914] O61 - LFC: 2015/09/07 23:00:33 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Validate[1].exe [61981] O61 - LFC: 2015/09/07 12:54:35 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4ba4c7c85b016c4112353cb428af62e9[1].exe [67295] O61 - LFC: 2015/09/06 23:02:51 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4diXZO[1].exe [1628019] O61 - LFC: 2015/09/05 23:27:42 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\bc595c310903369e50e3e112aefc06dc[1].exe [67786] O61 - LFC: 2015/09/07 23:00:16 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\BiTool[1].dll [0] O61 - LFC: 2015/09/07 22:58:11 A . (.WillLink.net.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe [350328] =>PUP.Optional.StartSearch O61 - LFC: 2015/09/07 22:58:15 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\df4a6a3ed77e60d6758afca091ca0c1f[1].exe [83223] O61 - LFC: 2015/09/04 12:55:16 A . (.OperaChecker.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\OperaChecker25-6[1].exe [50225] O61 - LFC: 2015/09/04 12:56:42 A . (.Optimal Software s.r.o..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\pcspeedup[1].exe [2889583] O61 - LFC: 2015/09/07 17:13:08 A . (.systweak.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\rcpsetup_17970[1].exe [4445480] O61 - LFC: 2015/09/05 20:13:55 A . (.MEIDX.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe [112640] =>PUP.Optional.ReImageRepair O61 - LFC: 2015/09/07 22:58:02 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\SearchUpdater[1].exe [124154] O61 - LFC: 2015/09/07 23:00:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\smt[2].exe [211114] O61 - LFC: 2015/09/05 23:27:00 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\8a919eab391df79420aa04a8eab4a225[1].exe [74207] O61 - LFC: 2015/09/07 23:02:31 A . (.CMI Limited.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe [613255] =>PUP.Optional.AnyProtect O61 - LFC: 2015/09/05 20:42:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\pdfconv[1].exe [2380368] O61 - LFC: 2015/09/04 12:55:45 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\setup[1].exe [298960] O61 - LFC: 2015/09/04 12:51:58 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Update_Notifier[1].exe [514560] O61 - LFC: 2015/09/07 00:15:19 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Validate[1].exe [61981] O61 - LFC: 2015/09/07 23:00:34 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe [228302] =>PUP.Optional.VuuPC O61 - LFC: 2015/09/05 18:32:50 A . (..) -- C:\Users\Usuario\AppData\Local\mbot_br_014010080\Download\myoffergroup_br4.exe [4191432] O61 - LFC: 2015/09/02 04:08:21 A . (..) -- C:\Users\Usuario\AppData\Local\macasoft\ntsvc.exe [109440] O61 - LFC: 2015/09/08 01:05:00 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\rnsmC3B5.exe [479232] O61 - LFC: 2015/09/04 12:51:59 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\Uninstall.exe [51745] ---\\ Associações Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de inicialização Internet (12) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/ © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Pesquisa de infeção nos navegadores da Internet (15) - 1s O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.newtab.url", "http://www.mystartsearch.com/newtab/?type=nt&ts=1441677446&z=c166da768c5193ed39bc5fdg7z3zdg7qdm3m[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.uid", "ST500LM012XHN-M500MBB_S2ZYJ9BF301169"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1441677446&z=c166da768c5193ed39bc5fdg7z[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.startup.homepage", "http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9[...] =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {86c83f9e-48a4-4cd2-a763-64fea5df35f7} - (Baixaki) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Yahoo! (Avast)) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {9B7E7224-E90A-4DDC-BAB5-3E1BA9B10F1E} - (Yahoo) - http://search.yahoo.com/ O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser ---\\ Listagem dos serviços iniciados pelo Svchost (36) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [208896] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [324608] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1311744] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1104384] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [903168] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [109568] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [150528] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [107008] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1214976] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [70656] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [220160] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [326656] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [81408] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [97792] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [339456] © O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Estrutura de Localização do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] © O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1576960] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [50688] © O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] © O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\Windows\System32\ncasvc.dll [164352] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [101376] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [534528] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [223744] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\sens.dll [71680] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [433664] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [306688] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3408384] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\Windows\System32\qmgr.dll [1017856] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [629760] © O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [183296] © O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464] © ---\\ Lista das exceções do FireWall (FirewallRules) (37) - 8s O87 - FAEL: "{E1BD2A40-E2F6-48C6-AD02-8805BA0903F2}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{210D7DAE-88DC-481D-B7CC-7C61048BEE39}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{4814FCF4-5096-4833-8EEC-2D5C29A4DE17}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{4C6C616A-271E-4712-BE9E-4B8A64F387CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{9A267A55-90BA-401E-AF47-1945D175F233}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{7F1E6C94-F340-4C5D-BED1-E580ACA0C93B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{74EF8B76-583A-4A14-A4E2-8D824C30D57C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{F7774D6D-28F3-4781-8C3C-739B3B3D2AEF}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{43121148-DD49-4804-B7E5-C719A8035EAA}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{F7AA6F13-24C2-401C-9F9D-B0A5AF20A410}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico O87 - FAEL: "{A5F6F663-0C61-4ADD-8673-908455629424}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.) O87 - FAEL: "{1A800430-B91B-4B6E-8B1D-75E922A08A68}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.) O87 - FAEL: "{F99ACA02-C991-405A-8D86-64C141263A2B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.) O87 - FAEL: "{2B7F5B03-057B-4E7B-B19C-DB7B06D2E4D3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.) O87 - FAEL: "TCP Query User{3A6FA88F-05D0-4510-9195-A31F15627317}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "UDP Query User{F1D1E0BF-D43E-427B-89D4-6540A772DEB5}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "TCP Query User{DB08F5CE-7CF0-4C9F-97FF-664B3D6DEC11}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "UDP Query User{5B3B67C0-97E6-43FE-A879-4D37DC8333BC}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.) O87 - FAEL: "{3E681E18-277A-40C1-A4BA-B75FEEAACC91}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.) O87 - FAEL: "{578000EB-97D7-4048-8A3F-930CF8FC9152}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.) O87 - FAEL: "{A16C3730-7DA6-4B45-A73D-9B08F267E6A8}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Chromium\Application\chrome.exe (.not file.) O87 - FAEL: "{257D6602-4544-4CFF-BBF7-727797B61911}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.) O87 - FAEL: "{48A77A51-0A68-42E5-9F61-CFEFF06EC89C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.) O87 - FAEL: "{B5C4D06D-7F12-4EE6-B34F-C07F8C908109}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.) O87 - FAEL: "{430C7100-78AE-41EE-9D72-2E51D1EACEDB}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.) O87 - FAEL: "{67C7A295-EBF6-4059-93BC-00A2F399CE1F}" [In-None-P6-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.) O87 - FAEL: "{EF7DD9D1-81AF-4FD4-A932-330FDAFD3A00}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.) O87 - FAEL: "TCP Query User{AF42ED1A-3D18-43C9-AC9D-D18E71D9E4CA}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "UDP Query User{B59305B2-5B2E-4CEB-96AE-ED593DEDF0F8}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "{D2B90792-A79F-48C8-AD7C-F0DB8930377B}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{2F45F081-A080-4EF7-9488-9DA287CD30BA}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{1EEC1E25-6F12-46D6-ADF2-528F3F13C3D7}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{EA10A06B-493F-45C2-8510-498486DA31DA}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{11F60FB4-C41B-4157-8833-FF5AD674AA2B}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{62323EE3-D449-4B28-AAD7-5DF38B19E086}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "TCP Query User{0C6489BA-5BB8-4491-878F-2161790978D3}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "UDP Query User{36096AC1-D582-43A2-81B7-0582EBB890E7}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.) ---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (29) - 74s SR - Auto [2014/12/03 03:31:16] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SR - Auto [2015/05/29 18:51:26] [ 77128] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe © SR - Auto [2015/09/05 20:20:12] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © SR - Auto [2011/08/30 23:05:32] [ 462184] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe © SR - Auto [2015/09/07 13:12:18] [ 721920] Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider SS - Demand [2015/06/04 22:21:38] [ 280680] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe © SR - Auto [2015/07/16 05:52:52] [ 413848] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe SR - Auto [2015/08/12 18:25:54] [ 587576] Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe SS - Auto [2015/09/05 20:43:50] [ 120832] Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider SR - Auto [2015/09/07 16:52:32] [ 721920] Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider SS - Auto [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [2012/04/24 14:37:56] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe © SR - Demand [2015/08/13 02:43:14] [ 644880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe © SS - Auto [2015/09/05 20:43:52] [ 227328] Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider SS - Disabled [2015/06/04 15:40:20] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe © SR - Auto [2014/07/15 08:46:00] [ 786256] Nero Update (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe © SS - Auto [2015/09/05 20:43:57] [ 379904] NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © SR - Auto [2015/09/07 22:58:18] [ 411648] SSFK (SSFK) . (.TODO: <公司名>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch SR - Auto [2015/07/16 05:45:02] [ 105112] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe SR - Auto [2015/08/07 03:30:32] [ 5611280] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe © SR - Auto [2015/04/23 06:52:54] [ 76264] TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe SS - Auto [2015/09/05 20:44:02] [ 137728] Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider SS - Auto [2015/09/05 20:44:08] [ 77312] Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe SS - Demand [2015/07/16 05:52:52] [ 413848] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe SR - Auto [2015/09/07 22:58:12] [ 709288] WdsManPro Service (WdsManPro) . (.DTools LIMITED.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager SR - Auto [2015/09/06 16:32:50] [ 663040] Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider ---\\ Claves Tracing (2) - 4s HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam ---\\ Scâner Aditional (134) - 0s C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WdsManPro C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.Optional.ShopperPro C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro HKLM\SYSTEM\CurrentControlSet\Services\cikepiqu =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\goxezecy =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\jimocoso =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office HKLM\SYSTEM\CurrentControlSet\Services\NixSrv =>PUP.Optional.Amonetize C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize HKLM\SYSTEM\CurrentControlSet\Services\SSFK =>PUP.Optional.MyWebSearch C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch HKLM\SYSTEM\CurrentControlSet\Services\totyseku =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\Util Steel Cut =>PUP.Optional.SteelCut* HKLM\SYSTEM\CurrentControlSet\Services\WdsManPro =>PUP.Optional.WpManager C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager HKLM\SYSTEM\CurrentControlSet\Services\wimikimo =>PUP.Optional.CrossRider HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebProtectorPlus =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect =>PUP.Optional.AnyProtect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdateWPP =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebProtector =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\Torch =>PUP.Optional.Torch HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector C:\Program Files (x86)\predm =>PUP.Optional.Downware C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe =>PUP.Optional.StartSearch C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe =>PUP.Optional.SupTab C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe =>PUP.Optional.Downware C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe =>PUP.Optional.BoBrowser C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe =>PUP.Optional.ReImageRepair C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe =>PUP.Optional.StartSearch C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe =>PUP.Optional.ReImageRepair C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe =>PUP.Optional.AnyProtect C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe =>PUP.Optional.VuuPC HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam ---\\ Resumo dos elementos encontrados na sua estação de trabalho (56) - 0s http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>PUP.Optional.WdsManPro http://www.nicolascoolman.fr/pup-shopperpro/ =>PUP.Optional.ShopperPro http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/blog =>PUP.Optional.BoBrowser http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect http://www.nicolascoolman.fr/hijacker-office/ =>PUP.Optional.Office http://www.nicolascoolman.fr/pup-amonetize/ =>PUP.Optional.Amonetize http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.SteelCut* http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtector http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse http://www.nicolascoolman.fr/blog =>PUP.Optional.DownChecker http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBestOffersToday http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak http://www.nicolascoolman.fr/pup-termBlazer/ =>PUP.Optional.TermBlazer http://www.nicolascoolman.fr/pup-optional-termcoach =>PUP.Optional.TermCoach http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive http://www.nicolascoolman.fr/pup-bprotector/ =>PUP.Optional.BProtector http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser http://www.nicolascoolman.fr/blog =>PUP.Optional.Gameo http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBrowser http://www.nicolascoolman.fr/adware-installcore/ =>Adware.InstallCore http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtect http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser http://www.nicolascoolman.fr/blog =>PUP.Optional.ASPackage http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserHelper http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair http://www.nicolascoolman.fr/pup-vuupc/ =>PUP.Optional.VuuPC http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser http://www.nicolascoolman.fr/pup-kmspico/ =>HackTool.KMSpico http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam ~ End of the scan, 20432 items in 342 seconds (1210)(0)()